def user():
if request.method == 'GET':
query_name = request.args['name']
matching_products = product_model.search_by_name(query_name)
# sort based on price
# matching_products.sort(key=lambda x: x['price'], reverse=False)
# return the first matching product
return render_template('results.html',
query=query_name,
products=matching_products)
# to login and signup
op_type = request.form['op_type']
if op_type == 'login':
username = request.form['username']
password = request.form['password']
success = user_model.authenticate(username, password)
if success:
if username == "admin":
session['is_admin'] = True
return render_template("admin.html", message='welcome admin')
else:
user_details = user_model.search_by_username(username)
# save the user_id in the session for use in future requests
# convert the _id from ObjectId to str
session['user_id'] = str(user_details['_id'])
return render_template('home.html', name=user_details['name'])
else:
return render_template('index.html',
message='Invalid username/password')
elif op_type == 'signup':
name = request.form['name']
username = request.form['username']
password = request.form['password']
success = user_model.signup_user(name, username, password)
if success:
user_details = user_model.search_by_username(username)
# save the user_id in the session for use in future requests
# convert the _id from ObjectId to str
session['user_id'] = str(user_details['_id'])
return render_template('home.html', name=user_details['name'])
else:
return render_template('index.html',
message='username already exists')
else:
# take user back to admin page
return render_template('index.html', message='Something went wrong')
def product():
if request.method == 'GET':
query_name = request.args['name']
matching_products = product_model.search_by_name(query_name)
# sort based on price
# matching_products.sort(key=lambda x: x['price'], reverse=False)
# return the first matching product
return render_template('admin_results.html',
query=query_name,
products=matching_products)
elif request.method == 'POST':
# lets add and update here
op_type = request.form['op_type']
# read data from request and store in a dict
if op_type == 'add': # add the product here
prod = {
'name': request.form['name'],
'desc': request.form['desc'],
'price': int(request.form['price'])
}
# insert to DB
product_model.add_product(prod)
# take user back to admin page
return render_template('admin.html', message='Successfully added')
elif op_type == 'update': # update the product here
p_id = request.form['product_id']
# TODO - update product using _id
updates = {}
if request.form['name'] != '':
updates['name'] = request.form['name']
if request.form['desc'] != '':
updates['desc'] = request.form['desc']
if request.form['price'] != '':
updates['price'] = request.form['price']
updated_product = {'$set': updates}
succs = product_model.update_product(p_id, updated_product)
if succs:
# take user back to admin page
return render_template('admin.html',
message='Successfully updated')
else:
return render_template('admin.html', message='not updated')
def admin():
if request.method == 'POST':
p_id = request.form['product_id']
product_model.delete_products(p_id)
return render_template('admin.html',
message='Product successfully deleted')
elif request.method == 'GET':
# lets search for the product here...
query_name = request.args['name']
matching_products = product_model.search_by_name(query_name)
return render_template('admin_results.html',
query=query_name,
products=matching_products)
def product():
if request.method == 'GET':
query = request.args['name']
matching_products = product_model.search_by_name(query)
return render_template('results.html',
query=query,
product=matching_products)
elif request.method == 'POST':
op_type = request.form['op_type']
name = request.form['name']
price = int(request.form['price'])
desc = request.form['desc']
prod = {'name': name, 'price': price, 'desc': desc, 'cart': []}
if op_type == 'add':
product_model.add_product(prod)
return 'Product ' + name + ' added successfully!'
elif op_type == 'update':
product_id = request.form['product_id']
matching_products = product_model.get_details(product_id)
new_name = request.form['name']
new_desc = request.form['desc']
new_price = request.form['price']
if new_name == '':
new_name = matching_products['name']
if new_desc == '':
new_desc = matching_products['desc']
if new_price == '':
new_price = matching_products['price']
updated_product = {
'name': new_name,
'desc': new_desc,
'price': new_price
}
product_model.update_products(product_id, updated_product)
# take user back to index page
return render_template('admin.html',
message='Product successfully updated')
def product():
# TODO : login check
if request.method == 'GET':
query_name = request.args['name']
matching_products = product_model.search_by_name(query_name)
# sort based on price
# matching_products.sort(key=lambda x: x['price'], reverse=False)
# return the matching products
if session['is_admin']:
return render_template('admin_results.html',
query=query_name,
products=matching_products)
else:
return render_template('results.html',
query=query_name,
products=matching_products)
elif request.method == 'POST':
# lets add and update here
op_type = request.form['op_type']
# read data from request and store in a dict
prod = {
'name': request.form['name'],
'desc': request.form['desc'],
'price': int(request.form['price'])
}
if op_type == 'add': # add the product here
# TODO : admin check
# insert to DB
product_model.add_product(prod)
# take user back to admin page
return render_template('admin.html', message='Successfully added')
elif op_type == 'update': # update the product here
# TODO : admin check
product_id = request.form['product_id']
updated_product = dict()
if request.form['name'] != '':
updated_product['name'] = request.form['name']
if request.form['desc'] != '':
updated_product['desc'] = request.form['desc']
if request.form['price'] != '':
updated_product['price'] = int(request.form['price'])
product_model.update_product(product_id, updated_product)
# take user back to admin page
return render_template('admin.html',
message='Successfully updated')
elif op_type == 'delete':
# TODO : check admin
product_id = request.form['product_id']
product_model.delete_product(product_id)
render_template('admin.html', message='Successfully deleted')