def update_comment(comment_id):
"""
Update a comment
:return: the updated comment
"""
data = request.get_json()
if not data["content"] or not g.user.get('user_id'):
return invalid_json_response(f"missing property")
comment = get_comment_by_id(comment_id)
try:
comment_id = int(comment_id)
except ValueError:
return invalid_json_response("invalid input type")
if comment is None:
return invalid_json_response(
f"comment with ID {comment_id} does not exist")
if comment.user_id != g.user.get('user_id'):
return invalid_json_response("permission denied")
update_comment_in_db(comment, data)
return jsonify({
"id": comment.id,
"content": comment.content,
"user_id": comment.user_id,
"blog_id": comment.blog_id
})
def create_new_user():
"""
Creates a user
:return: the created user
"""
data = request.get_json()
try:
app_user = create_user(data["app_username"],
generate_hash(data["user_password"]))
except KeyError as e:
return invalid_json_response(f"missing property: {e}")
user_in_db = get_user_by_username(data["app_username"])
if user_in_db:
return invalid_json_response(f"User: {data['app_username']} "
f"already exist")
save(app_user)
token = auth.generate_token(app_user.id)
res_token = jsonify({
"jwt-token": token,
"id": app_user.id,
"app_username": app_user.app_username,
"user_password": app_user.user_password
})
return make_response(res_token, 201)
def create_new_comment(blog_id):
"""
Creates a comment
:return: the created comment
"""
data = request.get_json()
try:
comment = create_comment(content=data["content"],
user_id=g.user.get('user_id'),
blog_id=blog_id)
except KeyError as e:
return invalid_json_response(f"missing property: {e}")
try:
blog_id = int(blog_id)
except ValueError:
return invalid_json_response("invalid input type")
blog = get_blog_by_id(blog_id)
if blog is None:
return invalid_json_response(f"blog with ID {blog_id} does not exist")
save(comment)
comment_resource = jsonify({
"id": comment.id,
"content": comment.content,
"user_id": comment.user_id,
"blog_id": comment.blog_id
})
return make_response(comment_resource, 201)
def update_blog(blog_id):
"""
Update a blog
:return: the updated blog
"""
data = request.get_json()
if not data["title"] or not data["content"] or not g.user.get('user_id'):
return invalid_json_response(f"missing property")
blog = get_blog_by_id(blog_id)
try:
blog_id = int(blog_id)
except ValueError:
return invalid_json_response("invalid input type")
if blog is None:
return invalid_json_response(f"blog with ID {blog_id} does not exist")
if blog.user_id != g.user.get('user_id'):
return invalid_json_response("permission denied")
update_blog_in_db(blog, data)
return jsonify({
"id": blog.id,
"title": blog.title,
"content": blog.content,
"user_id": blog.user_id
})
def delete_comment(comment_id):
"""
Delete a comment from our application
:return: 204 No Content
"""
try:
comment_id = int(comment_id)
except ValueError:
return invalid_json_response("invalid input type")
comment = get_comment_by_id(comment_id)
if not comment:
return invalid_json_response("blog not found")
if comment.user_id != g.user.get('user_id'):
return invalid_json_response("permission denied")
if comment:
delete(comment)
return '', 204
def delete_blog(blog_id):
"""
Delete a blog from our application
:return: 204 No Content
"""
try:
blog_id = int(blog_id)
except ValueError:
return invalid_json_response("invalid input type")
blog = get_blog_by_id(blog_id)
if not blog:
return invalid_json_response("blog not found")
if blog.user_id != g.user.get('user_id'):
return invalid_json_response("permission denied")
if blog:
delete(blog)
return '', 204
def get_app_user(user_id):
"""
Returns a user from our application with the given ID
:param user_id: the user's ID to return
:return: a user from our application with the given ID
"""
try:
user_id = int(user_id)
except ValueError:
return invalid_json_response("invalid input type")
app_user = get_user_by_id(user_id)
if app_user is None:
return invalid_json_response(f"user with ID {user_id} does not exist")
return jsonify({
"id": app_user.id,
"app_username": app_user.app_username,
"user_password": app_user.user_password
})
def get_blog(blog_id):
"""
Returns a blog from our application with the given ID
:param blog_id: the blog's ID to return
:return: a blog from our application with the given ID
"""
blog = db.session.query(Blog).filter(Blog.id == blog_id).first()
try:
blog_id = int(blog_id)
except ValueError:
return invalid_json_response("invalid input type")
if blog is None:
return invalid_json_response(f"blog with ID {blog_id} does not exist")
return jsonify({
"id": blog.id,
"title": blog.title,
"content": blog.content,
"user_id": blog.user_id
})
def login_user():
data = request.get_json()
try:
actual_user = create_user(data["app_username"], data["user_password"])
except KeyError as e:
return invalid_json_response(f"missing property: {e}")
user_in_db = get_user_by_username(actual_user.app_username)
if not user_in_db or not check_hash(user_in_db.user_password,
data["user_password"]):
return invalid_json_response(f"invalid username or password")
token = auth.generate_token(user_in_db.id)
res_token = jsonify({
"jwt-token": token,
"id": user_in_db.id,
"app_username": user_in_db.app_username,
"user_password": user_in_db.user_password
})
return make_response(res_token, 200)
def get_me():
"""
Returns the basic data about the actual user
:return: a user from our application
"""
app_user = get_user_by_id(g.user.get('user_id'))
if app_user is None:
return invalid_json_response(
f"user with ID {g.user.get('user_id')} does not exist")
return jsonify({
"id": app_user.id,
"app_username": app_user.app_username,
"user_password": app_user.user_password
})
def add_like(blog_id):
"""
Add a like to a blog
:return: the added like
"""
blog = db.session.query(Blog).filter(Blog.id == blog_id).first()
act_user_id = g.user.get('user_id')
try:
blog_id = int(blog_id)
except ValueError:
return invalid_json_response("invalid input type")
if blog is None:
return invalid_json_response(f"blog with ID {blog_id} does not exist")
like = check_like(act_user_id, blog_id)
if like:
return invalid_json_response(f"you have already liked this blog")
try:
like = create_like(user_id=g.user.get('user_id'), blog_id=blog_id)
except KeyError as e:
return invalid_json_response(f"missing property: {e}")
save(like)
like_resource = jsonify({"user_id": like.user_id, "blog_id": like.blog_id})
return make_response(like_resource, 201)
def generate_token(self, user_id):
"""
Generate Token Method
"""
try:
payload = {
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=1),
'iat': datetime.datetime.utcnow(),
'sub': user_id
}
return jwt.encode(payload,
current_app.config['JWT_SECRET_KEY'],
algorithm='HS256').decode("utf-8")
except Exception as e:
return invalid_json_response(
f" error in generating user token: {e}")
def create_new_blog():
"""
Creates a blog
:return: the created blog
"""
data = request.get_json()
try:
blog = create_blog(title=data["title"],
content=data["content"],
user_id=g.user.get('user_id'))
except KeyError as e:
return invalid_json_response(f"missing property: {e}")
save(blog)
blog_resource = jsonify({
"id": blog.id,
"title": blog.title,
"content": blog.content,
"user_id": blog.user_id,
})
return make_response(blog_resource, 201)
def decorated_auth(*args, **kwargs):
if 'api-token' not in request.headers:
return invalid_json_response('Authentication token is not '
'available, please login to '
'get one')
token = request.headers.get('api-token')
data = auth.decode_token(token)
if data['error']:
return Response(mimetype="application/json",
response=json.dumps(data['error']),
status=400)
user_id = data['data']['user_id']
check_user = get_user_by_id(user_id)
if not check_user:
return Response(mimetype="application/json",
response=json.dumps({
'error':
'user does not exist, invalid token'
}),
status=400)
g.user = {'user_id': user_id}
return func(*args, **kwargs)