API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 29th, 2018
190
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.94 KB | None | 0 0
raw download clone embed print report
  1. """
  2. api endpoints are defined in this file
  3. """
  4.  
  5. from flask import Flask, render_template, request, \
  6. jsonify, abort, make_response, request, url_for, \
  7. flash, redirect
  8. from flask_restful import Resource, Api
  9. from functools import wraps
  10. import datetime
  11. import jwt
  12.  
  13. from mydiary_api.mydiary import DiaryEntry, Entries, User, MyDiary
  14. from db_mydiary.db import MyDiary_Database()
  15. from mydiary_api.v1 import GetEntry
  16.  
  17.  
  18.  
  19. app = Flask(__name__)
  20. #api = Api(app)
  21. NOW = datetime.datetime.now()
  22.  
  23. app.config['SECRET_KEY'] = 'secret'
  24.  
  25. my_diary_object = MyDiary()
  26. app_db = MyDiary_Database()
  27.  
  28. def login_required(f)
  29. @wraps(f)
  30. def wrap(*args, **kwargs):
  31. token = request.args.get('token')
  32.  
  33. if not token:
  34. return jsonify({'message' : 'You need to login first!'}), 403
  35. try:
  36. data = jwt.decode(token, app.config['SECRET_KEY'])
  37. except:
  38. return jsonify({'message' : 'You are unauthorized to acces this data!'}), 401
  39. return f(*args, **kwargs)
  40. return wrap
  41.  
  42. """ links to the login page """
  43. @app.route('/login', methods=['GET', 'POST'])
  44. def login(email):
  45. email=request.json.get('email', "")
  46. password=request.json.get('password', "")
  47. app_db.cursor.execute("SELECT * from users WHERE email = %s", email;)
  48. row = app_db.cursor.fetchall()
  49. name = row[1]
  50. if row[3] == password:
  51. token = jwt.encode({'user' : name, 'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=30)}, app.config['SECRET_KEY'])
  52. return token
  53.  
  54. token.decode('UTF-8')
  55.  
  56. error = None
  57. if request.method == 'POST':
  58. #if (request.form['email'] != my_diary_object.current_user.email) or \
  59. # request.form['password'] != my_diary_object.current_user.password:
  60. # error = "Invalid Credentials"
  61. if not request.json or not 'entrydata' in request.json:
  62. abort(400)
  63. else:
  64. email=request.json.get('email', "")
  65. password=request.json.get('password', "")
  66. app_db.cursor.execute("SELECT * from users WHERE email = %s AND entry_id = %s")
  67. row = app_db.cursor.fetchall()
  68. if row == []:
  69. return jsonify({'login unsucessful':'Please enter a valid email and password.'})
  70. else:
  71. my_diary_object.current_user
  72. #flash('You were logged in.')
  73. return jsonify({'login':'sucessful'})
  74. #return redirect(url_for('home'))
  75. #return render_template('login.html', error=error)
  76. #else:
  77.  
  78.  
  79. """ this route links to the login page """
  80. @app.route('/registration', methods=['GET', 'POST'])
  81. def register():
  82. error = None
  83. if request.method == 'POST':
  84. #if (request.form['email'] != my_diary_object.current_user.email) or \
  85. # request.form['password'] != my_diary_object.current_user.password:
  86. # error = "Invalid Credentials"
  87. if not request.json or not 'email' in request.json:
  88. abort(400)
  89. else:
  90. name=request.json.get('name', "")
  91. email=request.json.get('email', "")
  92. password=request.json.get('password', "")
  93. app_db.cursor.execute("SELECT * from users WHERE email = %s AND entry_id = %s")
  94. #flash('You were logged in.')
  95. return jsonify({'login':'sucessful'})
  96. #return redirect(url_for('home'))
  97. #return render_template('login.html', error=error)
  98. else:
  99. return jsonify({'login':'unsucessful'})
  100.  
  101.  
  102. """ this route returns a single diary entry """
  103. @app.route('/home/api/v1/entries/<int:diary_entry_id>', methods=['GET'])
  104. @login_required
  105. def get_entry(diary_entry_id):
  106. """ this method outputs one entry """
  107. entry = my_diary_object.user_entries.getOneEntry(user_id, diary_entry_id)
  108. if entry == None:
  109. return jsonify({'error': 'Bad request, the specified entry does not exist.'})
  110. else:
  111. return jsonify({'entry':entry})
  112.  
  113.  
  114. """ this route returns all diary entries """
  115. @app.route('/home/api/v1/entries', methods=['GET'])
  116. @login_required
  117. def get_all_entries():
  118. """ this method outputs all entries """
  119. entry_list = my_diary_object.user_entries.getAllEntries(user_id)
  120. if len(entry_list) == 0:
  121. abort(404)
  122. else:
  123. return jsonify([{'entrylist':entry_list[:]}])
  124.  
  125.  
  126. """ this route adds single diary entry """
  127. @app.route('/home/api/v1/entries', methods=['POST'])
  128. @login_required
  129. def post_entry():
  130. """ this method creates a new entry """
  131. exists = False
  132. if not request.json or not 'entrydata' in request.json:
  133. abort(400)
  134. else:
  135. data=request.json.get('entrydata', "")
  136. title=request.json.get('entrytitle', "")
  137. current_time="".join(str(NOW.day)+"/"+str(NOW.month)\
  138. +"/"+str(NOW.year)))
  139. entry_id = int(my_diary_object.user_entries.entry_index) + 1
  140. my_diary_object.user_entries.addEntry(entry_id, user_id, title, data, current_time)
  141. rows = app_db.cursor.fetchall()
  142. for row in rows:
  143. if data == row[3] AND title == row[2]:
  144. exists = True
  145. if exists:
  146. return jsonify(['error!':'this entry already exists.'])
  147. else:
  148. entry = {
  149. 'entry_id': entry_id,
  150. 'user_id': user_id,
  151. 'title':title
  152. 'entrydata':data,
  153. 'datecreated':current_time
  154. }
  155. return jsonify({'entry added': entry})
  156.  
  157.  
  158. """ this route updates a single diary entry """
  159. @app.route('/home/api/v1/entries/<int:diary_entry_id>', \
  160. methods=['PUT'])
  161. @login_required
  162. def put_entry(user_id, diary_entry_id):
  163. """ this method updates an entry's data """
  164. app_db.cursor.execute("SELECT * from entries WHERE user_id = %s AND entry_id = %s")
  165. rows = app_db.cursor.fetchall()
  166. if rows == []:
  167. abort(404)
  168. elif not request.json:
  169. abort(400)
  170. elif 'entrydata' in request.json and \
  171. type(request.json['entrydata']) is not unicode:
  172. abort(400)
  173. elif 'title' in request.json and type(request.json['title']) is not str:
  174. abort(400)
  175. data = request.json.get('entrydata', "")
  176. title = request.json.get('entrytitle', "")
  177. current_time="".join(str(NOW.day)+"/"+str(NOW.month)\
  178. +"/"+str(NOW.year)))
  179. my_diary_object.user_entries.modifyEntry(title, data, current_time, user_id, diary_entry_id)
  180. entry = {
  181. 'entry_id': diary_entry_id,
  182. 'user_id': user_id,
  183. 'title':title
  184. 'entrydata':data,
  185. 'datecreated':current_time
  186. }
  187. return jsonify({'entry':entry})
  188.  
  189. """ this route deletes a diary entry """
  190. @app.route('/home/api/v1/entries/<int:diary_entry_id>', methods=['DELETE'])
  191. @login_required
  192. def delete_entry(diary_entry_id):
  193. """ this method deletes an entry """
  194. app_db.cursor.execute("SELECT * from entries WHERE user_id = %s AND entry_id = %s")
  195. rows = app_db.cursor.fetchall()
  196. if rows == []:
  197. abort(404)
  198. my_diary_object.user_entries.deleteEntry(entry_id)
  199. return jsonify({'result':True})
  200.  
  201. @app.errorhandler(404)
  202. def not_found(error):
  203. """ error handler gives more friendly errors """
  204. return make_response(jsonify({'error': 'Not found'}), 404)
  205.  
  206. @app.errorhandler(400)
  207. def bad_request(error):
  208. """ error handler gives more friendly errors """
  209. return make_response(jsonify({'error': 'Bad request, \
  210. please review your input data'}), 400)
  211.  
  212. def main(self):
  213. app_db.cursor.execute("""INSERT INTO users (user_id, name, email, password) VALUES (1, 'Gordon Balaaka', 'balaakagordon@gmail.com', 'password');""")
  214. app_db.cursor.execute("""INSERT INTO users (user_id, name, email, password) VALUES (2, 'James Bond', '007.amesbond@gmail.com', 'bondjamesbond');""")
  215. app_db.cursor.execute("""INSERT INTO entries (entry_id, user_id, title, data, date) VALUES (1, 1, 'My first entry', 'Today, I learned to use postgres databases', '28/07/18');""")
  216. app_db.cursor.execute("""INSERT INTO entries (entry_id, user_id, title, data, date) VALUES (1, 1, 'My first entry', 'Today, I integrated my database with my project', '29/07/18');""")
  217. #gordonbalaaka = User("Gordon Balaaka", \
  218. #"balaakagordon@gmail.com", \
  219. #"password", my_diary_object)
  220. #seconduser = User("Peter Crouch", \
  221. #"petercrouch@gmail.com", "password", my_diary_object)
  222. #jamesbond = User("James Bond", "007.amesbond@gmail.com", \
  223. #"bondjamesbond", my_diary_object)
  224. #my_diary_object.login("balaakagordon@gmail.com", "password")
  225. #entry1 = DiaryEntry(entry_list=my_diary_object.user_entries, \
  226. #data='this is my first entry', \
  227. #current_time="".join(str(NOW.day)+"/"\
  228. #+str(NOW.month)+"/"+str(NOW.year)))
  229. #entry2 = DiaryEntry(entry_list=my_diary_object.user_entries, \
  230. #data='this is my second entry', \
  231. #current_time="".join(str(NOW.day)+"/"\
  232. #+str(NOW.month)+"/"+str(NOW.year)))
  233.  
  234.  
  235. if __name__ == '__main__':
  236. app.run(debug=True)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!