def post(self):
"""Endpoint to save the data to the database"""
data = request.get_json()
name = data.get('name')
description = data.get('description')
category = data.get('category')
location = data.get('location')
user_id = get_jwt_identity()
data = dict(name=name,
description=description,
category=category,
location=location)
if check_missing_field(**data):
return jsonify(check_missing_field(**data)), 422
user = User.query.filter_by(id=user_id).first()
name = remove_more_spaces(name)
description = remove_more_spaces(description)
if not user:
return self.generate_response(messages['valid_login'], 403)
business = Business(name, description, category, location, user_id)
business.save()
return self.generate_response(messages['business_created'], 201)
def get(self):
category = request.args.get('cat', "", type=str)
location = request.args.get('loc', "", type=str)
page = request.args.get('page', 1, type=int)
limit = request.args.get('limit', 20, type=int)
search = request.args.get('q', "", type=str)
data = {'search_parameter': search}
if check_missing_field(**data):
return jsonify(check_missing_field(**data)), 422
business = Business.query.filter(
Business.name.ilike('%' + search + '%')).paginate(
page, limit, False)
if not business.items:
response = {
'message':
f'The search for {search} did ' + 'not match any business'
}
return jsonify(response), 200
if category or location:
return filter_business(business,
category=category,
location=location)
businesses = [biz.serialize() for biz in business.items]
response = {'businesses': businesses}
return jsonify(response), 200
def post(self):
"""Endpoint to login a user"""
data = request.get_json()
email = data.get('email')
password = data.get('password')
user_data = dict(email=email, password=password)
if check_missing_field(**user_data):
return jsonify(check_missing_field(**user_data)), 422
email = normalise_email(email)
user = User.query.filter_by(email=email).first()
if user and user.password_is_valid(password):
return self.generate_token(messages['login'], user)
return self.generate_response(messages['valid_epass'], 401)
def delete(self):
"""Endpoint to delete a user account"""
data = request.get_json()
password = data.get('password')
user_id = get_jwt_identity()
jti = get_raw_jwt()['jti']
user_data = dict(password=password)
if check_missing_field(**user_data):
return jsonify(check_missing_field(**user_data)), 422
user = User.query.filter_by(id=user_id).first()
if not user.password_is_valid(password):
return self.generate_response(messages['valid_pass'], 401)
user.delete()
blacklist = BlacklistToken(token=jti)
blacklist.save()
return self.generate_response(messages['delete'], 200)
def post(self):
"""Endpoint to save the data to the database"""
data = request.get_json()
email = data.get('email')
username = data.get('username')
password = data.get('password')
user_data = dict(email=email, username=username, password=password)
if check_missing_field(**user_data):
return jsonify(check_missing_field(**user_data)), 422
if validate_registration(email, username, password):
return validate_registration(email, username, password)
email = normalise_email(email)
user = User.query.filter_by(email=email).first()
if user:
return self.generate_response(messages['exists'], 409)
user = User(email=email, username=username, password=password)
user.save()
return self.generate_response(messages['account_created'], 201)
def delete(self, business_id):
"""delete a single business"""
data = request.get_json()
password = data.get('password')
user_id = get_jwt_identity()
user_data = dict(password=password)
if check_missing_field(**user_data):
return jsonify(check_missing_field(**user_data)), 422
user = User.query.filter_by(id=user_id).first()
if not user.password_is_valid(password):
return self.generate_response(messages['incorrect'], 401)
business = Business.query.filter_by(id=business_id).first()
if not business:
return self.generate_response(messages['not_found'], 404)
if business.user_id != user_id:
return self.generate_response(messages['forbidden'], 403)
business.delete()
return self.generate_response(messages['business_delete'], 200)
def post(self):
"""Endpoint to reset a user password"""
data = request.get_json()
email = data.get('email')
user_data = dict(email=email)
if check_missing_field(**user_data):
return jsonify(check_missing_field(**user_data)), 422
if check_email(email):
return check_email(email)
email = normalise_email(email)
user = User.query.filter_by(email=email).first()
if not user:
return self.generate_response(messages['valid_email'], 401)
password = random_string()
hash_password = Bcrypt().generate_password_hash(password).decode()
send_reset_password(email, password)
user.update(user, password=hash_password)
return self.generate_response(messages['sent_mail'], 201)
def put(self):
"""Endpoint to change a user password"""
data = request.get_json()
old_password = data.get('old_password')
new_password = data.get('new_password')
user_id = get_jwt_identity()
jti = get_raw_jwt()['jti']
user_data = dict(old_password=old_password, new_password=new_password)
if check_missing_field(**user_data):
return jsonify(check_missing_field(**user_data)), 422
if check_password(new_password):
return check_password(new_password)
user = User.query.filter_by(id=user_id).first()
if user and user.password_is_valid(old_password):
password = Bcrypt().generate_password_hash(new_password).decode()
user.update(user, password=password)
blacklist = BlacklistToken(token=jti)
blacklist.save()
return self.generate_response(messages['password'], 201)
return self.generate_response(messages['valid_pass'], 401)
def post(self, business_id):
"""Endpoint to save the data to the database"""
data = request.get_json()
description = data.get('description')
rating = data.get('rating')
current_user = get_jwt_identity()
data = dict(description=description, rating=rating)
if check_missing_field(**data):
return jsonify(check_missing_field(**data)), 422
description = remove_more_spaces(description)
business = Business.query.filter_by(id=business_id).first()
if business.user_id == current_user:
response = {'message': 'The operation is forbidden for' +
' own business'}
return jsonify(response), 403
review = Review(description, rating, business_id, current_user)
review.save()
response = {'message': 'Review for business with id' +
f' {business_id} created'}
return jsonify(response), 201