Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from cs50 import SQL
- from flask import Flask, flash, redirect, render_template, request, session, url_for
- from flask_session import Session
- from passlib.apps import custom_app_context as pwd_context
- from tempfile import gettempdir
- from helpers import *
- # configure application
- app = Flask(__name__)
- # ensure responses aren't cached
- if app.config["DEBUG"]:
- @app.after_request
- def after_request(response):
- response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
- response.headers["Expires"] = 0
- response.headers["Pragma"] = "no-cache"
- return response
- # custom filter
- app.jinja_env.filters["usd"] = usd
- # configure session to use filesystem (instead of signed cookies)
- app.config["SESSION_FILE_DIR"] = gettempdir()
- app.config["SESSION_PERMANENT"] = False
- app.config["SESSION_TYPE"] = "filesystem"
- Session(app)
- # configure CS50 Library to use SQLite database
- db = SQL("sqlite:///finance.db")
- @app.route("/")
- @login_required
- def index():
- indexrow = db.execute("SELECT share, sum(sharequantity) as sharequantity FROM portfolio WHERE userid = :user_id group by share", user_id=session["user_id"])
- for i in indexrow:
- symbol = lookup(i["share"])
- price = symbol["price"]
- sharequantity = i["sharequantity"]
- total = price * sharequantity
- name = symbol["name"]
- ticker = symbol["symbol"]
- i["ticker"] = ticker
- i["price"] = price
- i["name"] = name
- i["total"] = total
- return render_template('index.html', indexrow = indexrow)
- @app.route("/buy", methods=["GET", "POST"])
- @login_required
- def buy():
- """Buy shares of stock."""
- if request.method == 'GET':
- return render_template('buy.html')
- tobuy = request.form.get('tobuy')
- amount = request.form.get('amount')
- if lookup(tobuy) == None:
- return apology("Quote doesn't exist!")
- cashrow = db.execute("SELECT * FROM users WHERE id = :user_id", user_id=session["user_id"])
- cash_user = cashrow[0]["cash"]
- sharetobuy = lookup(tobuy)
- if (sharetobuy["price"] * int(amount) > cash_user):
- return apology("Insufficient funds!")
- else:
- cash_user = cash_user - (sharetobuy["price"] * int(amount))
- db.execute('INSERT INTO userhistory (userid, share, sharequantity, price) VALUES (:userid, :share, :sharequantity, :price)', userid=session["user_id"], share=sharetobuy["symbol"], sharequantity=amount, price=sharetobuy["price"])
- db.execute('UPDATE users SET cash=:cash WHERE id=:id', cash=cash_user, id=session["user_id"])
- portfolio = db.execute('SELECT * FROM portfolio WHERE userid=:userid AND share=:share', userid=session["user_id"], share=sharetobuy["symbol"])
- if len(portfolio) == 0:
- db.execute('INSERT INTO portfolio (userid, price, share, name, sharequantity) VALUES (:userid, :price, :share, :name, :sharequantity)', userid=session["user_id"], price=sharetobuy["price"], share=sharetobuy["symbol"], name=sharetobuy["name"], sharequantity=amount )
- else:
- db.execute('UPDATE portfolio SET price=:price, sharequantity=:sharequantity WHERE userid=:userid', price=sharetobuy["price"], sharequantity=portfolio[0]["sharequantity"] + int(amount), userid=session["user_id"])
- return redirect(url_for("index"))
- @app.route("/history")
- @login_required
- def history():
- """Show history of transactions."""
- historyrow = db.execute('SELECT share, sharequantity, timestamp, price FROM userhistory WHERE userid=:user_id', user_id=session["user_id"])
- for i in historyrow:
- symbol = lookup(i["share"])
- sharequantitiy = i["sharequantity"]
- price = symbol["price"]
- ticker = symbol["symbol"]
- timestamp = i["timestamp"]
- i["ticker"] = ticker
- i["price"] = price
- return render_template('history.html', historyrow = historyrow)
- @app.route("/login", methods=["GET", "POST"])
- def login():
- """Log user in."""
- # forget any user_id
- session.clear()
- # if user reached route via POST (as by submitting a form via POST)
- if request.method == "POST":
- # ensure username was submitted
- if not request.form.get("username"):
- return apology("must provide username")
- # ensure password was submitted
- elif not request.form.get("password"):
- return apology("must provide password")
- # query database for username
- rows = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username"))
- # ensure username exists and password is correct
- if len(rows) != 1 or not pwd_context.verify(request.form.get("password"), rows[0]["hash"]):
- return apology("invalid username and/or password")
- # remember which user has logged in
- session["user_id"] = rows[0]["id"]
- # redirect user to home page
- return redirect(url_for("index"))
- # else if user reached route via GET (as by clicking a link or via redirect)
- else:
- return render_template("login.html")
- @app.route("/logout")
- def logout():
- """Log user out."""
- # forget any user_id
- session.clear()
- # redirect user to login form
- return redirect(url_for("login"))
- @app.route("/quote", methods=["GET", "POST"])
- @login_required
- def quote():
- if request.method == 'GET':
- return render_template('quote.html')
- quote = request.form.get('quote')
- quote_output = lookup(quote)
- if quote_output == None:
- return apology("TODO")
- else:
- return render_template('quoted.html', the_quote=quote_output['name'], the_price=usd(quote_output['price']), the_symbol=quote_output['symbol'])
- @app.route("/register", methods=["GET", "POST"])
- def register():
- """Register user."""
- if request.method == 'GET':
- return render_template('register.html')
- username = request.form.get('username')
- # if db.execute('SELECT * FROM users WHERE username == :username', username):
- password = request.form.get('password')
- repassword = request.form.get('repassword')
- if(password != repassword):
- return apology("Passwords don't Match!")
- else:
- # db.execute('INSERT INTO users (username, password) VALUES (:username, :password)', username=username, password=pwd_context.encrypt(password))
- db.execute('INSERT INTO users (username, hash) VALUES (:username, :password)', username=username, password=pwd_context.encrypt(password))
- return redirect(url_for('index'))
- @app.route("/sell", methods=["GET", "POST"])
- @login_required
- def sell():
- """Sell shares of stock."""
- if request.method == 'GET':
- return render_template('sell.html')
- tosell = request.form.get('tosell')
- amount = request.form.get('amount')
- if lookup(tosell) == None:
- return apology("Quote doesn't exist!")
- sharetosell = lookup(tosell)
- sellrow = db.execute('SELECT share, sum(sharequantity) as sharequantity FROM portfolio WHERE userid = :user_id group by share', user_id=session["user_id"])
- portfolio = db.execute('SELECT * FROM portfolio WHERE userid=:userid AND share=:share', userid=session["user_id"], share=sharetosell["symbol"])
- if len(portfolio) == 0:
- return apology("Not in your possession")
- if int(amount) <= 0:
- return apology("Invalid Shares")
- elif int(amount) > int(portfolio[0]["sharequantity"]):
- return apology("Too many shares")
- cashrow = db.execute("SELECT * FROM users WHERE id = :user_id", user_id=session["user_id"])
- cash_user = cashrow[0]["cash"]
- cash_user = cash_user + (sharetosell["price"] * int(amount))
- db.execute('INSERT INTO userhistory(userid, share, sharequantity, price) VALUES (:userid, :share, :sharequantity, :price)', userid=session["user_id"], share=sharetosell["symbol"], sharequantity=int(amount)*(-1), price=sharetosell["price"])
- db.execute('UPDATE users SET cash=:cash WHERE id=:id', cash=cash_user, id=session["user_id"])
- db.execute('UPDATE portfolio SET sharequantity=:sharequantity WHERE userid=:userid', sharequantity=portfolio[0]["sharequantity"] - int(amount), userid=session["user_id"])
- checker = db.execute('SELECT * FROM portfolio WHERE sharequantity=0')
- if checker != 0:
- db.execute('DELETE FROM portfolio WHERE sharequantity=0')
- return redirect(url_for("index"))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement