Oauth2.0 authorization (Flask, SQLAlchemy) - Printable Version +- Python Forum (https://python-forum.io) +-- Forum: Python Coding (https://python-forum.io/forum-7.html) +--- Forum: Homework (https://python-forum.io/forum-9.html) +--- Thread: Oauth2.0 authorization (Flask, SQLAlchemy) (/thread-15243.html) |
Oauth2.0 authorization (Flask, SQLAlchemy) - oinga - Jan-09-2019 Hello! I have a repo on git hub, and I'm having issues with the authorization for the edit and delete methods. While the above repo doesn't reflect the following, I have been fiddling with the following code to sort out the issue #Edit a cuisine @app.route('/cuisine/<int:id>/edit/', methods = ['GET', 'POST']) def editCuisine(id): if 'username' not in login_session: return redirect('login') editedCuisine = session.query(Cuisine).filter_by(id = id).one() # Check if the logged in user is the owner of item creator = getUserInfo(editedCuisine.user_id) user = getUserInfo(login_session['user_id']) # If logged in user is not item owner redirect them if creator.id != login_session['user_id']: flash ("This is not yours to edit. This belongs to %s" % creator.name) return redirect(url_for('editCuisine')) # Method for posting if request.method == 'POST': if request.form['name']: editedCuisine.name = request.form['name'] if request.form['description']: editedCuisine.description = request.form['description'] flash('Cuisine Successfully Edited %s' % editedCuisine.name) return redirect(url_for('showCuisines')) else: return render_template('editCuisine.html', cuisine = editedCuisine)When I try and edit and item, I get the following error: I'm at my whits end with this , as it seems like such a simple fix. Any help would be appreciated
RE: Oauth2.0 authorization (Flask, SQLAlchemy) - nilamo - Jan-10-2019 I don't understand the subject, or how this is related to OAuth. The error is saying the column doesn't exist. Sqlalchemy doesn't (I don't think) modify tables once they're created, so if you changed your models to add new columns, then that won't be represented by the database. I'd suggest rebuilding the database and seeing if the problem goes away. RE: Oauth2.0 authorization (Flask, SQLAlchemy) - oinga - Jan-11-2019 My apologies for not showing the database code, nor the global variables defining the Auth2.0 code. I was hoping the title would get my foot in the door with someone whom was knowledgeable in auth2.0. The code above shown shows: 1. An item to be edited (executed by SQLAlchemy on a one to one database relationship) 2. A login session ID, pulled from a local user token created. 3. If the edited item column; user id (which is the key stored from the login session user id) does not equal the login session user id return an error. for reference I solved the problem by changing a little bit of the code, and defining it differently WAS: creator = getUserInfo(editedCuisine.user_id) user = getUserInfo(login_session['user_id']) # If logged in user is not item owner redirect them if creator.id != login_session['user_id']: flash ("This is not yours to edit. This belongs to %s" % creator.name) return redirect(url_for('editCuisine'))CHANGED TO: if editedCuisine.user_id != login_session['user_id']: return "<script>function myFunction() {alert('You are not authorized"\ "to edit this item. Please create your own item in order to edit.');"\ "window.location = '/cuisines';}</script><body onload='myFunction()''>"Thank you for the reply regardless . |