def editCard(company_id, card_id):
"""Edit card name, content and company
Returns
on GET: page that used to update card info
on POST: persist update card info to database and redirect
"""
if 'username' not in session:
return redirect(
url_for('login', error='You need to login to edit card')
)
error = request.args.get('error', '')
user = utils.get_user_by_email(session['email'], db_session)
company = utils.get_company_by_id(company_id, db_session)
card = utils.get_card_by_id(card_id, db_session)
if company is None:
return redirect(url_for('showCompanies'))
elif card is None:
return redirect(url_for('showCards', company_id=company.id))
elif card.user_id != user.id:
error = "You can only edit the cards you created"
elif request.method == 'POST':
new_card_name = request.form.get("newCardName")
new_card_content = request.form.get("newCardContent")
new_card_company_id = request.form.get("newCompanyId")
if new_card_name is None or new_card_name == "" \
or new_card_content is None or new_card_content == "":
error = "Please enter valid card name and content"
else:
card.name = new_card_name
card.content = new_card_content
card.company_id = new_card_company_id
db_session.add(card)
db_session.commit()
company = utils.get_company_by_id(new_card_company_id, db_session)
return redirect(url_for('showCards', company_id=card.company_id))
all_companies = db_session.query(Company).all()
return render_template(
'edit-card.html',
all_companies=all_companies,
company=company,
card=card,
error=error,
)
def newCard(company_id):
"""Add new card to database
Returns
on GET: page that add new card to a company
on POST: add a card to the database and redirect to /companies/company_id
"""
if 'username' not in session:
return redirect(
url_for('login', error='You need to login to add card')
)
user = utils.get_user_by_email(session['email'], db_session)
company = utils.get_company_by_id(company_id, db_session)
error = request.args.get('error', '')
if company is None:
return redirect(url_for('showCompanies'))
elif request.method == 'POST':
new_card_name = request.form.get("newCardName")
new_card_content = request.form.get("newCardContent")
if new_card_name is None or new_card_name == "" \
or new_card_content is None or new_card_content == "":
error = "Please enter valid card name and content"
else:
card = Card(
name=new_card_name,
content=new_card_content,
company_id=company.id,
user_id=user.id,
)
db_session.add(card)
db_session.commit()
return redirect(url_for('showCards', company_id=company.id))
all_companies = db_session.query(Company).all()
return render_template(
'new-card.html',
all_companies=all_companies,
company=company,
error=error,
)
def deleteCompany(company_id):
"""Delete company from database
Returns
on GET: page used to delete a company record
on POST: delete company from database and redirect to /companies
"""
if 'username' not in session:
return redirect(
url_for('login', error='You need to login to delete company')
)
user = utils.get_user_by_email(session['email'], db_session)
company = utils.get_company_by_id(company_id, db_session)
error = request.args.get('error', '')
if company is None:
return redirect(url_for('showCompanies'))
elif company.user_id != user.id:
error = "You can only delete companies you created"
elif request.method == 'POST':
if request.form.get('deleteCompany'):
# delete associated cards
cards = db_session.query(Card)\
.filter(Card.company_id == company.id)
cards.delete(synchronize_session=False)
# delete company
db_session.delete(company)
db_session.commit()
return redirect(url_for('showCompanies'))
all_companies = db_session.query(Company).all()
return render_template(
'delete-company.html',
all_companies=all_companies,
company=company,
error=error,
)
def deleteCard(company_id, card_id):
"""Delete card associated with a company
Returns
on GET: page that use to confirm card deletion
on POST: delete card record from the database and redirect
"""
if 'username' not in session:
return redirect(
url_for('login', error='You need to login to delete card')
)
error = request.args.get('error', '')
user = utils.get_user_by_email(session['email'], db_session)
company = utils.get_company_by_id(company_id, db_session)
card = utils.get_card_by_id(card_id, db_session)
if company is None:
return redirect(url_for('showCompanies'))
elif card is None:
return redirect(url_for('showCards', company_id=company.id))
elif card.user_id != user.id:
error = "You can only delete the cards you created"
elif request.method == 'POST' \
and request.form.get('deleteCard') is not None:
db_session.delete(card)
db_session.commit()
return redirect(url_for('showCards', company_id=company.id))
all_companies = db_session.query(Company).all()
return render_template(
'delete-card.html',
all_companies=all_companies,
company=company,
card=card,
error=error,
)
def register(new_user: UserCreateSchema, db: Session = Depends(get_db)):
print(new_user.email)
user = get_user_by_email(db=db, user_email=new_user.email)
if user:
raise HTTPException(status_code=400,
detail="User already registered, Please login.")
else:
try:
register_user(db=db, user=new_user)
except IntegrityError as err:
raise HTTPException(status_code=400,
detail="Please Enter all required fields.")
except ValidationError as err:
raise HTTPException(status_code=400, detail=err)
return {
"message": "Successfully registered a new user",
"data": new_user
}
def editCompany(company_id):
"""Edit company names in the database
Returns
on GET: page used to update company info
on POST: update company name in the database and redirect to /companies
"""
if 'username' not in session:
return redirect(
url_for('login', error='You need to login to edit company')
)
user = utils.get_user_by_email(session['email'], db_session)
company = utils.get_company_by_id(company_id, db_session)
error = request.args.get('error', '')
if company is None:
return redirect(url_for('showCompanies'))
elif company.user_id != user.id:
error = "You can only edit the companies you created"
elif request.method == 'POST':
new_company_name = request.form.get('newCompany')
if new_company_name is None or new_company_name == '':
error = 'Please enter a valid company name'
else:
company.name = new_company_name
db_session.add(company)
db_session.commit()
all_companies = db_session.query(Company).all()
return render_template(
'edit-company.html',
all_companies=all_companies,
company=company,
error=error,
)
def api_login():
user = get_current_user()
if user:
return jsonify(status='logged in', id=user.id, \
email=user.email, name=user.name)
data = json.loads(request.data)
password = data.get('password', None)
email = data.get('email', None)
check, error = check_login_info(email, password)
if not check:
return jsonify(status='error', error=error)
user = get_user_by_email(email=email)
if not user:
return jsonify(status='error', error='no such user')
if not user.check_password(password):
return jsonify(status='error', error='invaild passwd')
account_login(user)
return jsonify(status='ok', user_id=user.id, \
email=user.email, name=user.name)
def newCompany():
"""Add new company to the database
Returns
on GET: page that used to add company
on POST: create new company in the database and redirect to /companies
"""
if 'username' not in session:
return redirect(
url_for('login', error='You need to login to add company')
)
user = utils.get_user_by_email(session['email'], db_session)
error = request.args.get('error', '')
if request.method == 'POST':
new_company_name = request.form.get('newCompany')
if new_company_name is None or new_company_name == '':
error = 'Please enter a valid company name'
elif db_session.query(Company)\
.filter(Company.name == new_company_name).count() > 0:
error = '%s already exists' % new_company_name
else:
new_company = Company(name=new_company_name, user_id=user.id)
db_session.add(new_company)
db_session.commit()
return redirect(url_for('showCompanies'))
all_companies = db_session.query(Company).all()
return render_template(
'new-company.html',
all_companies=all_companies,
error=error,
)
def gconnect():
if request.args.get('state') != session['state']:
response = make_response(json.dumps('Invalid state token'), 401)
response.headers['Content-Type'] = 'application/json'
return response
code = request.data
try:
# Upgrade the authorization code into a credentials object
oauth_flow = flow_from_clientsecrets('g_client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError:
response = make_response(
json.dumps('Failed to upgrade the authorization code'),
401,
)
response.headers['Content-Type'] = 'application/json'
return response
# Check the access token is valid
access_token = credentials.access_token
url = (
'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s'
% access_token
)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
return response
# Verify the access token is used for intended user
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(
json.dumps('Token\'s user ID doesn\'t match given user ID '), 401
)
response.headers['Content-Type'] = 'application/json'
return response
# Verify the access token is valid for this app
if result['issued_to'] != CLIENT_ID:
response = make_response(
json.dumps('Token\'s client ID doesn\'t match given application'),
401,
)
response.headers['Content-Type'] = 'application/json'
return response
# check if user is already logged in
stored_credentials = session.get('credentials')
stored_gplus_id = session.get('gplus_id')
if stored_credentials is not None and gplus_id == stored_gplus_id:
response = make_response(
json.dumps('Current user is already connected'), 200
)
response.headers['Content-Type'] = 'application/json'
# store the access token in the session for later use
session['access_token'] = credentials.access_token
session['gplus_id'] = gplus_id
# get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = json.loads(answer.text)
session['provider'] = 'Google'
session['username'] = data['name']
session['picture'] = data['picture']
# email is working inconsistently for oauth2 endpoint
# use https://www.googleapis.com/plus/v1/people/me instead if it is needed
session['email'] = data.get('emails', gplus_id + "@google.com")
# store user info into db
if utils.get_user_by_email(session['email'], db_session) is None:
utils.create_user(session, db_session)
flash('You are now logged in as %s' % session['username'])
return redirect(url_for('showCompanies'))
import utils as utils
users = []
while True:
print("Enter 1 to print information about user, 2 to add new user, 3 to delete user, 4 to quit")
action = int(input("Your input: "))
if action == 1:
print("Enter 1 to search by e-mail 2 to search by username")
get_by = int(input("Your input: "))
try:
if get_by == 1:
email = input("Enter e-mail: ")
user = utils.get_user_by_email(users=users,
email=email)
user.print_user()
elif get_by == 2:
username = input("Enter username: "******"Full name: ")
username = input("Username: "******"E-mail: ")