def login(): requestData = request.get_json() try: email = check_email(requestData.get('email')) password = check_password(requestData.get('password')) except Exception as exception: return response_message(exception.args, status_code=400) user = User.query.filter_by(email=email).first() if not user: return response_message( "You are not registered. Please register before logging in", status_code=400) if not user.is_correct_password(password): return response_message("The email or password provided is wrong", status_code=401) auth_token = user.encode_auth_token(user.id) if auth_token: res = { "message": "You are now logged in as {}".format(user.name), "auth_token": auth_token.decode(), "user_id": user.id } return jsonify(res), 200
def logout(): auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) blacklist = Blacklist(auth_token) blacklist.save() return response_message("You have been logged out", status_code=200)
def new_password(token): requestData = request.get_json() try: new_password = check_password(requestData.get('new_password')) except Exception: return response_message("Enter a valid password", status_code=400) user = get_user(token, split_token=False) if not isinstance(user, User): return response_message(user, 401) user.set_password(new_password) user.save() return response_message("Password has been successfully changed", status_code=200)
def delete_business(businessId): auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message("Please login to delete", 401) business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) if user.id != business.user_id: return response_message("You are not authorised to delete this business!", status_code=401) business.delete() return response_message( "Business has been deleted successfully", status_code=200 )
def change_password(): auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) requestData = request.get_json() try: new_password = check_password(requestData.get('new_password')) except Exception: return response_message("Enter a valid password", status_code=400) user.set_password(new_password) user.save() return response_message("Password has been succesfully changed", status_code=200)
def add_review(businessId): requestData = request.get_json() try: feedback = check_review(requestData.get('feedback')) except Exception as exception: return response_message(exception.args, status_code=500) auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message("Please login to review business", 401) business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) review = Review(feedback) review.user_id = user.id review.business_id = business.id review.save() return response_message("Your review has been added", 201)
def register(): requestData = request.get_json() try: name = check_name(requestData.get('name')) email = check_email(requestData.get('email')) password = check_password(requestData.get('password')) except Exception as exception: return response_message(exception.args, status_code=400) #Check if email is already used user = User.query.filter_by(email=email).first() if user: return response_message("email is already in use", status_code=400) user = User(name, email, password) user.save() # return response_message("User %s has been registered successfully" % (name),status_code=201) return response_message("User has been registered successfully", status_code=201)
def register_business(): requestData = request.get_json() try: name = check_business(requestData.get("name")) type = check_business(requestData.get("type")) location = check_business(requestData.get("location")) category = check_business(requestData.get("category")) except Exception as exception: return response_message(exception.args, status_code=200) auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) try: business = Business(name, type, location, category) business.user_id = user.id business.save() return response_message("Business has been registered successfully", 201) except IntegrityError: return response_message("Duplicate business name", 400)
def view_reviews(businessId): business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) business = { "name": business.name, "type": business.type, "category": business.category, "id": business.id, "location": business.location, "reviews": format_reviews(business.reviews) } return jsonify(business)
def reset_password(): requestData = request.get_json() try: email = check_email(requestData.get('email')) except Exception: return response_message("Enter a valid email", status_code=400) user = User.query.filter_by(email=email).first() if user: auth_token = user.encode_auth_token(user.id) if auth_token: link = "http://127.0.0.1:5000/reset-password/{}".format( auth_token.decode()) res = { "message": "Reset your password from the provided token", "link": link } return jsonify(res), 200
def update_business(businessId): requestData = request.get_json() try: name = check_update(requestData.get("name")) type = check_update(requestData.get("type")) location = check_update(requestData.get("location")) category = check_update(requestData.get("category")) except Exception as exception: return response_message(exception.args, status_code=400) auth_token = request.headers.get("Authorization") user = get_user(auth_token) if not isinstance(user, User): return response_message(user, 401) business = Business.query.filter_by(id=businessId).first() if not business: return response_message("The business you requested does not exist", status_code=404) # if business.name == name: # return response_message("The entry/field you are trying to update is a duplicate", status_code=400) if business.user_id is not user.id: return response_message("You are not authorized to edit this business", status_code=401) try: if len(name) > 0: business.name = name if len(type) > 0: business.type = type if len(location) > 0: business.location = location if len(category) > 0: business.category = category business.save() return response_message("Business has been successfully edited", status_code=201) except IntegrityError: return response_message("Another business has a similar business name")