def token_index():
user = session.get("user")
if request.method == "POST":
token = Token(user_id=user["id"], token=random_secret(50))
db.session.add(token)
db.session.commit()
return APIResponse(response=token).serialize()
tokens = Token.query.filter_by(user_id=user["id"]).all()
return APIResponse(response=tokens).serialize()
def position():
user = session.get("user")
trip_id = request.args.get("trip_id")
if request.method == "POST":
data = expect_json({"trip_id": int, "lat": float, "lon": float})
trip = Trip.query.filter_by(id=data["trip_id"],
user_id=user["id"]).first()
if trip is None:
abort(400,
"Your user does not have access to any trip with that id")
if not trip.active:
abort(400, "This trip is not active")
position = Position(
lat=data["lat"],
lon=data["lon"],
trip_id=data["trip_id"],
user_id=user["id"],
)
db.session.add(position)
db.session.commit()
# get all positions
positions = Position.query.filter_by(trip_id=data["trip_id"]).all()
# get the current car
car = Car.query.filter_by(id=trip.car_id).first()
statistics = car_statistics(car, positions, read_fuel_prices())
return APIResponse(
response={
"id": trip.id,
"active": trip.active,
"trip_started": trip.trip_started,
"trip_ended": trip.trip_ended,
"car_id": trip.car_id,
"user_id": trip.user_id,
"time_updated": trip.time_updated,
"statistics": statistics,
}).serialize()
positions = (Position.query.filter_by(trip_id=trip_id,
user_id=user["id"]).all()
if trip_id is not None else [])
return APIResponse(response=positions).serialize()
def token_id(id: int):
# FIXME: ability to edit details with PUT
user = session.get("user")
token = Token.query.filter_by(id=id, user_id=user["id"]).first()
if token is None:
abort(404, "No token with that id found")
if request.method == "DELETE":
db.session.delete(token)
db.session.commit()
return APIResponse().serialize()
return APIResponse(response=token).serialize()
def lock():
@authenticated
def _post():
content = request.json
if "locked" not in content:
abort(400, "missing variable locked in request json")
update = Lock(email=session["google_email"], toggle=content["locked"])
db.session.add(update)
db.session.commit()
if request.method == "POST":
_post()
# determine value
last = db.session.query(Lock).order_by(Lock.id.desc()).first()
locked = False if not last else last.toggle
last_updated = None if not last else str(last.time_created)
changed_by = None if not last else last.email
return APIResponse(response={
"locked": locked,
"last_updated": last_updated,
"changed_by": changed_by,
}).serialize()
def car_id(id: int):
# FIXME: ability to edit details with PUT
user = session.get("user")
car = Car.query.filter_by(id=id, user_id=user["id"]).first()
if car is None:
abort(404, "No car with that id found")
if request.method == "DELETE":
db.session.delete(car)
db.session.commit()
return APIResponse().serialize()
return APIResponse(response=car).serialize()
def position_id(id: int):
user = session.get("user")
position = Position.query.filter_by(id=id, user_id=user["id"]).first()
if position is None:
abort(404, "No position with that id found")
return APIResponse(response=position).serialize()
def validate():
return APIResponse(
response={
"authenticated": session["authenticated"],
"email": session["google_email"],
"name": session["google_name"],
"avatar": session["google_picture_url"],
}).serialize()
def car():
user = session.get("user")
if request.method == "POST":
# We expect different parameters dependning on whether the
# vehicle is leasing or not. Leasing typically has the
# insurance cost included and may even include service costs.
# This model is simplified.
data = expect_json(
{
"registration_number": str,
"fuel_type": str,
"fuel_consumption": float,
"co2_emissions": float,
"insurance_cost": int, # yearly
"tax": int, # yearly
"service_cost": int, # yearly average
"annual_mileage": float, # yearly average
}
)
if expect_json({"leasing": bool})["leasing"]:
data = {**data, **expect_json({"leasing": bool, "leasing_cost": bool})}
car = Car(
registration_number=data["registration_number"],
fuel_type=data["fuel_type"],
fuel_consumption=data["fuel_consumption"],
co2_emissions=data["co2_emissions"],
leasing=data["leasing"],
leasing_cost=data["leasing_cost"] if data["leasing"] else 0,
insurance_cost=data["insurance_cost"],
tax=data["tax"],
service_cost=data["service_cost"],
annual_mileage=data["annual_mileage"],
user_id=user["id"],
)
db.session.add(car)
db.session.commit()
return APIResponse(response=car).serialize()
cars = Car.query.filter_by(user_id=user["id"]).all()
return APIResponse(response=cars).serialize()
def history():
log = [{
"id": record.id,
"email": record.email,
"toggle": record.toggle,
"time_created": str(record.time_created),
"time_updated": str(record.time_updated),
} for record in Lock.query.order_by(desc(Lock.id)).limit(20).all()]
return APIResponse(response={"log": log}).serialize()
def handle_exception(e):
response = e.get_response()
response.data = json.dumps(
APIResponse(code=e.code,
name=e.name,
description=e.description,
response={}).__dict__)
response.content_type = "application/json"
return response, e.code
def login():
# Find out what URL to hit for Google login
google_provider_cfg = get_google_provider_cfg()
authorization_endpoint = google_provider_cfg["authorization_endpoint"]
# Use library to construct the request for Google login and provide
# scopes that let you retrieve user's profile from Google
request_uri = client.prepare_request_uri(
authorization_endpoint,
redirect_uri=f"{BASE_URL}/api/auth/callback",
scope=["openid", "email", "profile"],
)
return APIResponse(response={"login_uri": request_uri}).serialize()
def user():
if request.method == "POST":
content = request.json
if "email" not in content:
abort(400, "missing key email")
user = User(email=content["email"])
db.session.add(user)
db.session.commit()
if request.method == "DELETE":
content = request.json
if "email" not in content:
abort(400, "missing key email")
user = User.query.filter_by(email=content["email"]).all()
if len(user) != 1:
abort(404, "user does not exist")
user = user[0]
db.session.delete(user)
db.session.commit()
users = [{
"id": record.id,
"email": record.email,
"time_created": str(record.time_created),
"time_updated": str(record.time_updated),
} for record in User.query.all()]
return APIResponse(response={"users": users}).serialize()
def user_id(id: int):
return APIResponse(response={"id": id}).serialize()
def user():
user = session.get("user")
return APIResponse(response=user).serialize()