def signup(self, username):
""" Register a new user """
user_exists = self.user_exists()
if user_exists:
response = jsonify(
{"message": "An account with that email already exists"})
response.status_code = 409
return response
else:
hashed_pw = pwd_hash.encrypt(self.password)
conn = open_connection()
cur = conn.cursor()
cur.execute(
"INSERT INTO users (username, email, password) VALUES('{}', '{}', '{}')"
.format(username, self.email, hashed_pw))
cur.execute("select user_id from users where email = '{}' ".format(
self.email))
user_id = cur.fetchone()[0]
token = self.generate_jwt(user_id)
cur.close()
conn.commit()
user_info = self.user_info()
response = jsonify({
"message": "User registered successfully",
"token": token.decode("utf-8"),
"user": user_info
})
response.status_code = 200
return response
def __init__(self, answer_desc):
self.answer_id = str(uuid4())
self.answer_desc = answer_desc
conn = open_connection()
cur = conn.cursor()
cur.execute("insert into answers(answer_desc) values('{}')".format(
answer_desc))
conn.commit()
def questions(identity):
conn = open_connection()
cur = conn.cursor()
''' Get all questions function '''
if request.method == 'GET':
conn = open_connection()
cur = conn.cursor()
cur.execute("select * from questions")
questions = cur.fetchall()
return jsonify({'questions': [question for question in questions]})
else:
question_desc = request.get_json('description')['description']
if not question_desc or question_desc == " ":
response = jsonify({"message": "Question not provided"})
response.status_code = 400
return response
if not request.json:
response = jsonify({"message": "incorrect format"})
response.status_code = 400
return response
cur.execute("select * from questions where question_desc='{}' and user_id={}"
.format(question_desc, identity))
question_exists = cur.fetchall()
if len(question_exists) > 0:
response = jsonify({"message": "That question exists"})
response.status_code = 409
return response
Question(str(question_desc))
cur.execute("select question_id from questions where question_desc = '{}'".format(question_desc))
question_id = cur.fetchone()
cur.execute("update questions set user_id = {} where question_id = {}"
.format(identity, question_id[0]))
cur.execute("select * from questions where question_desc = '{}' and user_id = {}"
.format(question_desc, identity))
question = cur.fetchall()
cur.execute("update users set questions = array_append(questions, '{}')".format(question[0][1]))
cur.close()
close_connection(conn)
return jsonify({'question': question})
def get_question_answers(identity,question_id):
conn = open_connection()
cur = conn.cursor()
cur.execute("select answers from questions where question_id = {}".format(question_id))
answers = cur.fetchone()
response = jsonify({"answers": answers[0]})
response.status_code = 200
return response
def create_tables():
""" Create tables """
conn = open_connection()
cur = conn.cursor()
for query in QUERIES:
cur.execute(query)
close_connection(conn)
def __init__(self, token):
''' Initialize token blacklist '''
self.token = token
conn = open_connection()
cur = conn.cursor()
cur.execute("insert into blacklist (token) values('{}')".format(token))
cur.close()
close_connection(conn)
def __init__(self, question_desc):
self.question_id = str(uuid4())
self.question_desc = question_desc
conn = open_connection()
cur = conn.cursor()
cur.execute("insert into questions(question_desc) values('{}')".format(
question_desc))
cur.close()
conn.commit()
def get_user_questions(identity):
conn = open_connection()
cur = conn.cursor()
cur.execute("select questions from users where user_id = {}".format(identity))
questions = cur.fetchone()
response = jsonify({"questions": questions[0]})
response.status_code = 200
close_connection(conn)
return response
def user_exists(self):
""" Check if a user exists in the db """
conn = open_connection()
cur = conn.cursor()
cur.execute("SELECT * from users WHERE email='{}'".format(self.email))
user = cur.fetchone()
cur.close()
conn.commit()
return user
def drop_tables():
""" Delete tables after tests """
queries = [
'DROP table users CASCADE', 'DROP table questions CASCADE',
'DROP table answers CASCADE', 'DROP table blacklist CASCADE'
]
conn = open_connection()
cur = conn.cursor()
for query in queries:
cur.execute(query)
cur.close()
conn.commit()
def sign_up():
conn = open_connection()
cur = conn.cursor()
email = request.get_json('email')['email']
password = request.get_json('password')['password']
username = request.get_json('username')['username']
cur.execute("select * from users where username = '******'".format(username))
names = cur.fetchall()
if len(names) > 0:
response = jsonify({"message": "Username is taken"})
response.status_code = 409
return response
if not email or email == " ":
response = jsonify({"message": "Email not provided"})
response.status_code = 400
return response
if not re.match(email_format, email):
response = jsonify({"message": "incorrect email format"})
response.status_code = 400
return response
if not password or password == " ":
response = jsonify({"message": "Password not provided"})
response.status_code = 400
return response
if not username or username == " ":
response = jsonify({"message": "Username not provided"})
response.status_code = 400
return response
if not request.json:
response = jsonify({"message": "Incorrect request format"})
response.status_code = 400
return response
user = User(email, password)
register = user.signup(username)
cur.close()
close_connection(conn)
return register
def authorize(*args, **kwargs):
''' Check for the user's authentication token in header '''
if 'Authorization' not in request.headers:
response = jsonify({"message": "Missing Authorization header"})
response.status_code = 401
return response
jwt_token = request.headers['Authorization']
conn = open_connection()
cur = conn.cursor()
cur.execute(
"select token from blacklist where token = '{}'".format(jwt_token))
blacklisted = cur.fetchone()
if blacklisted:
response = jsonify(
{"message": "Account logged out. Please log in to continue"})
response.status_code = 401
cur.close()
close_connection(conn)
return response
try:
identity = jwt.decode(jwt_token, 'secret')['sub']
return func(identity, *args, **kwargs)
except jwt.ExpiredSignatureError:
response = jsonify({
"message":
"Your token has expired. Please log in to continue"
})
response.status_code = 401
return response
except jwt.InvalidTokenError:
response = jsonify({
"message":
"Invalid token. Please log in or sign up to continue"
})
response.status_code = 401
return response
def post_answer(identity, question_id):
'''Post answer function'''
conn = open_connection()
cur = conn.cursor()
cur.execute("select * from questions where question_id = {}".format(question_id))
question = cur.fetchall()
if len(question) == 0:
response = jsonify({"message": "Question not found"})
response.status_code = 404
return response
answer_desc = request.get_json('answer')['answer']
if not answer_desc or answer_desc == " ":
response = jsonify({"message": "Answer not provided"})
response.status_code = 400
return response, response.status_code
if not request.json:
response = jsonify({"message": "Incorrect request format"})
response.status_code = 400
return response
cur.execute("select answer_desc from answers where answer_desc= '{}' and user_id={}"
.format(answer_desc, identity))
answer_exists = cur.fetchall()
print(answer_exists)
if answer_exists:
response = jsonify({"message": " You have already provided that answer"})
response.status_code = 409
return response
Answer(str(answer_desc))
cur.execute("select id from answers where answer_desc = '{}'".format(answer_desc))
answer_id = cur.fetchone()
cur.execute("update answers set user_id = {} where id = '{}'".format(identity, answer_id[0]))
cur.execute("select * from answers where answer_desc = '{}' and user_id={}".format(answer_desc, identity))
answer = cur.fetchone()
cur.execute("update questions set answers = array_append(answers, '{}')".format(answer[1]))
cur.close()
close_connection(conn)
return jsonify({'answer': answer})
def get_question(identity, question_id):
''' Get a question function '''
conn = open_connection()
cur = conn.cursor()
cur.execute("select * from questions where question_id = {}".format(question_id))
question = cur.fetchall()
if len(question) == 0:
response = jsonify({"message": "Question not found"})
response.status_code = 404
return response
if request.method == 'GET':
return jsonify({'question': question[0]})
if question[0][2] != identity:
response = jsonify({"message": "You don't have access rights to delete that question"})
response.status_code = 400
return response
cur.execute("delete from questions where question_id = {} and user_id = {}".format(question_id, identity))
cur.close()
close_connection(conn)
return jsonify({'message': "Deleted successfully"})
