Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- """
- api endpoints are defined in this file
- """
- from flask import Flask, render_template, request, \
- jsonify, abort, make_response, request, url_for, \
- flash, redirect
- from flask_restful import Resource, Api
- from functools import wraps
- import datetime
- import jwt
- from mydiary_api.mydiary import DiaryEntry, Entries, User, MyDiary
- from db_mydiary.db import MyDiary_Database()
- from mydiary_api.v1 import GetEntry
- app = Flask(__name__)
- #api = Api(app)
- NOW = datetime.datetime.now()
- app.config['SECRET_KEY'] = 'secret'
- my_diary_object = MyDiary()
- app_db = MyDiary_Database()
- def login_required(f)
- @wraps(f)
- def wrap(*args, **kwargs):
- token = request.args.get('token')
- if not token:
- return jsonify({'message' : 'You need to login first!'}), 403
- try:
- data = jwt.decode(token, app.config['SECRET_KEY'])
- except:
- return jsonify({'message' : 'You are unauthorized to acces this data!'}), 401
- return f(*args, **kwargs)
- return wrap
- """ links to the login page """
- @app.route('/login', methods=['GET', 'POST'])
- def login(email):
- email=request.json.get('email', "")
- password=request.json.get('password', "")
- app_db.cursor.execute("SELECT * from users WHERE email = %s", email;)
- row = app_db.cursor.fetchall()
- name = row[1]
- if row[3] == password:
- token = jwt.encode({'user' : name, 'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=30)}, app.config['SECRET_KEY'])
- return token
- token.decode('UTF-8')
- error = None
- if request.method == 'POST':
- #if (request.form['email'] != my_diary_object.current_user.email) or \
- # request.form['password'] != my_diary_object.current_user.password:
- # error = "Invalid Credentials"
- if not request.json or not 'entrydata' in request.json:
- abort(400)
- else:
- email=request.json.get('email', "")
- password=request.json.get('password', "")
- app_db.cursor.execute("SELECT * from users WHERE email = %s AND entry_id = %s")
- row = app_db.cursor.fetchall()
- if row == []:
- return jsonify({'login unsucessful':'Please enter a valid email and password.'})
- else:
- my_diary_object.current_user
- #flash('You were logged in.')
- return jsonify({'login':'sucessful'})
- #return redirect(url_for('home'))
- #return render_template('login.html', error=error)
- #else:
- """ this route links to the login page """
- @app.route('/registration', methods=['GET', 'POST'])
- def register():
- error = None
- if request.method == 'POST':
- #if (request.form['email'] != my_diary_object.current_user.email) or \
- # request.form['password'] != my_diary_object.current_user.password:
- # error = "Invalid Credentials"
- if not request.json or not 'email' in request.json:
- abort(400)
- else:
- name=request.json.get('name', "")
- email=request.json.get('email', "")
- password=request.json.get('password', "")
- app_db.cursor.execute("SELECT * from users WHERE email = %s AND entry_id = %s")
- #flash('You were logged in.')
- return jsonify({'login':'sucessful'})
- #return redirect(url_for('home'))
- #return render_template('login.html', error=error)
- else:
- return jsonify({'login':'unsucessful'})
- """ this route returns a single diary entry """
- @app.route('/home/api/v1/entries/<int:diary_entry_id>', methods=['GET'])
- @login_required
- def get_entry(diary_entry_id):
- """ this method outputs one entry """
- entry = my_diary_object.user_entries.getOneEntry(user_id, diary_entry_id)
- if entry == None:
- return jsonify({'error': 'Bad request, the specified entry does not exist.'})
- else:
- return jsonify({'entry':entry})
- """ this route returns all diary entries """
- @app.route('/home/api/v1/entries', methods=['GET'])
- @login_required
- def get_all_entries():
- """ this method outputs all entries """
- entry_list = my_diary_object.user_entries.getAllEntries(user_id)
- if len(entry_list) == 0:
- abort(404)
- else:
- return jsonify([{'entrylist':entry_list[:]}])
- """ this route adds single diary entry """
- @app.route('/home/api/v1/entries', methods=['POST'])
- @login_required
- def post_entry():
- """ this method creates a new entry """
- exists = False
- if not request.json or not 'entrydata' in request.json:
- abort(400)
- else:
- data=request.json.get('entrydata', "")
- title=request.json.get('entrytitle', "")
- current_time="".join(str(NOW.day)+"/"+str(NOW.month)\
- +"/"+str(NOW.year)))
- entry_id = int(my_diary_object.user_entries.entry_index) + 1
- my_diary_object.user_entries.addEntry(entry_id, user_id, title, data, current_time)
- rows = app_db.cursor.fetchall()
- for row in rows:
- if data == row[3] AND title == row[2]:
- exists = True
- if exists:
- return jsonify(['error!':'this entry already exists.'])
- else:
- entry = {
- 'entry_id': entry_id,
- 'user_id': user_id,
- 'title':title
- 'entrydata':data,
- 'datecreated':current_time
- }
- return jsonify({'entry added': entry})
- """ this route updates a single diary entry """
- @app.route('/home/api/v1/entries/<int:diary_entry_id>', \
- methods=['PUT'])
- @login_required
- def put_entry(user_id, diary_entry_id):
- """ this method updates an entry's data """
- app_db.cursor.execute("SELECT * from entries WHERE user_id = %s AND entry_id = %s")
- rows = app_db.cursor.fetchall()
- if rows == []:
- abort(404)
- elif not request.json:
- abort(400)
- elif 'entrydata' in request.json and \
- type(request.json['entrydata']) is not unicode:
- abort(400)
- elif 'title' in request.json and type(request.json['title']) is not str:
- abort(400)
- data = request.json.get('entrydata', "")
- title = request.json.get('entrytitle', "")
- current_time="".join(str(NOW.day)+"/"+str(NOW.month)\
- +"/"+str(NOW.year)))
- my_diary_object.user_entries.modifyEntry(title, data, current_time, user_id, diary_entry_id)
- entry = {
- 'entry_id': diary_entry_id,
- 'user_id': user_id,
- 'title':title
- 'entrydata':data,
- 'datecreated':current_time
- }
- return jsonify({'entry':entry})
- """ this route deletes a diary entry """
- @app.route('/home/api/v1/entries/<int:diary_entry_id>', methods=['DELETE'])
- @login_required
- def delete_entry(diary_entry_id):
- """ this method deletes an entry """
- app_db.cursor.execute("SELECT * from entries WHERE user_id = %s AND entry_id = %s")
- rows = app_db.cursor.fetchall()
- if rows == []:
- abort(404)
- my_diary_object.user_entries.deleteEntry(entry_id)
- return jsonify({'result':True})
- @app.errorhandler(404)
- def not_found(error):
- """ error handler gives more friendly errors """
- return make_response(jsonify({'error': 'Not found'}), 404)
- @app.errorhandler(400)
- def bad_request(error):
- """ error handler gives more friendly errors """
- return make_response(jsonify({'error': 'Bad request, \
- please review your input data'}), 400)
- def main(self):
- app_db.cursor.execute("""INSERT INTO users (user_id, name, email, password) VALUES (1, 'Gordon Balaaka', 'balaakagordon@gmail.com', 'password');""")
- app_db.cursor.execute("""INSERT INTO users (user_id, name, email, password) VALUES (2, 'James Bond', '007.amesbond@gmail.com', 'bondjamesbond');""")
- app_db.cursor.execute("""INSERT INTO entries (entry_id, user_id, title, data, date) VALUES (1, 1, 'My first entry', 'Today, I learned to use postgres databases', '28/07/18');""")
- app_db.cursor.execute("""INSERT INTO entries (entry_id, user_id, title, data, date) VALUES (1, 1, 'My first entry', 'Today, I integrated my database with my project', '29/07/18');""")
- #gordonbalaaka = User("Gordon Balaaka", \
- #"balaakagordon@gmail.com", \
- #"password", my_diary_object)
- #seconduser = User("Peter Crouch", \
- #"petercrouch@gmail.com", "password", my_diary_object)
- #jamesbond = User("James Bond", "007.amesbond@gmail.com", \
- #"bondjamesbond", my_diary_object)
- #my_diary_object.login("balaakagordon@gmail.com", "password")
- #entry1 = DiaryEntry(entry_list=my_diary_object.user_entries, \
- #data='this is my first entry', \
- #current_time="".join(str(NOW.day)+"/"\
- #+str(NOW.month)+"/"+str(NOW.year)))
- #entry2 = DiaryEntry(entry_list=my_diary_object.user_entries, \
- #data='this is my second entry', \
- #current_time="".join(str(NOW.day)+"/"\
- #+str(NOW.month)+"/"+str(NOW.year)))
- if __name__ == '__main__':
- app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement