"Refactor guest blueprint and related database schema"
This commit is contained in:
@@ -2,6 +2,7 @@ import json
|
||||
from datetime import datetime, timedelta
|
||||
from flask import Blueprint, render_template, request, jsonify, redirect, url_for, abort, session, flash
|
||||
from flask_login import current_user, login_required
|
||||
from flask_wtf.csrf import exempt
|
||||
from functools import wraps
|
||||
from sqlalchemy import desc
|
||||
|
||||
@@ -64,6 +65,7 @@ def guest_request_status(request_id):
|
||||
|
||||
# API-Endpunkte
|
||||
@guest_blueprint.route('/api/guest/requests', methods=['POST'])
|
||||
@exempt # CSRF-Schutz ausschließen für Guest-API
|
||||
def api_create_guest_request():
|
||||
"""Neue Gastanfrage erstellen."""
|
||||
data = request.get_json()
|
||||
@@ -130,6 +132,7 @@ def api_create_guest_request():
|
||||
return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500
|
||||
|
||||
@guest_blueprint.route('/api/guest/requests/<int:request_id>', methods=['GET'])
|
||||
@exempt # CSRF-Schutz ausschließen für Guest-API
|
||||
def api_get_guest_request(request_id):
|
||||
"""Status einer Gastanfrage abrufen."""
|
||||
try:
|
||||
@@ -239,51 +242,44 @@ def api_deny_request(request_id):
|
||||
return jsonify({"error": "Fehler beim Verarbeiten der Anfrage"}), 500
|
||||
|
||||
@guest_blueprint.route('/api/jobs/start/<string:otp>', methods=['POST'])
|
||||
@exempt # CSRF-Schutz ausschließen für OTP-basierte API
|
||||
def api_start_job_with_otp(otp):
|
||||
"""Job mit OTP-Code starten."""
|
||||
if not otp:
|
||||
return jsonify({"error": "Kein OTP-Code angegeben"}), 400
|
||||
|
||||
"""Job mit OTP starten."""
|
||||
try:
|
||||
with get_cached_session() as db_session:
|
||||
# Alle Gastanfragen mit approved-Status durchsuchen
|
||||
guest_requests = db_session.query(GuestRequest).filter_by(status="approved").all()
|
||||
# OTP validieren und Job finden
|
||||
guest_request = db_session.query(GuestRequest).filter_by(otp_code=otp).first()
|
||||
if not guest_request:
|
||||
return jsonify({"error": "Ungültiger oder abgelaufener Code"}), 400
|
||||
|
||||
valid_request = None
|
||||
for req in guest_requests:
|
||||
if req.verify_otp(otp):
|
||||
valid_request = req
|
||||
break
|
||||
if not guest_request.job_id:
|
||||
return jsonify({"error": "Kein Job mit diesem Code verknüpft"}), 400
|
||||
|
||||
if not valid_request:
|
||||
return jsonify({"error": "Ungültiger OTP-Code"}), 400
|
||||
|
||||
# Zugehörigen Job laden
|
||||
job = db_session.query(Job).filter_by(id=valid_request.job_id).first()
|
||||
# Job laden
|
||||
job = db_session.query(Job).filter_by(id=guest_request.job_id).first()
|
||||
if not job:
|
||||
return jsonify({"error": "Kein Job für diese Anfrage gefunden"}), 404
|
||||
return jsonify({"error": "Job nicht gefunden"}), 404
|
||||
|
||||
# Grace-Period prüfen (5 Minuten nach geplantem Start)
|
||||
now = datetime.now()
|
||||
grace_end = job.start_at + timedelta(minutes=5)
|
||||
|
||||
if now > job.end_at:
|
||||
return jsonify({"error": "Der Job ist bereits abgelaufen"}), 400
|
||||
# Job-Status prüfen
|
||||
if job.status != "scheduled":
|
||||
return jsonify({"error": "Job kann nicht gestartet werden"}), 400
|
||||
|
||||
# Job starten
|
||||
job.status = "running"
|
||||
job.status = "active"
|
||||
job.start_at = datetime.now()
|
||||
|
||||
# OTP-Code nach Verwendung löschen
|
||||
valid_request.otp_code = None
|
||||
# OTP als verwendet markieren (optional: OTP löschen)
|
||||
guest_request.otp_used_at = datetime.now()
|
||||
|
||||
db_session.commit()
|
||||
|
||||
logger.info(f"Job {job.id} mit OTP-Code gestartet")
|
||||
logger.info(f"Job {job.id} mit OTP {otp} gestartet")
|
||||
|
||||
return jsonify({
|
||||
"success": True,
|
||||
"job_id": job.id,
|
||||
"status": "running"
|
||||
"status": job.status,
|
||||
"started_at": job.start_at.isoformat()
|
||||
})
|
||||
|
||||
except Exception as e:
|
||||
|
||||
Reference in New Issue
Block a user