generated from TempeHS/Secure_Flask_PWA_Template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapi.py
65 lines (55 loc) · 1.71 KB
/
api.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
from flask import Flask
from flask import request
from flask_cors import CORS
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
import logging
import database_manager as dbHandler
import diary_management as diary
from flask import jsonify
import sqlite3 as sql
auth_key = "4L50v92nOgcDCYUM"
api = Flask(__name__)
cors = CORS(api)
api.config["CORS_HEADERS"] = "Content-Type"
limiter = Limiter(
get_remote_address,
app=api,
default_limits=["200 per day", "50 per hour"],
storage_uri="memory://",
)
logging.basicConfig(
filename="api_security_log.log",
encoding="utf-8",
level=logging.DEBUG,
format="%(asctime)s %(message)s",
)
@api.route("/", methods=["GET"])
@limiter.limit("3/second", override_defaults=False)
def get():
content = diary.diary_get()
return (content), 200
@api.route("/add_diary", methods=["POST"])
@limiter.limit("3/second", override_defaults=False)
def post():
if request.headers.get("Authorisation") == auth_key:
data = request.get_json()
logging.debug(f"Received data: {data}")
response = diary.diary_add(data)
return response
else:
return {"error": "Unauthorised"}, 401
@api.route("/get_entry/<int:entry_id>", methods=["GET"])
@limiter.limit("3/second", override_defaults=False)
def get_entry(entry_id):
content = diary.get_entry(entry_id)
return (content), 200
@api.route("/search", methods=["GET"])
@limiter.limit("3/second", override_defaults=False)
def search():
filters = request.args.to_dict()
content = diary.diary_search(filters)
return (content), 200
api_log = logging.getLogger(__name__)
if __name__ == "__main__":
api.run(debug=False, host="0.0.0.0", port=3000)