Appointments sind jetzt geschützt

frontend/lib/src/model/appointment.dart

@@ -29,7 +29,6 @@ class Appointment {
   String note = "";
 
   Map<String,dynamic> toJson() => {
-        'id' :id,
         'name': name,
         'year': year,
         'month': month,

frontend/lib/src/view/components/calendar_main.css

@@ -15,7 +15,7 @@ h4{
 }
 
 table tr {
-    height: 7vw;
+    height: 10vh;
 }
 
 table{

frontend/lib/src/view/components/login_component.dart

@@ -36,7 +36,7 @@ class LoginComponent implements OnInit, OnActivate {
   Future<void> login() async {
     loggedIn = true;
     AppComponent.showButtons = true;
-    //await _registerService.login(username,password);
+    await _registerService.login(username,password);
     await _router.navigate('/dashboard');
 
 

frontend/lib/src/view/services/appointment_service.dart

@@ -11,10 +11,17 @@ class AppointmentService {
   // request to middlemand
   AppointmentService(this._http);
 
-  static final _headers = {'Content-Type': 'application/json'};
-
   static const _appointmentUrl = host + '/appointments'; // URL to web API
   final Client _http;
+  static const _type = MapEntry('Content-Type', 'application/json');
+
+  // getter for the Authorization
+  Map<String,String> get _headers => Map.fromEntries(
+      [MapEntry("Authorization", "$_tokenType $_tokenAuth"), _type]);
+
+  String get _tokenType => window.localStorage["token_type"];
+
+  String get _tokenAuth => window.localStorage["access_token"];
 
   ///Liest die Daten aus einer Response
   dynamic _extractData(Response resp) => json.decode(resp.body);
@@ -26,20 +33,20 @@ class AppointmentService {
   ///Updatet einen bereits existierenden Termin
   ///Erstellt einen neuen Termin mit gegebenen Namen
   Future<Appointment> update(Appointment appointment) async {
-    final response = await _http.put(_appointmentUrl,
-        headers: _headers, body: json.encode(appointment.toJson()));
-    return Appointment.fromJson(
-        _extractData(response as Response) as Map<String, dynamic>);
+    // Add security Header
+    final Response response = await _http.put(_appointmentUrl,
+        headers: _headers, body: json.encode(appointment.toJson())) as Response;
+    if(response.statusCode == 200){
+      return Appointment.fromJson(
+          _extractData(response as Response) as Map<String, dynamic>);
+    }
   }
 
   ///Löscht den Termin mit gegebener id
   Future<void> delete(int id) async {
-    try {
-      final url = '$_appointmentUrl/$id';
-      await _http.delete(url, headers: _headers);
-    } catch (e) {
-      throw _handleError(e);
-    }
+    // Add security Header
+    final url = '$_appointmentUrl/$id';
+    await _http.delete(url, headers: _headers);
   }
 
   Future<Appointment> get(int id) async {
@@ -50,19 +57,21 @@ class AppointmentService {
 
   Future<List<Appointment>> getByDate(int year, int month, [int day]) async {
     final Response response = (day != null)
-        ? await _http.get('$_appointmentUrl/lookup/$year/$month/$day')
+        ? await _http.get('$_appointmentUrl/lookup/$year/$month/$day',headers: _headers)
             as Response
-        : await _http.get('$_appointmentUrl/lookup/$year/$month') as Response;
+        : await _http.get('$_appointmentUrl/lookup/$year/$month',headers: _headers) as Response;
     return (_extractData(response) as List)
         .map((value) => Appointment.fromJson(value as Map<String, dynamic>))
         .toList();
   }
 
   Future<List<Appointment>> getAll() async {
-    final Response response = await _http.get('$_appointmentUrl') as Response;
-    return (_extractData(response) as List)
-        .map((value) => Appointment.fromJson(value as Map<String, dynamic>))
-        .toList();
+    final Response response =
+        await _http.get("$_appointmentUrl", headers: _headers) as Response;
+    print(response.statusCode.toString());
+      return (_extractData(response) as List)
+          .map((value) => Appointment.fromJson(value as Map<String, dynamic>))
+          .toList();
   }
 
   ///Gibt den Termin mit der gegebenen id zurück
@@ -77,7 +86,7 @@ class AppointmentService {
 
   Future<List<Appointment>> search(String term) async {
     try {
-      final response = await _http.get('$_appointmentUrl');
+      final response = await _http.get('$_appointmentUrl',headers: _headers);
       final List<Appointment> appointments =
           (_extractData(response as Response) as List)
               .map((json) => Appointment.fromJson(json as Map<String, dynamic>))

frontend/lib/src/view/services/register_service.dart

@@ -47,12 +47,11 @@ class RegisterService {
           "Authorization": "Basic $clientCredentials"
         },
         body: body);
-    print(response.body);
     final Map<String,dynamic> jsonMap = json.decode(response.body as String) as Map<String, dynamic>;
-
+    capitalize(String s) => s[0].toUpperCase() + s.substring(1);
     window.localStorage.addAll({
       "access_token": jsonMap["access_token"] as String,
-      "token_type": jsonMap["token_type"] as String,
+      "token_type": capitalize(jsonMap["token_type"] as String),
       "expires_in": (jsonMap["expires_in"] as int).toString()
     });
   }

middleman/lib/controller/appointment_controller.dart

@@ -18,6 +18,7 @@ class AppointmentController extends ResourceController {
   // getall
   @Operation.get()
   Future<Response> getAllAppointments() async {
+    logger.warning(request.body.toString());
     final appointmentQuery = Query<Appointment>(context);
     final appointments = await appointmentQuery.fetch();
     if (appointments == null) {
@@ -66,6 +67,7 @@ class AppointmentController extends ResourceController {
 
   @Operation.post()
   Future<Response> newAppointment() async {
+    logger.warning(request.body.toString());
     final Map<String, dynamic> body = await request.body.decode();
     final query = Query<Appointment>(context)..values.read(body,ignore: ["id"]);
     final insertedApp = await query.insert();