From acc036cd0d1c7aad0fc577dd5a3eaf9d13fe9623 Mon Sep 17 00:00:00 2001
From: MaximeOLIVA <maxime.oliva@etu.univ-cotedazur.fr>
Date: Thu, 9 Feb 2023 13:30:04 +0100
Subject: [PATCH] modif token lab2
---
Lab2/__pycache__/server.cpython-310.pyc | Bin 4420 -> 4719 bytes
Lab2/database.db | Bin 28672 -> 28672 bytes
Lab2/server.py | 69 +++++++++++++++++-------
3 files changed, 50 insertions(+), 19 deletions(-)
diff --git a/Lab2/__pycache__/server.cpython-310.pyc b/Lab2/__pycache__/server.cpython-310.pyc
index 3af99e8a6819cb2af0635cb1cace0ebe952112d3..9b004867109a8db67ebe33d1813dc745cabcd9d6 100644
GIT binary patch
delta 1857
zcmX@2^j?K8pO=@5fq{YH`m-m=O_CG&WEhJ!YWp*4q-dpRw=hJBr*fp|WHS|QPti@~
zjF(8|Tp+oSfsrAFDHx13^)}C9T+M36%)r3l%)r1<tir&+P{Pp6P|HxmkiwYFTqID!
zxPYmKVIgA?A6OG}FhdGUFoPzm-%G~HjqJi&%(q0-Q%mAY^0QO(;?s)qbK^5o6H`))
ziuf5A7^2v7^3&t<OG{QV7O79($gaxA#>BzM#mK_Q!o<Q<q%-*myM8?j0|Nsq%mFjN
z4p_jrkfD~LgsGXKmNA8~hM|n1$SZ{jLf0^+FlRFtd6h7OoG8iA%$UNG%~Iq6<})Gj
zSr)L?FfL>)aw}n3zy@N~GL^6_U<b3HdTW@onRJU>N>~<f)G*aBq%cV`EMzKjN?{FV
zNMQ?RNMR3VNZ|-(NZ|}-NZ|@*(B$@;e2PO_UXy`=p-75>fng<65ibJ+!^<-WcIFhu
z$v-&cg^T1E7#K7;i$FnJBoES{HCchvlY^y58N^YaoWm*WYQn(45C{r)kYWxdHbx0X
z1x79~<Y5$m1`{Z#SeS}HYO4hG6O)tkOY=(f(^E_IQxZ!OlNl!e;}#G6tOE`>c+4>s
zaf0Ft7JIdfHH<|fCCoL9&5XeeDa^qPD_Q)C!2SSPU8D+fEK89V$Z4R6D>9xe%jIF2
z$-uzynU8^ifsKiSiG`7iiG`7ak%g(ql7WGtN)p2@`ZlS#iJ3We$&8a1a7ol>z?{Tb
z!<fRDjqD^)ycm@*E?@>Fty-oUrXqtHrW9sLh8m_6Mli_&CRxEG8<=F5WJuwd!&b{&
z!cxQB%$UNN21><T!3-(f!3>%_$lhTDMapCaZj0<91CW=%-eX1bo)IW<@_`aAC=BDl
z&MpEaL`{|=VUP}W5CMv*TdZY?Ii;yZoFD-(0m^Sh<_ruB<)D~TfQQcH{oK-QAn_`Z
z$q%?iCad%DPUhs{6*mRxG{X#F4IUXri^&_=g(pYwh;vT>sj>nQ4wG+lOV@*)WS0!`
z2`GPqFdG8{1IUfwoZ5juaGg*B*Sv&r0ZR=i7n^4?)H0_t)UwntxiG{E)UwvFf`gqE
z6znN1bC_zGYd{&thIt_)BSWD=30n<IGh+%XD6DIkiXGqvIUr{cO-_{1pX|shBcliM
z3nKK{kwbrS39l6!B%CL2;nfkgXJBBM2MSG4`2$I7li%{nGult)<x>Y25Fo#U{oMlg
zH*x_1PF&1I4k?fV!XbqjTu?ZaFfU*MXLeBXva4YL`7?zjo2f_zoY$Fc7)qEIutLNa
zG8WmCFfU+($Vh@pKTuh~T+3X;oLyvvtw7M^g8JDJl$Q9x@fBZ`nw(jXnVMH}izTl#
zC#OgT6bPUU1WAX6ATB7wX|f|13?NZxuKUZUiYOvf`OWJ0fPzJhfq?;3Ja90wF*5yU
zV`BQp#mvIU!^pwN$0!CWCcxz>sGulvXJBAR2Bj7l2Bjc)=qZ6RE=LJN79%LWYZ<~B
zY8ZkU7{M@wsg@xU%-3Z0D*|T#O$H|h22CcgTW_&L3ije6ZIFAxSpiId^8={lxC(MA
z4+8@O6C)2J3k%y{Hc(liHMxy{t>ZnA94PVfFp4l1f&6oeBR)PiF*7edK15UM7He8g
zVsUm66Ub<AkqJ@@u0x9aL1NyMO9V_*K!qH*AOx2{;7nNL0FnkJAh6eqv?d=HFlTg`
h{9iyrUYv`OkC%&)PXbEIaxrp9aBy<4vVk1<4*+>EZ1VsB
delta 1539
zcmaE_azu$QpO=@5fq{XcclV>@Ht~skGK^Upwfz|tQaMtzvYCoDr)Z~g#*3$NE|6Hr
zz{rro6b#0iI-3_Uu4c_)VPIfzW?*0_)?#2_C}CK@xR9ZiA%(Gqp^TwOxP)l|a}7fZ
zqa?#Z#v(zmR_0)a6qaBHO;*1mbp{58A|4Q-3L@kf7#K8JikLxcc@V+Rz`zj2o|B&*
zpI=&{$ylU3`2f2r9|sc$BOfCRBMTD?Q<3K6&+Pj3AT6vgcg(|dhi?iK*gd`}%n-VS
zsfHniNs^(NF@+_YrN|r1XGY>PFJOVY+p~mu0V|AG%UHs^fDO(An`0r#P{WkXRODX5
zynwxiv4$aqS(0HPQ;};5YcN9!TQEZkdoV)^M=(PQCxoxb1@Zjka~#sbQVa|XE18OT
z85kH|o&kAVj$twfr#z=72Q(-qTXA|aGZ!gO?&g&BHeg_22m}SU3<CoL2a^P&0wW(7
z@-PZO0|gW?EKEfpl~t1ZiOI?NrFkX#>8U09DTyVC`Zgu`*{OMU$&8cVa!MG2i~+@3
z4Z}jlTE-g2A|6m!)G#)KqM0$6VI`Aa5h!*vnTtTtQKUaPl*^+&gMoqJGY10$0~Zqu
zBNrnJQ;{hH14ES}PTTZtQgahCbL^6tKq(E1K}m-l7HwhBXahN<NV9}t0aFd*LdIIA
z8m1!k8YWN@s$l{}Sq)PPvpFchQ&_+xE0|=HWJqD3!&b{&!d%1L%$UNF268_rxVeHE
zG`anX7(u~1IfL6)3L4g#Qy3W-AYNmEcujBeUT$eNaH15Re2-h6*O-BUp%4_-peULw
zz$48D5~-4zY{(<Rg%Xb921SOTs51g3VOU5pFfiN_OHVC{FD*_jiqB0gE>28OjR%KA
zk;&xAJX!*+AU$Rv!VVOCDj<XFVFqIjGBySV22ikpb6gp6kXfPxnO+IQ0%lME7U^X&
z)H0_t)UwntxiG{E)UwvFf&-Hk6qqT@bC_zGYgiVr)G#k(WMn85FVSbMVF6_ePyp62
z6`R8iGDl9$njDZIEi#`xk5@)q8{`LT5CKjrY_I^m#%l!&P%%CoURwqRhCWb$g0lML
zP(FD^+sUPT>frnf@)_7yc~D;=l_RFm{A&u$zoy9L3OLmomoR~IEGXkK78#Z>EntOZ
zL`Y6w$P7+O`k=B0*(0EA>7~gD$&W?$pc02497XX(smYlInW=dtMW8%V#0T;n*o(R#
z7RU#hY|tDE5`gB8HhxubUfs-Zro9~GRRwT9<zQrEWcts>#PpAknT3&$Q4Ew<!9^G-
zw-&ifUL~-Waqr{^L0M(VTdZk0iN)DPpsWJ102JepAoT`W<vw|apozRDhzZK%;JjA^
yN}5HWWK;wS<sz5K9|X-AohEAtX~>FkG4gS6G4csRX$dYy4p9zPHbx#smVW>a6*PMQ
diff --git a/Lab2/database.db b/Lab2/database.db
index 9861d56e4ec1021e1661cf9fb09ba4bf5562a22c..6ec2df962c98e8c989c5014c632fc9621491b4d7 100644
GIT binary patch
delta 406
zcmZp8z}WDBae_3X-$WT_RzC*4aIcLi^Y{fs7+Cq{vh(}$xAV>AyTN~Wv!Fm1A2+`x
zGl#gOsHmi-;$%5_b(Xxcg2c&}<eXR-7#PeaOUSS0)Mw?8<QJ6`R-ZgUUX(RAvBDvJ
z@&<VkF$OT;Vqjok;y=y6e~<q(|5E;?n*|kS@C&PfmE|U8=IABo=Yq@<nY>%ylaH0Z
zmx2En|2_WA{PX#HHw!9M^9u<wt23e~XPrFXK9z@wzlni=Cw~*a2*1c?K?Qbx^E~z9
z48J5-&)^{cP(#azpb`T^zcf$Jyd;ZK@AUNW)HE;8)XY*8qZk+%EGGN;Z<FES<!0dD
z&R@)L!uOVMJ6|K8H=ii)S>8%sCtmK&f&#C3giLu@8H_cxlM@pY6N^)dQw$9!JI0GC
mW~Aoiq!tyW7Ue6Hq!yQ$a${4)kEUvKWo(rYFAq3?pacMy^KJ70
delta 237
zcmZp8z}WDBae_3X>qHr6R#yhSXp@a8^Z5A=GO+O7VCDDaZ|4``yRlhNp@)x)-<QFL
zUsO`qP<8S|dC|!^^1>`BX(?%wFUdKvm@;#SPnM8h&B0&{Rw4{lA}DKUWXymBxEL51
znEAIe@ZaM<&A)xKV8Tj%7GY*>#>u<&J$YF8=QHph<G;thnScIfL4|()$@A?~xtRIA
z82EScH}QLI7F4j|XE9@D4xQ}hzfFRRw~~Q>JAX013Ex}3?R<@V-h86GXL&0(D+<K&
PZmx{265<6}2e%ynAc8m5
diff --git a/Lab2/server.py b/Lab2/server.py
index e693669..98ccdfd 100644
--- a/Lab2/server.py
+++ b/Lab2/server.py
@@ -68,9 +68,9 @@ def sign_in():
@app.route("/users/sign_out", methods = ['POST'])
def sign_out():
- data = request.get_json()
- if('token' in data):
- if database_helper.log_out(data['token']):
+ token = get_token_from_header()
+ if(token != 1):
+ if database_helper.log_out(token):
return "", 200
else:
return "", 401
@@ -81,11 +81,12 @@ def sign_out():
@app.route("/account/change_password", methods = ['PUT'])
def change_password():
data = request.get_json()
- if('token' in data and 'oldPassword' in data and 'newPassword' in data):
+ token = get_token_from_header()
+ if('oldPassword' in data and 'newPassword' in data and token != 1):
if(len(data['oldPassword']) > 5 and len(data['newPassword']) > 5):
- if database_helper.is_online(data['token']):
- email = database_helper.tokenToEmail(data['token'])
- password = database_helper.tokenToPassword(data['token'])
+ if database_helper.is_online(token):
+ email = database_helper.tokenToEmail(token)
+ password = database_helper.tokenToPassword(token)
if(data['oldPassword'] == password):
if database_helper.change_password(email, data['newPassword']):
return "", 204
@@ -101,17 +102,27 @@ def change_password():
return "", 400
-@app.route("/account/get/data/<token>", methods = ['GET'])
-def get_user_data_token(token):
+@app.route("/account/get/data", methods = ['GET'])
+def get_user_data_token():
+ token = get_token_from_header()
+
+ if token == 1:
+ return "", 400
+
email = database_helper.tokenToEmail(token)
if email:
- return get_user_data_email(token, email)
+ return get_user_data_email(email)
else:
return "", 401
-@app.route("/account/get/data/<token>/<email>", methods = ['GET'])
-def get_user_data_email(token, email):
+@app.route("/account/get/data/<email>", methods = ['GET'])
+def get_user_data_email(email):
+ token = get_token_from_header()
+
+ if token == 1:
+ return "", 400
+
if database_helper.is_online(token):
data = database_helper.get_data_email(email)
if data:
@@ -130,17 +141,27 @@ def get_user_data_email(token, email):
return "", 401
-@app.route("/account/get/message/<token>", methods = ['GET'])
-def get_user_message_token(token):
+@app.route("/account/get/message", methods = ['GET'])
+def get_user_message_token():
+ token = get_token_from_header()
+
+ if token == 1:
+ return "", 400
+
email = database_helper.tokenToEmail(token)
if email:
- return get_user_message_email(token, email)
+ return get_user_message_email(email)
else:
return "", 401
-@app.route("/account/get/message/<token>/<email>", methods = ['GET'])
-def get_user_message_email(token, email):
+@app.route("/account/get/message/<email>", methods = ['GET'])
+def get_user_message_email(email):
+ token = get_token_from_header()
+
+ if token == 1:
+ return "", 400
+
if database_helper.is_online(token):
data = database_helper.get_messages_email(email)
#this user has message(s)
@@ -167,10 +188,11 @@ def get_user_message_email(token, email):
@app.route("/account/post_message", methods = ['POST'])
def post_message():
data = request.get_json()
- if('token' in data
+ token = get_token_from_header()
+ if(token != 1
and 'message' in data
and 'email_recipient' in data):
- email_sender = database_helper.tokenToEmail(data['token'])
+ email_sender = database_helper.tokenToEmail(token)
if email_sender:
if(data['email_recipient'] == "null"):
data['email_recipient'] = email_sender
@@ -188,6 +210,15 @@ def post_message():
return "", 400
+def get_token_from_header():
+ try:
+ token = request.headers['token']
+ except:
+ token = 1
+
+ return token
+
+
def generate_token():
characters = string.ascii_letters + string.digits
return ''.join(random.choices(characters, k=36))
--
GitLab