LukasForst/main.py

## main.py
import base64
import os
import time
from functools import wraps

from flask import Flask, request, session

app = Flask(__name__)
app.secret_key = base64.b64encode(os.urandom(32))

books = {
    "1": {
        "name": "Book #1",
        "owner": "user_a"
    },
    "2": {
        "name": "Book #2",
        "owner": "user_b"
    },
    "3": {
        "name": "Book #3",
        "owner": "user_a"
    },
    "4": {
        "name": "Book #4",
        "owner": "user_b"
    },
}

users = {
    "user_a": "some_pwd",
    "user_b": "asdzdasz"
}


def check_password(body: dict) -> str:
    username = body['username']
    password = body['password']
    correct_password = users[username]
    for idx, letter in enumerate(password):
        if letter != correct_password[idx]:
            raise Exception('Unauthorized')
        time.sleep(0.2)
    return username


def require_auth(f):
    @wraps(f)
    def decorated(*args, **kwargs):
        user = session.get('user', None)
        if not user:
            return {'message': 'unauthorized'}, 401
        return f(*args, **kwargs)

    return decorated


@app.route("/book/", methods=['GET'])
@require_auth
def get_books():
    user = session['user']
    return {'books': [b for _, b in books.items() if b['owner'] == user]}


@app.route("/book/<book_id>", methods=['GET'])
@require_auth
def get_book(book_id):
    book = books[book_id]
    if not book:
        return {'message': 'book not found'}, 404
    elif book['owner'] != session['user']:
        return {'message': 'Book does not belong to you!'}, 403
    else:
        return book


@app.route("/login", methods=['POST'])
def login():
    body = request.json
    try:
        session['user'] = check_password(body)
        return {'user': session['user']}
    except:
        pass
    return {'message': 'unauthorized'}, 401


if __name__ == '__main__':
    app.run(debug=True, port=8080)
	import base64
	import os
	import time
	from functools import wraps

	from flask import Flask, request, session

	app = Flask(__name__)
	app.secret_key = base64.b64encode(os.urandom(32))

	books = {
	"1": {
	"name": "Book #1",
	"owner": "user_a"
	},
	"2": {
	"name": "Book #2",
	"owner": "user_b"
	},
	"3": {
	"name": "Book #3",
	"owner": "user_a"
	},
	"4": {
	"name": "Book #4",
	"owner": "user_b"
	},
	}

	users = {
	"user_a": "some_pwd",
	"user_b": "asdzdasz"
	}


	def check_password(body: dict) -> str:
	username = body['username']
	password = body['password']
	correct_password = users[username]
	for idx, letter in enumerate(password):
	if letter != correct_password[idx]:
	raise Exception('Unauthorized')
	time.sleep(0.2)
	return username


	def require_auth(f):
	@wraps(f)
	def decorated(args, *kwargs):
	user = session.get('user', None)
	if not user:
	return {'message': 'unauthorized'}, 401
	return f(args, *kwargs)

	return decorated


	@app.route("/book/", methods=['GET'])
	@require_auth
	def get_books():
	user = session['user']
	return {'books': [b for _, b in books.items() if b['owner'] == user]}


	@app.route("/book/<book_id>", methods=['GET'])
	@require_auth
	def get_book(book_id):
	book = books[book_id]
	if not book:
	return {'message': 'book not found'}, 404
	elif book['owner'] != session['user']:
	return {'message': 'Book does not belong to you!'}, 403
	else:
	return book


	@app.route("/login", methods=['POST'])
	def login():
	body = request.json
	try:
	session['user'] = check_password(body)
	return {'user': session['user']}
	except:
	pass
	return {'message': 'unauthorized'}, 401


	if __name__ == '__main__':
	app.run(debug=True, port=8080)