Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from cs50 import SQL
- from flask import Flask, flash, redirect, render_template, request, session, url_for
- from flask_session import Session
- from passlib.apps import custom_app_context as pwd_context
- from tempfile import mkdtemp
- from helpers import *
- # configure application
- app = Flask(__name__)
- # ensure responses aren't cached
- if app.config["DEBUG"]:
- @app.after_request
- def after_request(response):
- response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
- response.headers["Expires"] = 0
- response.headers["Pragma"] = "no-cache"
- return response
- # custom filter
- app.jinja_env.filters["usd"] = usd
- # configure session to use filesystem (instead of signed cookies)
- app.config["SESSION_FILE_DIR"] = mkdtemp()
- app.config["SESSION_PERMANENT"] = False
- app.config["SESSION_TYPE"] = "filesystem"
- Session(app)
- # configure CS50 Library to use SQLite database
- db = SQL("sqlite:///finance.db")
- @app.route("/")
- @login_required
- def index():
- portfolio_symbols = db.execute("SELECT shares, symbol FROM portfolio WHERE id = :id", id=session["user_id"])
- total_cash = 0
- for portfolio_symbol in portfolio_symbols:
- symbol = portfolio_symbol["symbol"]
- shares = portfolio_symbol["shares"]
- stock = lookup(symbol)
- total = shares * stock["price"]
- total_cash += total
- db.execute("UPDATE portfolio SET price=:price, total=:total WHERE id=:id AND symbol=:symbol", \
- price=usd(stock["price"]), total=usd(total), id=session["user_id"], symbol=symbol)
- # uzimamo koliko ima novca
- updated_cash = db.execute("SELECT cash FROM users WHERE id=:id", id=session["user_id"])
- # dodajemo na ukupan kes
- total_cash += updated_cash[0]["cash"]
- updated_portfolio = db.execute("SELECT * from portfolio WHERE id=:id", id=session["user_id"])
- return render_template("index.html", stocks=updated_portfolio, \
- cash=usd(updated_cash[0]["cash"]), total= usd(total_cash) )
- @app.route("/buy", methods=["GET", "POST"])
- @login_required
- def buy():
- """Buy shares of stock."""
- if request.method == "POST":
- stock = lookup(request.form.get("symbol"))
- if not stock:
- return apology("Invalid Symbol")
- try:
- shares = int(request.form.get("shares"))
- if shares < 0:
- return apology("Shares must be positive integer")
- except:
- return apology("Shares must be positive integer")
- money = db.execute("SELECT cash FROM users WHERE id = :id", \
- id=session["user_id"])
- if not money or float(money[0]["cash"]) < stock["price"] * shares:
- return apology("Not enough money")
- db.execute("INSERT INTO histories (symbol, shares, price, id) VALUES(:symbol, :shares, :price, :id)", \
- symbol=stock["symbol"], shares=shares, price=usd(stock["price"]), id=session["user_id"])
- db.execute("UPDATE users SET cash = cash - :purchase WHERE id = :id", \
- id=session["user_id"], purchase=stock["price"] * float(shares))
- user_shares = db.execute("SELECT shares FROM portfolio WHERE id = :id AND symbol=:symbol", \
- id=session["user_id"], symbol=stock["symbol"])
- if not user_shares:
- db.execute("INSERT INTO portfolio (name, shares, price, total, symbol, id) VALUES(:name, :shares, :price, :total, :symbol, :id)", \
- name=stock["name"], shares=shares, price=usd(stock["price"]), total=usd(shares * stock["price"]), \
- symbol=stock["symbol"], id=session["user_id"])
- else:
- shares_total = user_shares[0]["shares"] + shares
- db.execute("UPDATE portfolio SET shares=:shares WHERE id=:id AND symbol=:symbol", \
- shares=shares_total, id=session["user_id"], symbol=stock["symbol"])
- return redirect(url_for("index"))
- else:
- return render_template("buy.html")
- @app.route("/history")
- @login_required
- def history():
- """Show history of transactions."""
- histories = db.execute("SELECT * from histories WHERE id=:id", id=session["user_id"])
- return render_template("history.html", histories=histories)
- @app.route("/login", methods=["GET", "POST"])
- def login():
- """Log user in."""
- # forget any user_id
- session.clear()
- # if user reached route via POST (as by submitting a form via POST)
- if request.method == "POST":
- # ensure username was submitted
- if not request.form.get("username"):
- return apology("must provide username")
- # ensure password was submitted
- elif not request.form.get("password"):
- return apology("must provide password")
- # query database for username
- rows = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username"))
- # ensure username exists and password is correct
- if len(rows) != 1 or not pwd_context.verify(request.form.get("password"), rows[0]["hash"]):
- return apology("invalid username and/or password")
- # remember which user has logged in
- session["user_id"] = rows[0]["id"]
- # redirect user to home page
- return redirect(url_for("index"))
- # else if user reached route via GET (as by clicking a link or via redirect)
- else:
- return render_template("login.html")
- @app.route("/logout")
- def logout():
- """Log user out."""
- # forget any user_id
- session.clear()
- # redirect user to login form
- return redirect(url_for("login"))
- @app.route("/quote", methods=["GET", "POST"])
- @login_required
- def quote():
- """Get stock quote."""
- if request.method == "POST":
- rows = lookup(request.form.get("symbol"))
- if not rows:
- return apology("Not valid symbol")
- return render_template("quoted.html", stock=rows)
- else:
- return render_template("quote.html")
- @app.route("/register", methods=["GET", "POST"])
- def register():
- if request.method == "POST":
- # ensure username was submitted
- if not request.form.get("username"):
- return apology("must provide username")
- elif not request.form.get("password"):
- return apology("must provide password")
- elif request.form.get("password") != request.form.get("password_verify"):
- return apology("passwords must be same")
- query = db.execute("INSERT INTO users (username, hash) VALUES(:username, :hash)", username=request.form.get("username"), \
- hash=pwd_context.hash(request.form.get("password")))
- if not query:
- return apology("Username already exists")
- # remember which user has logged in
- session["user_id"] = query
- return redirect(url_for("index"))
- else:
- return render_template("register.html")
- @app.route("/sell", methods=["GET", "POST"])
- @login_required
- def sell():
- """Sell shares of stock."""
- if request.method == "GET":
- return render_template("sell.html")
- else:
- stock = lookup(request.form.get("symbol"))
- if not stock:
- return apology("Invalid Symbol")
- try:
- shares = int(request.form.get("shares"))
- if shares < 0:
- return apology("Shares must be positive integer")
- except:
- return apology("Shares must be positive integer")
- user_shares = db.execute("SELECT shares FROM portfolio WHERE id = :id AND symbol=:symbol", \
- id=session["user_id"], symbol=stock["symbol"])
- if not user_shares or int(user_shares[0]["shares"]) < shares:
- return apology("Not enough shares")
- db.execute("INSERT INTO histories (symbol, shares, price, id) VALUES(:symbol, :shares, :price, :id)", \
- symbol=stock["symbol"], shares=-shares, price=usd(stock["price"]), id=session["user_id"])
- db.execute("UPDATE users SET cash = cash + :purchase WHERE id = :id", \
- id=session["user_id"], \
- purchase=stock["price"] * float(shares))
- shares_total = user_shares[0]["shares"] - shares
- if shares_total == 0:
- db.execute("DELETE FROM portfolio \
- WHERE id=:id AND symbol=:symbol", \
- id=session["user_id"], \
- symbol=stock["symbol"])
- else:
- db.execute("UPDATE portfolio SET shares=:shares WHERE id=:id AND symbol=:symbol", \
- shares=shares_total, id=session["user_id"], symbol=stock["symbol"])
- return redirect(url_for("index"))
- @app.route("/change_pass", methods=["GET", "POST"])
- @login_required
- def change_pass():
- if request.method == "GET":
- return render_template("change_pass.html")
- else:
- if not request.form.get("old_pass"):
- return apology("must provide old password")
- elif not request.form.get("new_pass"):
- return apology("must provide new password")
- elif not request.form.get("password_verify"):
- return apology("input password again")
- elif request.form.get("new_pass") != request.form.get("password_verify"):
- return apology("passwords must be same")
- rows = db.execute("SELECT * FROM users WHERE id = :id", id=session["user_id"])
- if len(rows) != 1 or not pwd_context.verify(request.form.get("old_pass"), rows[0]["hash"]):
- return apology("invalid old password")
- query = db.execute("UPDATE users SET hash = :hash WHERE id = :id", hash=pwd_context.hash(request.form.get("new_pass")), id=session["user_id"])
- return redirect(url_for("pass_changed"))
- @app.route("/pass_changed", methods=["GET"])
- @login_required
- def pass_changed():
- return render_template("pass_changed.html")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement