def jwt_required(token):
payload = jwt.decode(token, secret_key, algorithm='HS256')
cur, con = connect_database('student')
verify_user = "******"
cur.execute(verify_user, payload['username'])
row = cur.fetchone()
disconnect_database(cur, con)
return row
def update_student(token, data):
jwt = jwt_required(token)
if (jwt):
data = request.get_json()
cur, con = connect_database('student')
insert_stud = "UPDATE students SET branch=%s WHERE rollno=%s"
values = (data['branch'], data['rollno'])
cur.execute(insert_stud, values)
disconnect_database(cur, con)
return {"message": "student branch updated successfully"}, 200
else:
return {"message": "invalid signature"}, 401
def delete_student(token, data):
jwt = jwt_required(token)
if (jwt):
data = request.get_json()
cur, con = connect_database('student')
insert_stud = "DELETE FROM students WHERE rollno=%s"
values = (data['rollno'],)
cur.execute(insert_stud, values)
disconnect_database(cur, con)
return {"message": "student deleted successfully"}, 200
else:
return {"message": "invalid signature"}, 401
def add_student(token, data):
jwt = jwt_required(token)
if (jwt):
data = request.get_json()
cur, con = connect_database('student')
insert_stud = "INSERT INTO students(rollno, name, age, branch) VALUES(%s,%s, %s,%s)"
values = (data['rollno'], data['name'], data['age'], data['branch'])
cur.execute(insert_stud, values)
disconnect_database(cur, con)
return {"message": "student added successfully"}, 201
else:
return {"message": "authentication failed"}, 401
def get_students(token):
jwt = jwt_required(token)
if (jwt):
l = []
cur, con = connect_database('student')
select_student = "SELECT * FROM students"
cur.execute(select_student)
rows = cur.fetchall()
disconnect_database(cur, con)
for row in rows:
l.append({"rollno": row[0], "name": row[1], "age": row[2], "branch": row[3]})
return {"students": l}, 200
else:
return {"message": "authentication failed"}, 401
def register(data):
data = request.get_json()
cur, con = connect_database('student')
insert_user = "******"
# passwords should not be stored as plain text in the database hence bcrypting(hashing) using some random salt
# converting password to byte type since bcrypt accept byte type data
byte_password = data["password"].encode('UTF-8')
hashed_byte_password = bcrypt.hashpw(byte_password, bcrypt.gensalt())
# converting password to hashed string type to store in database
hashed_string_password = hashed_byte_password.decode('UTF-8')
values = (data['username'], hashed_string_password, data['email'],
data['role'])
cur.execute(insert_user, values)
disconnect_database(cur, con)
return {"message": "user added successfully"}, 201
def valid_user(username, password):
cur, con = connect_database('student')
select_valid_user = "******"
cur.execute(select_valid_user, (username, ))
row = cur.fetchone()
disconnect_database(cur, con)
if row:
# if username is matching the authenticate password
byte_password = password.encode('UTF-8')
byte_db_password = row[1].encode('UTF-8')
user = bcrypt.checkpw(byte_password, byte_db_password)
return user
else:
user = False
return user
def get_student(token, data):
jwt = jwt_required(token)
if (jwt):
cur, con = connect_database('student')
insert_stud = "SELECT * FROM students WHERE rollno=%s"
values = (data['rollno'],)
cur.execute(insert_stud,values)
row = cur.fetchone()
disconnect_database(cur, con)
if(row):
return {"rollno":row[0], "name":row[1], "age":row[2], "branch":row[3]},200
else:
return {"message":"rollno doesnt exists"},404
else:
return {"message":"invalid signature"},401