Skip to content

lsmescolotto/q3-sprint6-autenticacao-e-autorizacao-lsmescolotto

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
app
app
 
 
migrations
migrations
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Autorization and Authentication

Technologies

This project was developed using the following technologies:

Prerequisites

Install:

- Python 3.9 - Pip library

To get started

Follow the steps:

Clone into the repository and go into project's folder:

```bash $ git clone https://github.com/Kenzie-Academy-Brasil-Developers/q3-sprint6-autenticacao-e-autorizacao-lsmescolotto $ cd q3-sprint6-autenticacao-e-autorizacao-lsmescolotto ```

Create virtual enviroment:

```bash $ python -m venv venv ```

Activate virtual enviroment:

``` $ source venv/bin/activate ```

Install libraries:

```bash $ pip install -r requirements.txt ```

Run flask:

```bash $ flask run ```

Start sending requests:

  • Use an API request sending platform like Insomnia

base URL

http://127.0.0.1:5000/api

Endpoints

This API has 5(five) endpoints to: signup, signin, update user, delete user and get user info.

Authentication not required routes

User Sign Up


POST /signup - REQUEST FORMAT

{
"name": "Jane",
"last_name": "Doe",
"email": "janedoe@email.com",
"password": "123456"
}

If the request is corret, the user will be signed up:

POST /signup - REPONSE FORMAT - STATUS 201

{
"email": "janedoe@mail.com",
"last_name": "Doe",
"name": "Jane"
}

If the email adress is already in use:

STATUS 400

{"message":"Email already exists"}

User Sign In


POST /signin - REQUEST FORMAT

{
  "email": "janedoe@email.com",
  "password": "123456"
}

If the request is corret, the user will be signed in: POST /signin - RESPONSE FORMAT - STATUS 201 Flask-JWT-Extended

{
  "accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6ImphbmVkb2VAbWFpbC5jb20iLCJpYXQiOjE2NDMyNTAwMDAsImV4cCI6MTY0MzI1MzYwMCwic3ViIjoiMyJ9.z90xWRIE7pfKRsw-YqqqUtRxBZGtBPgSZ63yqW04qSc"
}

Flask-HTTPAuth

{
  "api_key": "eyJhbGciOiJIUzI"
}

If the user is not signed up, it will not be possible to login:

STATUS 404

{"message": "user not found"}

If the password is not corret:

STATUS 400

{ "message": "Unauthorized" }

Authorization required routes 🔐

These routes need to have the token in the request Header "Authotization" field: Authorization: Bearer {token}

Update user


PUT - REQUEST FORMAT

{
  "name": "Johana",
  "last_name": "Doe",
  "email": "johanadoe@mail.com",
  "password": "123456"
}

If the request is corret, the user will be updated: PUT - RESPONSE FORMAT - STATUS 200

{
  "name": "Johana",
  "last_name": "Doe",
  "email": "johanadoe@mail.com",
  "password": "123456"
}

If the user is not found: STATUS 404

{ "message": "user not found" }

If the token is not corret:

STATUS 400

{ "message": "Unauthorized" }

Get user


GET - REQUEST FORMAT No Body

GET - REPONSE FORMAT - STATUS 200

{
  "email": "janedoe@mail.com",
  "last_name": "Doe",
  "name": "Jane"
}

If the user is not found: STATUS 404

{ "message": "user not found" }

If the token is not corret:

STATUS 400

{ "message": "Unauthorized" }

Delete user


DELETE - REQUEST FORMAT No Body

If the request is corret, the user will be deleted: RESPONSE FORMAT - STATUS 204 No Body

If the user is not found: STATUS 404

{ "message": "user not found" }

If the token is not corret:

STATUS 400

{ "message": "Unauthorized" }

Developed by Luiza Schmidt Mescolotto

About

Python project to study Autentication and Authorization. Developed during Kenzie Academy Brasil's full stack development course.

Topics

python flask sqlalchemy postgresql flask-httpauth flask-migrate flask-jwt-extended

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Python 94.2%
  • Mako 4.7%
  • Shell 1.1%