Flask restful service consists of register, login, logout, reset password and some data routes. It includes a few example routes based on user, admin, or super admin access.
Pull project and install requirements to virtual environment (https://pypi.org/project/virtualenv/). Then run.
$ git clone https://github.com/melihcolpan/flask-restful-login
$ cd flask-restful-login
$ virtualenv venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python -m main
Example user, admin and super admin users are created in database initializer class. You can use these users to login, logout and data handlers. For register handler, use new user information, otherwise returns already exist user.
Test Users | Email Address | Password |
---|---|---|
User | [email protected] | test_password |
Admin | [email protected] | admin_password |
Super Admin | [email protected] | sa_password |
http POST :5000/v1/auth/register username=example_username password=example_password [email protected]
curl -H "Content-Type: application/json" --data '{"username":"example_name","password":"example_password", "email":"[email protected]"}' http://localhost:5000/v1/auth/register
http POST :5000/v1/auth/login [email protected] password=example_password
curl -H "Content-Type: application/json" --data '{"email":"[email protected]", "password":"example_password"}' http://localhost:5000/v1/auth/login
Response: Got access token and refresh token!
http POST :5000/v1/auth/logout Authorization:"Bearer ACCESS_TOKEN" refresh_token=REFRESH_TOKEN
curl -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" --data '{"refresh_token":"REFRESH_TOKEN"}' http://localhost:5000/v1/auth/logout
http POST :5000/v1/auth/password_reset Authorization:"Bearer ACCESS_TOKEN" old_pass=<OLD-PASSWORD> new_pass=<NEW-PASSWORD>
curl -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" --data '{"old_pass":"OLD-PASSWORD", "new_pass":"NEW-PASSWORD"}' http://localhost:5000/v1/auth/password_reset
There are some example routes in UserHandlers file. These handlers mostly return only text. To use them:
Route addresses according to user privileges
User Type | Route Address |
---|---|
User | /data_user |
Admin | /data_admin |
Super Admin | /data_super_admin |
http GET :5000/<ROUTE-ADDRESS> Authorization:"Bearer ACCESS_TOKEN"
curl -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" http://localhost:5000/<ROUTE-ADDRESS>
This handler searches username, email or creation dates (range) in users table and returns information these users to super admin.
http GET :5000/users Authorization:"Bearer ACCESS_TOKEN" usernames==test_username,admin_username [email protected],[email protected] start_date==01.01.1990 end_date==01.01.2050
curl -X GET 'localhost:5000/users?usernames=test_username,admin_username&[email protected],[email protected]&start_date=01.01.1990&end_date=01.01.2050' -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN"
MIT
Free Software, Hell Yeah!