def auth_status():
# Auth API, returns True-200/False-403/500
try:
try:
_email = request.form['email']
_token = request.form['token']
except Exception as e:
print(e)
return bad_request()
if _email and _token and request.method == 'POST':
var = authenticate_email_token(_email, _token)
if var:
res = jsonify(var)
res.status_code = 200
return res
# If POST is empty
else:
return forbidden()
except Exception as e:
print(e)
return internal_server_error()
def login():
# Login API, returns dict/403/500
try:
try:
_email = request.form['email']
_password = request.form['password']
except Exception as e:
print(e)
return bad_request()
if _email and _password and request.method == 'POST':
var = authenticate_email(_email, _password)
if var:
res = jsonify(var)
res.status_code = 200
return res
# If POST is empty
else:
return forbidden()
except Exception as e:
print(e)
return internal_server_error()
def POST_endpoint_function():
try:
uid = request.form['uid']
password = request.form['password']
pager_id = request.form['pager_id']
name = request.form['name']
designation = request.form['designation']
organization = request.form['organization']
picture = request.form['picture']
if uid and password and pager_id and name and designation and organization and picture and request.method == 'POST':
# Generate 28 char API key
api_key = random_string(28)
# Hash password to SHA512
password = hashlib.sha512(password)
# TODO: Save picture and return picture_url
picture_url = 'https://vmlinuz.pattarai.in/images/logo_large.png'
# TODO: Dynamically create bot and get bot_id
pager_api_key = '1671540030:AAEAMUBDjfS4-w4_DSkct0HQmb23lozGyxo'
# insert record in database
try:
cnx = mysql.connect()
sql = f"INSERT INTO `nxtstep`.`users` (`uid`, `password`, `api_key`, `pager_id`, `pager_api_key`, `name`, `designation`, `organization`, `picture_url`) VALUES ('{uid}', '{password}', '{api_key}', '{pager_id}', '{pager_api_key}', '{name}', '{designation}', '{organization}', '{picture_url}')"
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
cnx.close()
json_dict = {"status": "success"}
res = jsonify(json_dict)
res.status_code = 200
return res
except Exception as e:
return internal_server_error()
else:
return forbidden()
except Exception as e:
print(e)
return internal_server_error()
def get_bikes_avail_count():
try:
try:
_email = request.form['email']
_token = request.form['token']
except Exception as e:
print(e)
return bad_request()
if _email and _token and request.method == 'POST':
var = authenticate_email_token(_email, _token)
if var:
# Close all reserved rides older than 5 minutes
sql = f"UPDATE rides SET status = 'canceled' WHERE reserveTimeStamp < (NOW() - INTERVAL 5 MINUTE) AND " \
f"status = 'reserved' "
cnx = mysql.connect()
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
# Remove reservations from reserved bikes older than 5 minutes
sql = f"UPDATE bikes SET status = 'free', reserveTimeStamp = NULL, currentRideID = NULL WHERE " \
f"reserveTimeStamp < (NOW() - INTERVAL 5 MINUTE) AND status = 'reserved' "
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
sql = f"SELECT stations.stationName, stations.stationID, stations.latitude, stations.longitude, " \
f"count(bikes.bikeID) AS available FROM bikes, " \
f"stations, users WHERE users.email = '{_email}' AND bikes.currentStationID = " \
f"stations.stationID AND stations.domain = users.domain AND bikes.status = 'free' GROUP BY " \
f"stations.stationName, stations.stationID "
cursor = cnx.cursor()
cursor.execute(sql)
bike_list = []
for row in cursor:
bike_list.append(row)
res = jsonify(bike_list)
res.status_code = 200
return res
# If POST is empty
else:
return forbidden()
except Exception as e:
print(e)
return internal_server_error()
def cancel_ride():
try:
try:
_email = request.form['email']
_token = request.form['token']
_ride_id = request.form['rideID']
_bike_id = request.form['bikeID']
except Exception as e:
print(e)
return bad_request()
if _email and _token and _ride_id and _bike_id and request.method == 'POST':
var = authenticate_email_token(_email, _token)
if var:
# Update ride status to canceled
sql = f"UPDATE rides SET status = 'canceled', endTimeStamp = CURRENT_TIMESTAMP WHERE rideID = {_ride_id}"
cnx = mysql.connect()
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
# Remove reservation from bikes
sql = f"UPDATE bikes SET status = 'free', reserveTimeStamp = NULL, currentRideID = NULL WHERE bikeID = {_bike_id} "
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
res = jsonify("canceled")
res.status_code = 200
return res
else:
return forbidden()
except Exception as e:
print(e)
return internal_server_error()
def reserve_bike():
try:
try:
_email = request.form['email']
_token = request.form['token']
_station_id = request.form['stationID']
except Exception as e:
print(e)
return bad_request()
if _email and _token and _station_id and request.method == 'POST':
var = authenticate_email_token(_email, _token)
if var:
# Close all reserved rides older than 5 minutes
sql = f"UPDATE rides SET status = 'canceled' WHERE reserveTimeStamp < (NOW() - INTERVAL 5 MINUTE) AND " \
f"status = 'reserved' "
cnx = mysql.connect()
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
# Remove reservations from reserved bikes older than 5 minutes
sql = f"UPDATE bikes SET status = 'free', reserveTimeStamp = NULL, currentRideID = NULL WHERE " \
f"reserveTimeStamp < (NOW() - INTERVAL 5 MINUTE) AND status = 'reserved' "
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
# Find an available bike
# sql = f"SELECT bikeID from bikes INNER JOIN (SELECT min(lastRideID) minLastRideID FROM bikes WHERE " \
# f"currentStationID = {_station_id} AND status = 'free') minTable ON bikes.lastRideID = " \
# f"minTable.minLastRideID WHERE lastRideID = minLastRideID AND currentStationID = {_station_id} " \
# f"AND status = 'free' "
sql = f"SELECT bikeID from bikes WHERE (lastRideID = (SELECT min(lastRideID) FROM bikes WHERE " \
f"currentStationID = {_station_id} AND status = 'free') OR lastRideID IS NULL) AND " \
f"currentStationID = {_station_id} AND status = 'free' "
cursor = cnx.cursor()
cursor.execute(sql)
for first_bike in cursor:
bike_id = first_bike["bikeID"]
print("BikeID: " + str(bike_id))
break
cursor.close()
# If query returns no bikes
try:
if bike_id is None:
raise Exception("no-avail-bikes")
except Exception as e:
res = jsonify("no-available-bikes")
res.status_code = 200
return res
# Create ride with bikeID
sql = f"INSERT INTO rides (emailID, bikeID, startStationID) VALUES ('{_email}', {bike_id}, {_station_id})"
cursor = cnx.cursor()
cursor.execute(sql)
current_ride_id = cursor.lastrowid
print("RideID: " + str(current_ride_id))
cursor.close()
cnx.commit()
# Update bike with rideID and status
sql = f"UPDATE bikes SET currentRideID = {current_ride_id}, status = 'reserved', reserveTimeStamp = " \
f"CURRENT_TIMESTAMP WHERE bikeID = {bike_id} "
cursor = cnx.cursor()
cursor.execute(sql)
cursor.close()
cnx.commit()
# Get bike specifications and ride information
sql = f"SELECT bikeID, currentRideID, homeStationID, currentStationID, status, reserveTimeStamp, " \
f"make, model, year FROM bikes WHERE bikeID = {bike_id} "
cursor = cnx.cursor()
cursor.execute(sql)
for ride_info in cursor:
break
cursor.close()
res = jsonify(ride_info)
res.status_code = 200
return res
else:
return forbidden()
except Exception as e:
print(e)
return internal_server_error()