added RequestValidator

672e9078 · Robert Goldmann · d2d9d88c · 672e9078 · 672e9078 · 672e9078
Commit 672e9078 authored Jun 8, 2019 by Robert Goldmann
--- a/api/RequestValidator.py
+++ b/api/RequestValidator.py
+from flask import jsonify
+class ValidationError(Exception):
+    def __init__(self, message):
+        super().__init__(message)
+        self.response = jsonify({"msg": message})
+class RequestValidator:
+    @staticmethod
+    def validate(request, parameters):
+        if not request.is_json:
+            raise ValidationError("Missing JSON in request")
+        result = {}
+        for param in parameters:
+            value = request.json.get(param, None)
+            if value is None:
+                raise ValidationError("Missing parameter '{}'".format(param))
+            result[param] = value
+        return result
--- a/api/RoadmapAPIServer.py
+++ b/api/RoadmapAPIServer.py
@@ -8,6 +8,7 @@ from flask_jwt_extended import (
 )
 from gevent.pywsgi import WSGIServer
+from RequestValidator import RequestValidator, ValidationError
 from blueprints import SubTaskAPI, MilestoneAPI, TaskAPI, RoadmapAPI
 from Database import Database
 from UserService import UserService
@@ -32,21 +33,19 @@ def index():
 @app.route('/login', methods=['POST'])
 def login():
-    if not request.is_json:
+    try:
-        return jsonify({"msg": "Missing JSON in request"}), 400
+        parameters = RequestValidator.validate(request, ["username", "password"])
+    except ValidationError as e:
+        return e.response, 400
-    username = request.json.get('username', None)
+    password = userService.get_password_by_username(parameters["username"])
-    password = request.json.get('password', None)
-    if username is None:
-        return jsonify({"msg": "Missing username parameter"}), 400
    if password is None:
-        return jsonify({"msg": "Missing password parameter"}), 400
+        return jsonify({"msg": "Unknown username"}), 401
-    user = userService.get_password_by_username(username)
+    if password != parameters["password"]:
-    if user is None:
+        return jsonify({"msg": "Bad credentials"}), 401
-        return jsonify({"msg": "Bad username or password"}), 401
-    access_token = create_access_token(identity=username)
+    access_token = create_access_token(identity=parameters["username"])
    return jsonify(access_token=access_token), 200

--- a/api/blueprints/RoadmapAPI.py
+++ b/api/blueprints/RoadmapAPI.py
@@ -55,4 +55,11 @@ def construct_blueprint(database):
        roadmap["numberOfOpenMilestones"] = numberOfOpenMilestones
        return jsonify(roadmap)
+    @roadmap_api.route('/roadmap', methods=['POST'])
+    def add_roadmap():
+        database.add_roadmap()
+        return True
    return roadmap_api