def addCategory():
"""API handler to add a new Category"""
if request.method == 'GET':
return render_template('index.html', categoryData=getCategoriesData())
elif request.method == 'POST':
reqData = json.loads(request.data)
token = reqData['token']
reqData = reqData['body']
userEditing = User.verify_auth_token(token)
if userEditing is None:
response = make_response(
json.dumps('Bad Authorization Token. Please re-login'), 444)
response.headers['Content-Type'] = 'application/json'
return response
print(reqData)
try:
user = session.query(User).filter_by(id=userEditing).one()
newCategory = Category(name=reqData['name'],
description=reqData['description'],
creator=user)
session.add(newCategory)
session.commit()
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
fillCatTableData()
return getCategoryJson(newCategory)
def create_user(self, login_session):
user = User(name=login_session['username'],
email=login_session['email'],
picture=login_session['picture'],
)
self.create(user)
user_id = self.get_user_id(email=login_session['email'])
return user_id
def newItemInCategory():
"""
API handler to add a new item in DB
"""
if request.method == 'GET':
return render_template('index.html', categoryData=getCategoriesData())
elif request.method == 'POST':
reqData = json.loads(request.data)
token = reqData['token']
reqData = reqData['body']
userEditing = User.verify_auth_token(token)
if userEditing is None:
response = make_response(
json.dumps('Bad Authorization Token. Please re-login'), 444)
response.headers['Content-Type'] = 'application/json'
return response
print(reqData)
try:
category = session.query(Category).\
filter_by(id=reqData['categoryId']).one()
user = session.query(User).filter_by(id=userEditing).one()
if category:
print('Trying to create a new item now')
newItem = CatalogItem(name=reqData['name'],
description=reqData['description'],
categoryId=category.id,
creator=user)
newItem.category = category
session.add(newItem)
session.commit()
fillCatTableData()
return getCatalogItemJson(newItem)
else:
response = make_response(
json.dumps('Category Not Found. '
'Please select a valid category'), 401)
response.headers['Content-Type'] = 'application/json'
return response
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
def editCategory(category_id):
"""API handler to edit a particular category"""
if request.method == 'GET':
return render_template('index.html', categoryData=getCategoriesData())
elif request.method == 'POST':
reqData = json.loads(request.data)
token = reqData['token']
reqData = reqData['body']
userEditing = User.verify_auth_token(token)
if userEditing is None:
response = make_response(
json.dumps('Bad Authorization Token. Please re-login'), 444)
response.headers['Content-Type'] = 'application/json'
return response
print(reqData)
try:
categoryToEdit = session.query(Category).\
filter_by(id=category_id).one()
if categoryToEdit.creator_id != userEditing:
response = make_response(
json.dumps('Only owner is allowed to edit this category'),
401)
response.headers['Content-Type'] = 'application/json'
return response
if reqData['name']:
categoryToEdit.name = reqData['name']
if reqData['description']:
categoryToEdit.description = reqData['description']
session.add(categoryToEdit)
session.commit()
categoryAfterEdit = session.query(Category).\
filter_by(id=category_id).one()
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
fillCatTableData()
return getCategoryJson(categoryAfterEdit)
def deleteCategoryAndItsItems(category_id):
"""API handler to delete a category and
all items associated with this category"""
if request.method == 'GET':
return render_template('index.html', categoryData=getCategoriesData())
else:
reqData = json.loads(request.data)
token = reqData['token']
userEditing = User.verify_auth_token(token)
if userEditing is None:
response = make_response(
json.dumps('Bad Authorization Token. Please re-login'), 444)
response.headers['Content-Type'] = 'application/json'
return response
try:
categoryToDelete = session.query(Category).\
filter_by(id=category_id).one()
if categoryToDelete.creator_id != userEditing:
response = make_response(
json.dumps(
'Only owner is allowed to delete this category'), 401)
response.headers['Content-Type'] = 'application/json'
return response
itemsForCategory = session.query(CatalogItem).\
filter(CatalogItem.categoryId == categoryToDelete.id)
for item in itemsForCategory:
session.delete(item)
session.commit()
session.delete(categoryToDelete)
session.commit()
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
fillCatTableData()
return {}
def updateUserInfo():
"""
Its a API call handler to update the user profile
"""
reqData = json.loads(request.data)
token = reqData['token']
reqData = reqData['body']
userEditing = User.verify_auth_token(token)
if userEditing is None:
response = make_response(
json.dumps('Bad Authorization Token. Please re-login'), 444)
response.headers['Content-Type'] = 'application/json'
return response
print(reqData)
try:
user = session.query(User).filter_by(id=userEditing).first()
if user is None:
response = make_response(
json.dumps('User not found. '
'Please re-login or Create a New User'), 444)
response.headers['Content-Type'] = 'application/json'
return response
if reqData['username']:
user.username = reqData['username']
if reqData['password']:
user.hash_password(reqData['password'])
session.add(user)
session.commit()
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
print('User info Updated')
return 'User info updated successfully'
# declarative can be accessed through a DBSession instance
Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
# A DBSession() instance establishes all conversations with the database
# and represents a "staging zone" for all the objects loaded into the
# database session object. Any change made against the objects in the
# session won't be persisted into the database until you call
# session.commit(). If you're not happy about the changes, you can
# revert all of them back to the last commit by calling
# session.rollback()
session = DBSession()
cats = ['Sports', 'Mechanical Tools', 'Books', 'Groceries', 'Electronics']
myUser = User(username='******', email='root@itemCatalog')
myUser.hash_password('rootuser')
session.add(myUser)
session.commit()
for category in cats:
catDescription = "This category takes care of all " \
"the items that are related to " + category
dbCatEntry = Category(
name=category,
description=catDescription,
creator=myUser)
session.add(dbCatEntry)
session.commit()
for i in range(random.randint(10, 20)):
itemName = category + " - Item " + str(i)
def loginUser(provider):
"""Handler for Loggin a user in
Provider could be google or userInput
"""
# STEP 1 - Parse the auth code
requestData = json.loads(request.data)
requestData = requestData['body']
if provider == 'google':
auth_code = requestData['access_token']
print("Step 1 - Complete, received auth code %s" % auth_code)
# STEP 2 - Exchange for a token
try:
# Upgrade the authorization code into a credentials object
oauth_flow = flow_from_clientsecrets('client_secrets.json',
scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(auth_code)
except FlowExchangeError as e:
print(str(e))
response = make_response(
json.dumps('Failed to upgrade the authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Check that the access token is valid.
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?'
'access_token=%s' % access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
print('Authorization code is not valid')
print('Error %s' % result.get('error'))
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
print("Step 2 Complete! Access Token : %s " % credentials.access_token)
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
name = data['name']
picture = data['picture']
email = data['email']
# see if user exists, if it doesn't make a new one
try:
user = session.query(User).filter_by(email=email).first()
if not user:
user = User(username=name, picture=picture, email=email)
session.add(user)
session.commit()
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
# STEP 4 - Make token
token = user.generate_auth_token(6000)
# STEP 5 - Send back token to the client
return jsonify({'token': token.decode('ascii'), 'userId': user.id})
# return jsonify({'token': token.decode('ascii'), 'duration': 6000})
elif provider == 'userInput':
email = requestData['email']
password = requestData['password']
if email is None or password is None:
print("Missing Arguments")
return jsonify('Missing Arguments. '
'Please enter a valid email and password. '
'Password is greater than 6 chars.'), 400
try:
if session.query(User).filter_by(email=email).first() is not None:
print("existing user")
user = session.query(User).filter_by(email=email).first()
if not user.verify_password(password):
print('Invalid Username / Password for %s' % email)
return jsonify('Email Id and Password don\'t match. '
'Please try again.'), 445
else:
messageToSend = 'Login Successful. Enjoy!!'
print('Login successful')
else:
print('Creating a new user : %s' % email)
user = User(email=email, username=email)
user.hash_password(password)
session.add(user)
session.commit()
messageToSend = 'Created a new User. ' \
'Please update your name in Profile Section'
print('User created successfully')
except SQLAlchemyError:
print("Oops!", sys.exc_info()[0], "occured.")
response = make_response(
json.dumps('Error occured while performing DB operations. %s' %
str(sys.exc_info()[0])), 500)
response.headers['Content-Type'] = 'application/json'
return response
token = user.generate_auth_token(600)
return jsonify({
'token': token.decode('ascii'),
'message': messageToSend,
'userId': user.id,
'username': user.username
})
else:
return 'Unrecoginized Provider'