def signup(self, username): """ Register a new user """ user_exists = self.user_exists() if user_exists: response = jsonify( {"message": "An account with that email already exists"}) response.status_code = 409 return response else: hashed_pw = pwd_hash.encrypt(self.password) conn = open_connection() cur = conn.cursor() cur.execute( "INSERT INTO users (username, email, password) VALUES('{}', '{}', '{}')" .format(username, self.email, hashed_pw)) cur.execute("select user_id from users where email = '{}' ".format( self.email)) user_id = cur.fetchone()[0] token = self.generate_jwt(user_id) cur.close() conn.commit() user_info = self.user_info() response = jsonify({ "message": "User registered successfully", "token": token.decode("utf-8"), "user": user_info }) response.status_code = 200 return response
def __init__(self, answer_desc): self.answer_id = str(uuid4()) self.answer_desc = answer_desc conn = open_connection() cur = conn.cursor() cur.execute("insert into answers(answer_desc) values('{}')".format( answer_desc)) conn.commit()
def questions(identity): conn = open_connection() cur = conn.cursor() ''' Get all questions function ''' if request.method == 'GET': conn = open_connection() cur = conn.cursor() cur.execute("select * from questions") questions = cur.fetchall() return jsonify({'questions': [question for question in questions]}) else: question_desc = request.get_json('description')['description'] if not question_desc or question_desc == " ": response = jsonify({"message": "Question not provided"}) response.status_code = 400 return response if not request.json: response = jsonify({"message": "incorrect format"}) response.status_code = 400 return response cur.execute("select * from questions where question_desc='{}' and user_id={}" .format(question_desc, identity)) question_exists = cur.fetchall() if len(question_exists) > 0: response = jsonify({"message": "That question exists"}) response.status_code = 409 return response Question(str(question_desc)) cur.execute("select question_id from questions where question_desc = '{}'".format(question_desc)) question_id = cur.fetchone() cur.execute("update questions set user_id = {} where question_id = {}" .format(identity, question_id[0])) cur.execute("select * from questions where question_desc = '{}' and user_id = {}" .format(question_desc, identity)) question = cur.fetchall() cur.execute("update users set questions = array_append(questions, '{}')".format(question[0][1])) cur.close() close_connection(conn) return jsonify({'question': question})
def get_question_answers(identity,question_id): conn = open_connection() cur = conn.cursor() cur.execute("select answers from questions where question_id = {}".format(question_id)) answers = cur.fetchone() response = jsonify({"answers": answers[0]}) response.status_code = 200 return response
def create_tables(): """ Create tables """ conn = open_connection() cur = conn.cursor() for query in QUERIES: cur.execute(query) close_connection(conn)
def __init__(self, token): ''' Initialize token blacklist ''' self.token = token conn = open_connection() cur = conn.cursor() cur.execute("insert into blacklist (token) values('{}')".format(token)) cur.close() close_connection(conn)
def __init__(self, question_desc): self.question_id = str(uuid4()) self.question_desc = question_desc conn = open_connection() cur = conn.cursor() cur.execute("insert into questions(question_desc) values('{}')".format( question_desc)) cur.close() conn.commit()
def get_user_questions(identity): conn = open_connection() cur = conn.cursor() cur.execute("select questions from users where user_id = {}".format(identity)) questions = cur.fetchone() response = jsonify({"questions": questions[0]}) response.status_code = 200 close_connection(conn) return response
def user_exists(self): """ Check if a user exists in the db """ conn = open_connection() cur = conn.cursor() cur.execute("SELECT * from users WHERE email='{}'".format(self.email)) user = cur.fetchone() cur.close() conn.commit() return user
def drop_tables(): """ Delete tables after tests """ queries = [ 'DROP table users CASCADE', 'DROP table questions CASCADE', 'DROP table answers CASCADE', 'DROP table blacklist CASCADE' ] conn = open_connection() cur = conn.cursor() for query in queries: cur.execute(query) cur.close() conn.commit()
def sign_up(): conn = open_connection() cur = conn.cursor() email = request.get_json('email')['email'] password = request.get_json('password')['password'] username = request.get_json('username')['username'] cur.execute("select * from users where username = '******'".format(username)) names = cur.fetchall() if len(names) > 0: response = jsonify({"message": "Username is taken"}) response.status_code = 409 return response if not email or email == " ": response = jsonify({"message": "Email not provided"}) response.status_code = 400 return response if not re.match(email_format, email): response = jsonify({"message": "incorrect email format"}) response.status_code = 400 return response if not password or password == " ": response = jsonify({"message": "Password not provided"}) response.status_code = 400 return response if not username or username == " ": response = jsonify({"message": "Username not provided"}) response.status_code = 400 return response if not request.json: response = jsonify({"message": "Incorrect request format"}) response.status_code = 400 return response user = User(email, password) register = user.signup(username) cur.close() close_connection(conn) return register
def authorize(*args, **kwargs): ''' Check for the user's authentication token in header ''' if 'Authorization' not in request.headers: response = jsonify({"message": "Missing Authorization header"}) response.status_code = 401 return response jwt_token = request.headers['Authorization'] conn = open_connection() cur = conn.cursor() cur.execute( "select token from blacklist where token = '{}'".format(jwt_token)) blacklisted = cur.fetchone() if blacklisted: response = jsonify( {"message": "Account logged out. Please log in to continue"}) response.status_code = 401 cur.close() close_connection(conn) return response try: identity = jwt.decode(jwt_token, 'secret')['sub'] return func(identity, *args, **kwargs) except jwt.ExpiredSignatureError: response = jsonify({ "message": "Your token has expired. Please log in to continue" }) response.status_code = 401 return response except jwt.InvalidTokenError: response = jsonify({ "message": "Invalid token. Please log in or sign up to continue" }) response.status_code = 401 return response
def post_answer(identity, question_id): '''Post answer function''' conn = open_connection() cur = conn.cursor() cur.execute("select * from questions where question_id = {}".format(question_id)) question = cur.fetchall() if len(question) == 0: response = jsonify({"message": "Question not found"}) response.status_code = 404 return response answer_desc = request.get_json('answer')['answer'] if not answer_desc or answer_desc == " ": response = jsonify({"message": "Answer not provided"}) response.status_code = 400 return response, response.status_code if not request.json: response = jsonify({"message": "Incorrect request format"}) response.status_code = 400 return response cur.execute("select answer_desc from answers where answer_desc= '{}' and user_id={}" .format(answer_desc, identity)) answer_exists = cur.fetchall() print(answer_exists) if answer_exists: response = jsonify({"message": " You have already provided that answer"}) response.status_code = 409 return response Answer(str(answer_desc)) cur.execute("select id from answers where answer_desc = '{}'".format(answer_desc)) answer_id = cur.fetchone() cur.execute("update answers set user_id = {} where id = '{}'".format(identity, answer_id[0])) cur.execute("select * from answers where answer_desc = '{}' and user_id={}".format(answer_desc, identity)) answer = cur.fetchone() cur.execute("update questions set answers = array_append(answers, '{}')".format(answer[1])) cur.close() close_connection(conn) return jsonify({'answer': answer})
def get_question(identity, question_id): ''' Get a question function ''' conn = open_connection() cur = conn.cursor() cur.execute("select * from questions where question_id = {}".format(question_id)) question = cur.fetchall() if len(question) == 0: response = jsonify({"message": "Question not found"}) response.status_code = 404 return response if request.method == 'GET': return jsonify({'question': question[0]}) if question[0][2] != identity: response = jsonify({"message": "You don't have access rights to delete that question"}) response.status_code = 400 return response cur.execute("delete from questions where question_id = {} and user_id = {}".format(question_id, identity)) cur.close() close_connection(conn) return jsonify({'message': "Deleted successfully"})