def stock(stock_id=''):
res = ApiResponse()
try:
if request.method == 'GET':
if stock_id:
stock = Stock.query.get_or_404(stock_id)
res.data = stock.full_dict()
else:
res.data = [
s.full_dict() for s in Stock.query.filter_by(
user_id=get_jwt_identity()).all()
]
elif request.method == 'POST':
body = should_look_like(stock_schema)
stock = Stock(user_id=get_jwt_identity(), **body)
stock.save()
res.status = 201
elif request.method == 'PUT':
body = should_look_like(stock_schema)
stock.update_name(body['name'])
stock.save()
res.status = 201
elif request.method == 'DELETE':
stock = Stock.query.get_or_404(stock_id)
stock.delete()
except HTTPException as exc:
return exc
except BaseException as exc:
print(exc)
abort(500)
return res
def login():
res = ApiResponse()
try:
body = should_look_like(user_credentials_schema)
app_user = AppUser.get_by_email(body['email'])
if app_user and pbkdf2_sha256.verify(body['password'],
app_user.pw_hash):
res.data = {
'refresh_token':
create_refresh_token(identity=app_user.id,
expires_delta=timedelta(days=1)),
'access_token':
create_access_token(identity=app_user.id,
user_claims={'email': app_user.email},
expires_delta=timedelta(hours=1)),
}
res.status = 200
else:
res.status = 401
res.pub_msg = 'Email or password was not recognized'
except HTTPException as exc:
return exc
except BaseException as exc:
abort(500)
return res
def packaging_state(packaging_state_id=''):
res = ApiResponse()
try:
if request.method == 'GET':
res.data = [x for x in PackagingState.query.all()]
elif request.method == 'POST':
body = should_look_like(packaging_kind_schema)
packaging_state = PackagingState(**body)
packaging_state.save()
res.status = 201
elif request.method == 'PUT':
body = should_look_like(packaging_state_schema)
packaging_state = PackagingState.query.get_or_404(
packaging_state_id)
packaging_state.update_name(body['name'])
packaging_state.save()
elif request.method == 'DELETE':
packaging_state = PackagingState.query.get_or_404(
packaging_state_id)
packaging_state.delete()
except HTTPException as exc:
return exc
except BaseException as exc:
abort(500)
return res
def user_session():
res = ApiResponse()
id_token = request.cookies.get('id_token')
if id_token:
res.data = id_token
return res
abort(403)
def get_tags():
res = ApiResponse()
db = get_db()
res.data = [
dict(row) for row in db.execute('SELECT * FROM tag').fetchall()
]
return res
def food_kind(kind_id=''):
res = ApiResponse()
try:
if request.method == 'GET':
if kind_id:
res.data = FoodKind.query.get_or_404(kind_id).full_dict()
else:
res.data = [
x.full_dict() for x in FoodKind.query.filter_by(
user_id=get_jwt_identity()).all()
]
elif request.method == 'POST':
body = should_look_like(food_kind_schema)
food_kind = FoodKind(**body)
food_kind.user_id = get_jwt_identity()
food_kind.save()
res.status = 201
elif request.method == 'PUT':
body = should_look_like(food_kind_schema)
food_kind = FoodKind.query.get_or_404(kind_id)
if str(food_kind.user_id) != get_jwt_identity():
res.status = 401
res.pub_msg = 'You do not have permission to update this "food kind"'
else:
food_kind.update_name(body['name'])
food_kind.unit_of_measurement_id = body[
'unit_of_measurement_id']
food_kind.serving_size = body['serving_size']
print(food_kind.unit_of_measurement_id)
food_kind.save()
elif request.method == 'DELETE':
msg, status = helpers.delete_food_kind(kind_id=kind_id,
user_id=get_jwt_identity(),
force=request.args.get(
'force', False))
res.pub_msg = msg
res.status = status
except HTTPException as exc:
print(str(exc))
return exc
except BaseException as exc:
print(exc)
abort(500)
return res
def get_units_of_measure():
res = ApiResponse()
try:
res.data = UnitOfMeasurement.query.all()
except HTTPException as exc:
return exc
except BaseException as exc:
print(exc)
abort(500)
return res
def refresh_access():
res = ApiResponse()
try:
app_user = AppUser.query.get(get_jwt_identity())
res.data = create_access_token(identity=app_user.id,
user_claims={'email': app_user.email},
expires_delta=timedelta(hours=1))
except HTTPException as exc:
return exc
except:
abort(500)
return res
def recipes():
res = ApiResponse()
try:
db = get_db()
query = db.execute('SELECT * FROM recipe')
res.data = [dict(row) for row in query.fetchall()]
return res
except BaseException as e:
res.status = 500
if current_app.config['ENV'] == 'development':
res.message = str(e)
return res
def tag(id=None):
body = request.get_json()
res = ApiResponse()
try:
db = get_db()
if request.method == 'GET':
query = '''SELECT * FROM recipe JOIN recipe_tag
ON recipe.id = recipe_tag.recipe_id
WHERE recipe_tag.tag_id = ?'''
res.data = [
dict(row) for row in db.execute(query, [id]).fetchall()
]
return res
elif request.method == 'POST':
try:
query = 'INSERT INTO tag (id, name) VALUES (?, ?)'
db.execute(query, [uuid.uuid4().hex, body['name']])
db.commit()
res.status = 201
except BaseException as e:
msg = str(e)
if msg.startswith('UNIQUE constraint failed'):
res.status = 200
else:
res.status = 500
return res
elif request.method == 'PUT':
pass
elif request.method == 'DELETE':
pass
except BaseException as e:
res.status = 500
if current_app.config['ENV'] == 'development':
res.message = str(e)
return res
def food_category(category_id=''):
res = ApiResponse()
try:
if request.method == 'GET':
res.data = [cat for cat in FoodCategory.query.all()]
elif request.method == 'POST':
body = should_look_like(food_category_schema)
cat = FoodCategory(**body)
cat.save()
res.status = 201
elif request.method == 'PUT':
body = should_look_like(food_category_schema)
cat = FoodCategory.query.get_or_404(category_id)
cat.update_name(body['name'])
cat.save()
elif request.method == 'DELETE':
cat = FoodCategory.query.get_or_404(category_id)
cat.delete()
except HTTPException as exc:
return exc
except BaseException as exc:
abort(500)
return res
def recipe(id=''):
res = ApiResponse()
try:
db = get_db()
if request.method == 'GET':
sql = 'SELECT * FROM recipe WHERE id = ?'
res.data = db.execute(sql, (id, )).fetchone()
return res
elif request.method == 'POST':
body = request.get_json()
id = uuid.uuid4().hex
date_created = datetime.utcnow()
title = body.get('title')
unique_title = body.get('unique_title')
description = body.get('description')
markdown = body.get('markdown')
html = body.get('html')
query1 = db.execute('SELECT * FROM recipe WHERE unique_title = ?',
[unique_title])
exists = query1.fetchone()
if exists:
res.message = 'There is already a recipe called "{}". Please choose another title'.format(
title)
res.status = 400
return res
else:
query2 = '''INSERT INTO recipe (
id,
date_created,
title,
unique_title,
description,
markdown,
html
) VALUES (?,?,?,?,?,?,?)
'''
db.execute(query2, (id, date_created, title, unique_title,
description, markdown, html))
db.commit()
res.data = dict(id=id, date_created=date_created)
res.status = 201
return res
elif request.method == 'PUT':
body = request.get_json()
title = body.get('title')
unique_title = body.get('unique_title')
description = body.get('description')
markdown = body.get('markdown')
html = body.get('html')
query1 = db.execute(
'SELECT * FROM recipe WHERE unique_title = ? AND id != ?',
[unique_title, id])
exists = query1.fetchone()
if exists:
res.message = 'There is already a recipe called "{}". Please choose another title'.format(
title)
res.status = 400
return res
else:
query2 = '''
UPDATE recipe SET
date_updated=:date_updated,
title=:title,
unique_title=:unique_title,
description=:description,
markdown=:markdown,
html=:html
WHERE id=:id'''
db.execute(
query2, {
'date_updated': datetime.utcnow(),
'title': title,
'unique_title': unique_title,
'description': description,
'markdown': markdown,
'html': html,
'id': id,
})
db.commit()
return res
elif request.method == 'DELETE':
db.execute('DELETE FROM recipe WHERE id=?', (id, ))
db.commit()
return res
except BaseException as e:
res.status = 500
if current_app.config['ENV'] == 'development':
res.message = str(e)
return res