def test():
username = '******'
sql = "SELECT * FROM users"
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
cursor.close()
conn.close()
return data
def listUsers():
sql = 'SELECT userid, username,email,about FROM users'
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
cursor.close()
conn.close()
return data
except:
return "An error has occurred, please check the backend"
def listItems():
sql = "SELECT * FROM products"
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
cursor.close()
conn.close()
return data
except:
return "An error has occurred, please check the backend"
def listAdmins():
sql = 'SELECT adminid, username FROM admin'
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
cursor.close()
conn.close()
return data
except:
return "An error has occurred, please check the backend"
def getRelated(category):
sql = "SELECT * FROM products WHERE category = '{}'".format(category)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
cursor.close()
conn.close()
return data
except:
return False
def getColors(productid):
sql = "SELECT color FROM variations WHERE productid = {}".format(productid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
cursor.close()
conn.close()
return data
except:
return False
def log_event(message, event, level):
# Levels: error, warning, info
# Message: user created log message
# Event: system generated log
# Origin: api
conn.connect('Logs').insert({
"CreatedOn": datetime.utcnow(),
"Level": level,
"Message": message,
"Event": event,
"Origin": "api"
})
def getAdmin(adminid):
sql = "SELECT username FROM admin WHERE adminid = '{}'".format(adminid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()[0]
cursor.close()
conn.close()
return data
except:
return False
def deleteAdmin(adminid):
sql = "DELETE FROM admin WHERE adminid = '{}'".format(adminid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.rowcount
cursor.close()
conn.close()
return data
except:
return False
def deleteUser(userid):
sql = "DELETE FROM users WHERE userid = '{}'".format(userid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.rowcount
cursor.close()
conn.close()
return data
except:
return False
def getUser(userid):
sql = "SELECT username,email,about FROM users WHERE userid = '{}'".format(
userid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()[0]
cursor.close()
conn.close()
return data
except:
return False
def getProduct(productid):
print(productid)
sql = "SELECT * FROM products WHERE productid = '{}'".format(productid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()[0]
cursor.close()
conn.close()
return data
except:
return False
def log_ui_event():
# Levels: error, warning, info
# Message: user created log message
# Event: system generated log
# Origin: web, mobile
event = request.get_json()
conn.connect('Logs').insert({
"CreatedOn": datetime.utcnow(),
"Level": event['level'],
"Message": event['message'],
"Event": event['event'],
"Origin": event['origin']
})
return jsonify(code=200)
def updateProduct(info):
sql = "UPDATE products SET name = '{1}', price = {2}, description = '{3}', category = '{4}' where productid = {0}".format(
info[0], info[1], info[2], info[3], info[4])
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.rowcount
cursor.close()
conn.close()
return data
except:
return False
def loginUser(username, password):
sql = "SELECT * FROM users WHERE username = '******'".format(username)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()[0]
cursor.close()
conn.close()
if username == data[1] and check_password_hash(data[2], password):
return [True, data[0]]
else:
return [False, 0]
except:
return [False, 0]
def updateAdmin(info):
sql = "UPDATE admin SET username='******' where adminid='{0}'".format(
info[0], info[1])
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.rowcount
cursor.close()
conn.close()
print(data)
return data
except:
return False
def updateUser(info):
sql = "UPDATE users SET username='******', email='{2}', about='{3}' where userid='{0}'".format(
info[0], info[1], info[2], info[3])
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.rowcount
cursor.close()
conn.close()
print(data)
return data
except:
return False
def registerUser(username, password, email):
hash = generate_password_hash(password)
sql = "INSERT INTO users (username,hash,email) VALUES ('{0}','{1}','{2}')".format(
username, hash, email)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.lastrowid
cursor.close()
conn.close()
return [True, data]
except:
return [False, 0]
def getProfile(userid):
sql = "SELECT username, email, about FROM users WHERE userid = '{}'".format(
userid)
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
data = cursor.fetchall()
for row in data:
username = row[0]
email = row[1]
about = row[2]
cursor.close()
conn.close()
print(username, email, about)
return username, email, about
def editProfile(username, about, userid):
print(username, about, userid)
query = ''' UPDATE users SET username = %s, about =%s WHERE userid =%s '''
data = (username, about, userid)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(query, data)
conn.commit()
data = cursor.lastrowid
cursor.close()
conn.close()
return [True, data]
except:
return [False, 0]
def addProduct(info):
sql = "INSERT INTO products (name,price,description,category) VALUES ('{0}',{1},'{2}','{3}')".format(
info[0], info[1], info[2], info[3])
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.rowcount
cursor.close()
conn.close()
print(data)
return data
except:
return False
def registerAdmin(username, password):
hash = generate_password_hash(password)
sql = "INSERT INTO admin (username,hash) VALUES ('{0}','{1}')".format(
username, hash)
try:
conn.connect()
cursor = conn.cursor()
cursor.execute(sql)
conn.commit()
data = cursor.lastrowid
cursor.close()
conn.close()
print(data)
return [True, data]
except:
return [False, 0]
def create_new_post():
try:
acct_id, client_utc, client_utc_offset = get_authorized_headers()
except Exception:
return jsonify(
error_message=
"Unauthorized request. Please ensure you are logged in."), 401
try:
new_post = request.get_json()
author_first_name = "Anthony"
author_last_name = "White"
date_time_utc = new_post["CreatedOn"]["DatetimeUTC"]
offset = new_post["CreatedOn"]["TimeOffset"]
post_id = conn.connect('Posts').insert({
"Title": new_post["Title"],
"Body": new_post["Body"],
"Author": {
"FirstName": author_first_name,
"LastName": author_last_name
},
"CreatedOn": {
"DatetimeUTC":
datetime.strptime(date_time_utc, '%Y-%m-%dT%H:%M:%S.%fZ'),
"TimeOffset":
offset
},
"Tags": new_post["Tags"]
})
return jsonify(post_id=str(post_id)), 200
except Exception:
return jsonify(
error_message=
"Sorry, error occurred. Please trying logging in again."), 500
def login():
try:
credentials = request.get_json()
user = conn.connect("Users").find_one({
"$or": [{
"Email": credentials["Email"]
}, {
"Username": credentials["Email"]
}]
})
if not user:
return jsonify(
error_message="Username or password is incorrect."), 401
elif user:
check_password = check_password_hash(user["Password"],
credentials["Password"])
if not check_password:
return jsonify(
error_message="Username or password is incorrect."), 401
token = generate_jwt(user["_id"])
return jsonify(success_message="Successful login!",
token=token,
acct=str(user["_id"])), 200
except Exception:
return jsonify(
error_message=
"Sorry, error occurred. Please trying logging in again."), 500
def get_posts():
queried_results = dumps(
conn.connect('Posts').find().sort("CreatedOn.DatetimeUTC", DESCENDING))
return Response(queried_results, content_type="application/json")
def get_single_post(post_id):
queried_results = dumps(
conn.connect('Posts').find({"_id": ObjectId(str(post_id))}))
return Response(queried_results,
content_type="application/json",
status=200)
