def stock(stock_id=''): res = ApiResponse() try: if request.method == 'GET': if stock_id: stock = Stock.query.get_or_404(stock_id) res.data = stock.full_dict() else: res.data = [ s.full_dict() for s in Stock.query.filter_by( user_id=get_jwt_identity()).all() ] elif request.method == 'POST': body = should_look_like(stock_schema) stock = Stock(user_id=get_jwt_identity(), **body) stock.save() res.status = 201 elif request.method == 'PUT': body = should_look_like(stock_schema) stock.update_name(body['name']) stock.save() res.status = 201 elif request.method == 'DELETE': stock = Stock.query.get_or_404(stock_id) stock.delete() except HTTPException as exc: return exc except BaseException as exc: print(exc) abort(500) return res
def login(): res = ApiResponse() try: body = should_look_like(user_credentials_schema) app_user = AppUser.get_by_email(body['email']) if app_user and pbkdf2_sha256.verify(body['password'], app_user.pw_hash): res.data = { 'refresh_token': create_refresh_token(identity=app_user.id, expires_delta=timedelta(days=1)), 'access_token': create_access_token(identity=app_user.id, user_claims={'email': app_user.email}, expires_delta=timedelta(hours=1)), } res.status = 200 else: res.status = 401 res.pub_msg = 'Email or password was not recognized' except HTTPException as exc: return exc except BaseException as exc: abort(500) return res
def packaging_state(packaging_state_id=''): res = ApiResponse() try: if request.method == 'GET': res.data = [x for x in PackagingState.query.all()] elif request.method == 'POST': body = should_look_like(packaging_kind_schema) packaging_state = PackagingState(**body) packaging_state.save() res.status = 201 elif request.method == 'PUT': body = should_look_like(packaging_state_schema) packaging_state = PackagingState.query.get_or_404( packaging_state_id) packaging_state.update_name(body['name']) packaging_state.save() elif request.method == 'DELETE': packaging_state = PackagingState.query.get_or_404( packaging_state_id) packaging_state.delete() except HTTPException as exc: return exc except BaseException as exc: abort(500) return res
def user_session(): res = ApiResponse() id_token = request.cookies.get('id_token') if id_token: res.data = id_token return res abort(403)
def get_tags(): res = ApiResponse() db = get_db() res.data = [ dict(row) for row in db.execute('SELECT * FROM tag').fetchall() ] return res
def food_kind(kind_id=''): res = ApiResponse() try: if request.method == 'GET': if kind_id: res.data = FoodKind.query.get_or_404(kind_id).full_dict() else: res.data = [ x.full_dict() for x in FoodKind.query.filter_by( user_id=get_jwt_identity()).all() ] elif request.method == 'POST': body = should_look_like(food_kind_schema) food_kind = FoodKind(**body) food_kind.user_id = get_jwt_identity() food_kind.save() res.status = 201 elif request.method == 'PUT': body = should_look_like(food_kind_schema) food_kind = FoodKind.query.get_or_404(kind_id) if str(food_kind.user_id) != get_jwt_identity(): res.status = 401 res.pub_msg = 'You do not have permission to update this "food kind"' else: food_kind.update_name(body['name']) food_kind.unit_of_measurement_id = body[ 'unit_of_measurement_id'] food_kind.serving_size = body['serving_size'] print(food_kind.unit_of_measurement_id) food_kind.save() elif request.method == 'DELETE': msg, status = helpers.delete_food_kind(kind_id=kind_id, user_id=get_jwt_identity(), force=request.args.get( 'force', False)) res.pub_msg = msg res.status = status except HTTPException as exc: print(str(exc)) return exc except BaseException as exc: print(exc) abort(500) return res
def get_units_of_measure(): res = ApiResponse() try: res.data = UnitOfMeasurement.query.all() except HTTPException as exc: return exc except BaseException as exc: print(exc) abort(500) return res
def refresh_access(): res = ApiResponse() try: app_user = AppUser.query.get(get_jwt_identity()) res.data = create_access_token(identity=app_user.id, user_claims={'email': app_user.email}, expires_delta=timedelta(hours=1)) except HTTPException as exc: return exc except: abort(500) return res
def recipes(): res = ApiResponse() try: db = get_db() query = db.execute('SELECT * FROM recipe') res.data = [dict(row) for row in query.fetchall()] return res except BaseException as e: res.status = 500 if current_app.config['ENV'] == 'development': res.message = str(e) return res
def tag(id=None): body = request.get_json() res = ApiResponse() try: db = get_db() if request.method == 'GET': query = '''SELECT * FROM recipe JOIN recipe_tag ON recipe.id = recipe_tag.recipe_id WHERE recipe_tag.tag_id = ?''' res.data = [ dict(row) for row in db.execute(query, [id]).fetchall() ] return res elif request.method == 'POST': try: query = 'INSERT INTO tag (id, name) VALUES (?, ?)' db.execute(query, [uuid.uuid4().hex, body['name']]) db.commit() res.status = 201 except BaseException as e: msg = str(e) if msg.startswith('UNIQUE constraint failed'): res.status = 200 else: res.status = 500 return res elif request.method == 'PUT': pass elif request.method == 'DELETE': pass except BaseException as e: res.status = 500 if current_app.config['ENV'] == 'development': res.message = str(e) return res
def food_category(category_id=''): res = ApiResponse() try: if request.method == 'GET': res.data = [cat for cat in FoodCategory.query.all()] elif request.method == 'POST': body = should_look_like(food_category_schema) cat = FoodCategory(**body) cat.save() res.status = 201 elif request.method == 'PUT': body = should_look_like(food_category_schema) cat = FoodCategory.query.get_or_404(category_id) cat.update_name(body['name']) cat.save() elif request.method == 'DELETE': cat = FoodCategory.query.get_or_404(category_id) cat.delete() except HTTPException as exc: return exc except BaseException as exc: abort(500) return res
def recipe(id=''): res = ApiResponse() try: db = get_db() if request.method == 'GET': sql = 'SELECT * FROM recipe WHERE id = ?' res.data = db.execute(sql, (id, )).fetchone() return res elif request.method == 'POST': body = request.get_json() id = uuid.uuid4().hex date_created = datetime.utcnow() title = body.get('title') unique_title = body.get('unique_title') description = body.get('description') markdown = body.get('markdown') html = body.get('html') query1 = db.execute('SELECT * FROM recipe WHERE unique_title = ?', [unique_title]) exists = query1.fetchone() if exists: res.message = 'There is already a recipe called "{}". Please choose another title'.format( title) res.status = 400 return res else: query2 = '''INSERT INTO recipe ( id, date_created, title, unique_title, description, markdown, html ) VALUES (?,?,?,?,?,?,?) ''' db.execute(query2, (id, date_created, title, unique_title, description, markdown, html)) db.commit() res.data = dict(id=id, date_created=date_created) res.status = 201 return res elif request.method == 'PUT': body = request.get_json() title = body.get('title') unique_title = body.get('unique_title') description = body.get('description') markdown = body.get('markdown') html = body.get('html') query1 = db.execute( 'SELECT * FROM recipe WHERE unique_title = ? AND id != ?', [unique_title, id]) exists = query1.fetchone() if exists: res.message = 'There is already a recipe called "{}". Please choose another title'.format( title) res.status = 400 return res else: query2 = ''' UPDATE recipe SET date_updated=:date_updated, title=:title, unique_title=:unique_title, description=:description, markdown=:markdown, html=:html WHERE id=:id''' db.execute( query2, { 'date_updated': datetime.utcnow(), 'title': title, 'unique_title': unique_title, 'description': description, 'markdown': markdown, 'html': html, 'id': id, }) db.commit() return res elif request.method == 'DELETE': db.execute('DELETE FROM recipe WHERE id=?', (id, )) db.commit() return res except BaseException as e: res.status = 500 if current_app.config['ENV'] == 'development': res.message = str(e) return res