def get_list(username, list_name):
if list_name not in ('favorites', 'have-read', 'to-read'):
abort(404)
user = get_user(username)
if not user:
abort(404)
tables = {
'favorites': 'users_favorites',
'have-read': 'users_have_read',
'to-read': 'users_to_read'
}
statement = """
select * from %s list
join books b on list.book_id = b.book_id
join books_authors ba on b.book_id = ba.book_id
join authors a on a.author_id = ba.author_id
where (list.user_id = %s);"""
book_list = execute_statement(statement,
(AsIs(tables[list_name]), user['user_id']),
True)
if book_list:
return jsonify({"data": book_list, "status": True}), 200
else:
return jsonify({
"status": False,
"message": "Could not get list data."
}), 200
def is_token_valid(token):
data = jwt.decode(token, app.config['SECRET_KEY'], algorithms='HS256')
user = get_user(user_id=data['user_id'])
if not user:
return False
else:
return user
def decorator(*args, **kwargs):
token = None
print("req headers: ", request.headers)
if 'Authorization' in request.headers:
token = request.headers['Authorization']
if not token:
return jsonify({
'message': 'A valid token is missing.',
'status': False,
'authorized': False
})
# raise Unauthorized('A valid token is missing.', status_code=401)
try:
data = jwt.decode(token,
app.config['SECRET_KEY'],
algorithms='HS256')
print("data: ", data)
current_user = get_user(user_id=data['user_id'])
print("current_user: ", current_user)
except:
return jsonify({
'message': 'Token is invalid.',
'status': False,
'authorized': False,
'token_valid': False
})
# raise Unauthorized('Token is invalid.', status_code=401)
return f(*args, **kwargs)
def get_user_with_username(username):
user = get_user(username=username)
if not user:
return jsonify({
'status': False,
'message': "There is no such user: "******"."
})
# delete password before sending data
del user['hashed_password']
return jsonify({'status': True, 'data': user}), 200
def login():
user = get_user(username=request.json['username'])
token = is_authenticated(request, user)
if token:
# delete password before sending data
del user['hashed_password']
return jsonify({'token': token, 'status': True, 'data': user}), 201
else:
return jsonify({
'status': False,
'message': 'Username or password is not correct.'
})
def update_user(username):
user = get_user(username)
print(request.json)
update = {**user, **request.json['data']}
statement = "update users set "
for key in update:
statement += key + ' = ' + ' %s, '
statement = statement[:len(statement) -
2] + " where (user_id = %s and username = %s)"
params = tuple(update[key]
for key in update) + (user['user_id'], user['username'])
status = execute_statement(statement, params, False)
return jsonify({'status': status}), 200
def delete_book_from_list(username, list_name):
if list_name not in ('favorites', 'have-read', 'to-read'):
abort(404)
req = request.json
user = get_user(username)
if not user:
abort(404)
tables = {
'favorites': 'users_favorites',
'have-read': 'users_have_read',
'to-read': 'users_to_read'
}
statement = """delete from %s where (user_id = %s and book_id = %s);"""
status = execute_statement(
statement, (AsIs(tables[list_name]), user['user_id'], req['book_id']),
False)
message = 'Book succesfully deleted from the list.' if status else 'Could not delete book from the list.'
return jsonify({'status': status, 'message': message}), 200
def add_book_to_list(username, list_name):
if list_name not in ('favorites', 'have-read', 'to-read'):
abort(404)
req = request.json
user = get_user(username)
if not user:
abort(404)
tables = {
'favorites': 'users_favorites',
'have-read': 'users_have_read',
'to-read': 'users_to_read'
}
statement = """insert into %s (user_id, book_id) values (%s, %s);"""
status = execute_statement(
statement, (AsIs(tables[list_name]), user['user_id'], req['book_id']),
False)
message = 'Book succesfully added to the list.' if status else 'Could not add book to the list.'
return jsonify({'status': status, 'message': message}), 200