def login(): """ Exchange Google's authorization code for an access token :return: """ # Only accept Google authorization at this time if request.args.get('provider') != 'google': return send_error('Invalid provider', status_code=400) code = request.get_json()['code'] access_token_data = {} if code is None: raise ValidationError('Authorization code is missing.') try: # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets(CLIENT_SECRET_FILE, scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except Exception as e: raise ValidationError('Can\'t use authorization code to exchange for access token') gplus_id = credentials.id_token['sub'] access_token_data['gplus_id'] = gplus_id # Get user info user_info_url = 'https://www.googleapis.com/oauth2/v1/userinfo' params = {'access_token': credentials.access_token, 'alt': 'json'} response = requests.get(user_info_url, params=params) data = json.loads(response.text) oauth = OpenAuthenticationModel.find(data['id'], 'google') if oauth is not None: user = UserModel.find(user_id=oauth.user_id) access_token_data['id'] = user.id access_token_data['type'] = oauth.type else: # Create user and provider_info new_user = UserModel(username=data['email']) db.session.add(new_user) db.session.commit() new_oauth = OpenAuthenticationModel(id=data['id'], user_id=new_user.id, type='google') db.session.add(new_oauth) db.session.commit() access_token_data['id'] = new_user.id access_token_data['type'] = new_oauth.type access_token = jwt.encode(access_token_data, config.JWT_SECRET_KEY, algorithm='HS256') return send_success(access_token.decode('utf-8'))
def get_categories(): """ Get all categories :return: Response contains list of categories """ categories = CategoryModel.get_all_categories() categories_schema = CategorySchema(many=True) result = categories_schema.dump(categories) return send_success(result.data)
def get_item(item_id): """ Get details for an item. Find by its id :param item_id: item id :return: """ item = ItemModel.find(item_id) if item is None: raise ValidationError('Item not found!') item_schema = ItemSchema() result = item_schema.dump(item) return send_success(result.data)
def update_item(item_id, user_info): """ Update an item, find by its id Protected :param item_id: item id :param user_info: decoded access token :return: """ data = request.get_json() # Validate json schema = ItemSchema(dump_only=('slug', 'id')) errors = schema.validate(data) if len(errors) > 0: raise ValidationError('Post data error', errors) # Validate item id item = ItemModel.get_user_item(item_id, user_info.get('id')) if item is None: raise ValidationError('Item not found!') # Validate item name slug = slugify(data['name']) if slug != item.slug: valid = ItemModel.validate_slug(slug) if not valid: raise ValidationError('An item with the same name has already been added. Please try another name.') # Validate category id category = CategoryModel.find(category_id=data['category_id']) if category is None: raise ValidationError('Invalid category Id') item.name = data['name'] item.description = data['description'] item.category_id = data['category_id'] item.slug = slugify(item.name) db.session.add(item) db.session.commit() item_schema = ItemSchema() result = item_schema.dump(item) return send_success(result.data)
def get_items(): """ Get a list of items :return: """ mode = request.args.get('mode') limit = request.args.get('limit') if mode == 'latest': items = ItemModel.get_last_n_items(limit) else: items = ItemModel.get_all_items() items_schema = ItemSchema(many=True, load_only=('user_id', 'description',)) result = items_schema.dump(items) return send_success(result.data)
def delete_item(item_id, user_info): """ Delete an item, find by its id Protected :param item_id: item id :param user_info: decoded access token :return: """ # Validate item id item = ItemModel.get_user_item(item_id, user_info.get('id')) if item is None: raise ValidationError('Item not found!') db.session.delete(item) db.session.commit() return send_success(None)
def get_category(category_slug): """ Get details for a category. Find by its slug :param category_slug: category slug :return: Response details for that categories, including its items """ category = CategoryModel.find(slug=category_slug) if category is None: raise ValidationError('Category not found!') category_schema = CategorySchema(load_only=( 'items.category', 'items.description', 'items.user_id', )) result = category_schema.dump(category) return send_success(result.data)
def create_item(user_info): """ Add an item Protected :param user_info: decoded access token :return: """ data = request.get_json() # Validate json schema = ItemSchema(dump_only=('slug', 'id')) errors = schema.validate(data) if len(errors) > 0: raise ValidationError('Post data error', errors) # Validate item name valid = ItemModel.validate_slug(slugify(data['name'])) if not valid: raise ValidationError('An item with the same name has already been added. Please try another name.') # Validate category id category = CategoryModel.find(category_id=data['category_id']) if category is None: raise ValidationError('Invalid category Id') item = ItemModel(name=data['name'], description=data['description'], category_id=data['category_id'], user_id=user_info['id'], slug=slugify(data['name'])) db.session.add(item) db.session.commit() item_schema = ItemSchema() result = item_schema.dump(item) return send_success(result.data)