def logout(): auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) blacklist = Blacklist(auth_token) blacklist.save() return response_message("You have been logged out", status_code=200)
def new_password(token): requestData = request.get_json() try: new_password = check_password(requestData.get('new_password')) except Exception: return response_message("Enter a valid password", status_code=400) user = get_user(token, split_token=False) if not isinstance(user, User): return response_message(user, 401) user.set_password(new_password) user.save() return response_message("Password has been successfully changed", status_code=200)
def delete_business(businessId): auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message("Please login to delete", 401) business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) if user.id != business.user_id: return response_message("You are not authorised to delete this business!", status_code=401) business.delete() return response_message( "Business has been deleted successfully", status_code=200 )
def change_password(): auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) requestData = request.get_json() try: new_password = check_password(requestData.get('new_password')) except Exception: return response_message("Enter a valid password", status_code=400) user.set_password(new_password) user.save() return response_message("Password has been succesfully changed", status_code=200)
def update_business(businessId): requestData = request.get_json() try: name = check_update(requestData.get("name")) type = check_update(requestData.get("type")) location = check_update(requestData.get("location")) category = check_update(requestData.get("category")) except Exception as exception: return response_message(exception.args, status_code=400) auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) # if business.name == name: # return response_message("The entry/field you are trying to update is a duplicate", status_code=400) if business.user_id is not user.id: return response_message("You are not authorized to edit this business", status_code=401) try: if len(name) > 0: business.name = name if len(type) > 0: business.type = type if len(location) > 0: business.location = location if len(category) > 0: business.category = category business.save() return response_message("Business has been successfully edited", status_code=201) except IntegrityError: return response_message("Another business has a similar business name")
def add_review(businessId): requestData = request.get_json() try: feedback = check_review(requestData.get('feedback')) except Exception as exception: return response_message(exception.args, status_code=500) auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message("Please login to review business", 401) business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) review = Review(feedback) review.user_id = user.id review.business_id = business.id review.save() return response_message("Your review has been added", 201)
def register_business(): requestData = request.get_json() try: name = check_business(requestData.get("name")) type = check_business(requestData.get("type")) location = check_business(requestData.get("location")) category = check_business(requestData.get("category")) except Exception as exception: return response_message(exception.args, status_code=200) auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) try: business = Business(name, type, location, category) business.user_id = user.id business.save() return response_message("Business has been registered successfully", 201) except IntegrityError: return response_message("Duplicate business name", 400)