def user_login():
data = json.loads(request.data.decode('utf-8'))
user = data.get("user")
password = data.get("password")
if user is None:
return make_response("user not exists", 401)
cursor = db.cursor()
cursor.execute(f"SELECT * FROM `User` WHERE username = '******';")
rec = cursor.fetchone()
cursor.close()
if rec is None:
response = make_response("user not exists", 401)
elif rec[2] != password:
response = make_response("password wrong", 401)
else:
token = str(uuid.uuid4())
redis = get_redis()
redis.set('[JoinMe]' + token + ':user', user, ex=3600 * 24)
redis.set('[JoinMe]' + token + ':last_login',
datetime.now().strftime("%Y%m%d%H%M%S"),
ex=3600 * 24)
response = make_response(
jsonify({
'token': token,
'nickname': rec[1],
'rate': int(float(rec[3]) / rec[4] + 0.5)
}), 200)
cursor.close()
return response
def get_ongoing_order():
data = json.loads(request.data.decode("utf-8"))
user = data.get("user")
cursor = db.cursor()
try:
sql = f"SELECT Task.id, Task.num_connect, Task.initiator, Task.from, Task.to, Task.starttime, Task.location FROM `User` INNER JOIN (`Relation`, `Task`) ON (User.username=Relation.username AND Relation.task_id=Task.id) WHERE User.username='******' AND Task.starttime > NOW() ORDER BY Task.starttime;"
cursor.execute(sql)
rec = cursor.fetchall()
tasks = []
for each in rec:
task = dict()
task["task_id"] = each[0]
task["num_connect"] = each[1]
task["initiator"] = each[2]
task["from"] = each[3]
task["to"] = each[4]
task["starttime"] = each[5].strftime("%Y/%m/%d %H:%M")
task["location"] = each[6]
tasks.append(task)
response = make_response(json.dumps(tasks), 200)
except Exception as e:
response = make_response("Internal Error", 500)
print(e)
cursor.close()
return response
def get_joinable_order():
data = json.loads(request.data.decode('utf-8'))
user = data.get('user')
cursor = db.cursor()
try:
sql = f"SELECT * FROM Task WHERE Task.starttime > NOW() AND Task.num_connect < 4 AND Task.id NOT IN (SELECT Task.id FROM User INNER JOIN (Relation, Task) WHERE User.username=Relation.username AND Relation.task_id=Task.id AND User.username='******');"
cursor.execute(sql)
rec = cursor.fetchall()
tasks = []
for each in rec:
task = dict()
task["task_id"] = each[0]
task["initiator"] = each[1]
task["num_connect"] = each[2]
task["from"] = each[3]
task["to"] = each[4]
task["starttime"] = each[5].strftime("%Y/%m/%d %H:%M")
task["location"] = each[6]
tasks.append(task)
response = make_response(json.dumps(tasks), 200)
except Exception as e:
response = make_response("Internal Error", 500)
print(e)
cursor.close()
return response
def user_login():
data = request.form.to_dict()
user = data.get("user")
password = data.get("password")
if user is None:
return make_response("user not exists", 401)
cursor = db.cursor()
cursor.execute(
f"SELECT User.password FROM `User` WHERE username = '******';")
rec = cursor.fetchone()
cursor.close()
if rec is None:
response = make_response("user not exists", 401)
elif rec[0] != password:
response = make_response("password wrong", 401)
else:
token = str(uuid.uuid4())
redis = get_redis()
redis.set('[Recycle]' + token + ':user', user, ex=3600 * 24)
redis.set('[Recycle]' + token + ':last_login',
datetime.now().strftime("%Y%m%d%H%M%S"),
ex=3600 * 24)
response = make_response(jsonify({'token': token}), 200)
cursor.close()
return response
def start_order():
data = request.form.to_dict()
user = data.get("user")
name = data.get("name")
description = data.get("description")
contact = data.get("contact")
price = data.get("price")
img_file = data.get("imgFile")
if name is None or description is None or contact is None or price is None or price is None or img_file is None:
return make_response("Information not complete", 403)
selltime = datetime.now().strftime("%Y%m%d%H%M%S")
cursor = db.cursor()
try:
sql = f"INSERT INTO Item(name, description, contact, price, seller, selldate) VALUES ('{name}', '{description}', '{contact}', '{price}', '{user}', {selltime});"
cursor.execute(sql)
cursor.execute(f"SELECT LAST_INSERT_ID();")
item_id = cursor.fetchone()[0]
sql = f"INSERT INTO `Relation`(`username`, `item_id`) VALUES ('{user}', {item_id});"
cursor.execute(sql)
img_path = save_image(img_file, item_id)
sql = f"UPDATE Item SET img_path='{img_path}' WHERE id={item_id};"
cursor.execute(sql)
db.commit()
response = make_response("success", 200)
except Exception as e:
db.rollback()
response = make_response("Internal Error", 500)
print(e)
cursor.close()
return response
def quit_order():
data = json.loads(request.data.decode('utf-8'))
user = data.get('user')
task_id = data.get('task_id')
cursor = db.cursor()
try:
sql = f"DELETE FROM Relation WHERE Relation.username='******' AND Relation.task_id='{task_id}';"
cursor.execute(sql)
sql = f"UPDATE Task SET num_connect=num_connect-1 WHERE Task.id='{task_id}';"
cursor.execute(sql)
db.commit()
response = make_response("success", 200)
except Exception as e:
db.rollback()
response = make_response("Internal Error", 500)
print(e)
return response
def get_order():
cursor = db.cursor()
sql = f"SELECT id, name, description, img_path FROM Item ORDER BY Item.selldate DESC;"
cursor.execute(sql)
rec = cursor.fetchall()
orders = []
for each in rec:
order = dict()
order["id"] = each[0]
order["name"] = each[1]
order["description"] = each[2]
order["suffix"] = get_suffix(each[3])
order["img"] = get_image(each[3])
orders.append(order)
response = make_response(json.dumps(orders), 200)
cursor.close()
return response
def join_order():
data = json.loads(request.data.decode('utf-8'))
user = data.get('user')
task_id = data.get('task_id')
cursor = db.cursor()
try:
sql = f"INSERT INTO Relation(username, task_id, status) VALUES ('{user}', {task_id}, 1);"
cursor.execute(sql)
sql = f"UPDATE Task SET num_connect=num_connect+1 WHERE id={task_id};"
cursor.execute(sql)
db.commit()
response = make_response("success", 200)
except Exception as e:
db.rollback()
response = make_response("Internal Error", 500)
print(e)
cursor.close()
return response
def user_signup():
data = json.loads(request.data.decode('utf-8'))
user = data.get("user")
password = data.get("password")
cursor = db.cursor()
cursor.execute(f"SELECT * FROM `User` WHERE username = '******';")
rec = cursor.fetchone()
if rec:
response = make_response("username exists", 401)
else:
try:
cursor.execute(
f"INSERT INTO `User`(`username`, `nickname`, `password`) VALUES ('{user}', '{user}', '{password}');"
)
db.commit()
response = make_response("success", 200)
except Exception:
db.rollback()
response = make_response("Internal Error", 500)
cursor.close()
return response
def get_self_order():
data = json.loads(request.data.decode("utf-8"))
user = data.get("user")
cursor = db.cursor()
try:
sql = f"SELECT * FROM `User` INNER JOIN (`Relation`, `Task`) ON (User.username=Relation.username AND Relation.task_id=Task.id) WHERE User.username='******' ORDER BY Task.starttime DESC;"
cursor.execute(sql)
rec = cursor.fetchall()
tasks = []
for each in rec:
task = dict()
task["initiator"] = each[9]
task["from"] = each[11]
task["to"] = each[12]
task["starttime"] = each[13].strftime("%Y/%m/%d %H:%M")
task["location"] = each[14]
tasks.append(task)
response = make_response(json.dumps(tasks), 200)
except Exception as e:
response = make_response("Internal Error", 500)
print(e)
cursor.close()
return response
def start_order():
data = json.loads(request.data.decode('utf-8'))
user = data.get("user")
place_from = data.get("from")
place_to = data.get("to")
start_dt = datetime.strptime(data.get("datetime"), "%Y-%m-%d %H:%M")
start_dt = start_dt.strftime("%Y%m%d%H%M%S")
location = data.get("location")
cursor = db.cursor()
try:
sql = f"INSERT INTO `Task`(`initiator`, `num_connect`, `from`, `to`, `starttime`, `location`) VALUES ('{user}', 1, '{place_from}', '{place_to}', {start_dt}, '{location}');"
cursor.execute(sql)
cursor.execute(f"SELECT LAST_INSERT_ID();")
task_id = cursor.fetchone()[0]
sql = f"INSERT INTO `Relation`(`username`, `task_id`, `status`) VALUES ('{user}', {task_id}, 0);"
cursor.execute(sql)
db.commit()
response = make_response("success", 200)
except Exception:
db.rollback()
response = make_response("Internal Error", 500)
cursor.close()
return response
def user_signup():
data = request.form.to_dict()
user = data.get("user")
password = data.get("password")
if user is None:
return make_response("username can't be empty", 401)
cursor = db.cursor()
cursor.execute(f"SELECT * FROM `User` WHERE username = '******';")
rec = cursor.fetchone()
if rec:
response = make_response("username exists", 401)
else:
try:
cursor.execute(
f"INSERT INTO `User`(`username`, `password`) VALUES ('{user}', '{password}');"
)
db.commit()
response = make_response("success", 200)
except Exception:
db.rollback()
response = make_response("Internal Error", 500)
cursor.close()
return response
def get_specific_order():
data = request.form.to_dict()
order_id = int(data["order_id"])
cursor = db.cursor()
try:
sql = f"SELECT name, seller, selldate, description, contact, price, img_path FROM Item WHERE Item.id={order_id}"
cursor.execute(sql)
rec = cursor.fetchone()
order = dict()
order["name"] = rec[0]
order["seller"] = rec[1]
order["selldate"] = rec[2].strftime("%Y-%m-%d")
order["description"] = rec[3]
order["contact"] = rec[4]
order["price"] = rec[5]
order["suffix"] = get_suffix(rec[6])
order["img"] = get_image(rec[6])
response = make_response(json.dumps(order), 200)
except Exception as e:
response = make_response("Internal Error", 500)
print(e)
cursor.close()
return response