def login(self, user):
with self.database.atomic():
if 'email' in user:
db_user = User.get(User.email == user['email'])
else:
db_user = User.get(User.username == user['username'])
if not pbkdf2_sha256.verify(user['password'], db_user.password):
return {}, 403
return {'username': db_user.username, 'email': db_user.email}, 200
def get_user_tables(self, username):
with self.database.atomic():
user = User.get(User.username == username)
arrivals = [{
"money": arrival.amount,
"description": arrival.description,
"date": str(arrival.date),
"id": arrival.id
} for arrival in Arrival.select(
Arrival.amount, Arrival.description, Arrival.date,
Arrival.id).where(Arrival.user == user)]
categories = [{
"description": category.description
} for category in Category.select(
Category.description, Category.id).where(Category.user == user)
]
spendings = [{
"money": spending.amount,
"description": spending.description,
"date": str(spending.date),
"category": spending.category.description,
"id": spending.id
} for spending in Spending.select(
Spending.amount, Spending.description, Spending.date,
Spending.category, Spending.id).where(Spending.user == user)]
return {
'arrivalsList': arrivals,
'category': categories,
'spendingsList': spendings,
'user': user.username
}, 200
def update_spending(self, req, spending_id):
with self.database.atomic():
user = User.get(User.username == req['username'])
spending = Spending.get_by_id(spending_id)
if spending is not None:
if spending.user == user:
spending.amount = req['amount']
spending.description = req['description']
spending.date = req['date']
spending.category = Category.get(
Category.user == user
and Category.description == req['category'])
spending.save()
else:
return {}, 403
else:
return {}, 404
return {
'id': spending.get_id(),
'amount': spending.amount,
'description': spending.description,
'date': spending.date,
'category': spending.category.description
}, 200
def add_category(self, req):
with self.database.atomic():
user = User.get(User.username == req['username'])
description = req['description']
category = Category(description=description, user=user)
category.save()
return {'id': category.get_id()}, 201
def create_user(self, user):
with self.database.atomic():
if user is None or 'email' not in user or 'username' not in user \
or 'password' not in user:
raise ValueError('Some fields are missing')
if not Validator.validate_password(user['password']) \
or not Validator.validate_email(user['email']) \
or not Validator.validate_username(user['username']):
raise ValueError('Some fields are incorrect')
user['password'] = generate_password_hash(user['password'])
new_user = User(**user)
new_user.save()
return {
"username": new_user.username,
"email": new_user.email
}, 201
def delete_arrival(self, req, arrival_id):
with self.database.atomic():
user = User.get(User.username == req['username'])
arrival = Arrival.get_by_id(arrival_id)
if arrival is not None:
if arrival.user == user:
arrival.delete_instance()
else:
return {}, 403
else:
return {}, 404
return {}, 200
def delete_spending(self, req, spending_id):
with self.database.atomic():
user = User.get(User.username == req['username'])
spending = Spending.get_by_id(spending_id)
if spending is not None:
if spending.user == user:
spending.delete_instance()
else:
return {}, 403
else:
return {}, 404
return {}, 200
def google_callback():
flow = client.flow_from_clientsecrets('client_secrets.json',
scope='email',
redirect_uri=url_for(
'google_callback',
_external=True))
if 'code' not in request.args:
state = hashlib.sha256(os.urandom(1024)).hexdigest()
session['state'] = state
auth_uri = flow.step1_get_authorize_url(state=state)
return redirect(auth_uri)
else:
request_state = request.args.get('state')
if request_state != session['state']:
response = make_response(json.dumps('Invalid state parameter.'),
401)
response.headers['Content-Type'] = 'application/json'
return response
auth_code = request.args.get('code')
credentials = flow.step2_exchange(auth_code)
session.permanent = True
try:
idinfo = client.verify_id_token(
credentials.token_response['id_token'], CLIENT_ID)
if idinfo['iss'] not in [
'accounts.google.com', 'https://accounts.google.com'
]:
flash('An error occurred trying to connect to google servers,'
' Try again later.')
return redirect(url_for('login'))
except crypt.AppIdentityError:
flash('An error occurred trying to connect to google servers,'
' Try again later.')
flash(credentials.to_json())
return redirect(url_for('login'))
if not user_exists(credentials.id_token['sub']):
newUser = User(id=credentials.id_token['sub'],
email=credentials.id_token['email'])
db.session.add(newUser)
db.session.commit()
flash('You are now registered in our website!')
else:
flash('You are now logged in!')
session['credentials'] = credentials.to_json()
session['g_userID'] = credentials.id_token['sub']
session['g_email'] = credentials.id_token['email']
session['g_accessToken'] = credentials.token_response['access_token']
return redirect(url_for('view_categories'))
def add_arrival(self, req):
with self.database.atomic():
db_user = User.get(User.username == req['username'])
amount = req['amount']
description = req['description']
date = req['date']
new_arrival = Arrival(amount=amount,
description=description,
date=date,
user=db_user)
new_arrival.save()
return {'id': new_arrival.get_id()}, 201
def add_spending(self, req):
with self.database.atomic():
user = User.get(User.username == req['username'])
amount = req['amount']
description = req['description']
date = req['date']
category_descr = req['category']
category = Category.get(Category.user == user
and Category.description == category_descr)
spending = Spending(amount=amount,
description=description,
date=date,
category=category,
user=user)
spending.save()
return {'id': spending.get_id()}, 201
def update_arrival(self, req, arrival_id):
with self.database.atomic():
arrival = Arrival.get_by_id(arrival_id)
if arrival is not None:
user = User.get(User.username == req['username'])
if arrival.user == user:
arrival.amount = req['amount']
arrival.description = req['description']
arrival.date = req['date']
arrival.save()
else:
return {}, 403
else:
return {}, 404
return {
'id': arrival.get_id(),
'amount': arrival.amount,
'description': arrival.description,
'date': arrival.date
}, 200
def get_chart_info(self, req):
with self.database.atomic():
user = User.get(User.username == req['username'])
start_date = req['start_date']
finish_date = req['finish_date']
categories = [
category.description for category in Category.select(
Category.description, Category.id).where(
Category.user == user)
]
spendings = [{
"money": spending.amount,
"category": spending.category.description
} for spending in Spending.select(
Spending.amount,
Spending.category,
).where(Spending.user == user
and start_date >= Spending.date >= finish_date)]
total = 0
for spending in spendings:
total += spending["money"]
chart_info = []
for curr_category in categories:
curr_category_amount = 0
for spending in spendings:
if spending["category"] == curr_category:
curr_category_amount += spending["money"]
chart_info.append({
"category": curr_category,
"money": curr_category_amount / total
})
return {'info': chart_info}, 200
def user():
if request.method == "POST":
content = request.json
if "email" not in content:
abort(400, "missing key email")
user = User(email=content["email"])
db.session.add(user)
db.session.commit()
if request.method == "DELETE":
content = request.json
if "email" not in content:
abort(400, "missing key email")
user = User.query.filter_by(email=content["email"]).all()
if len(user) != 1:
abort(404, "user does not exist")
user = user[0]
db.session.delete(user)
db.session.commit()
users = [{
"id": record.id,
"email": record.email,
"time_created": str(record.time_created),
"time_updated": str(record.time_updated),
} for record in User.query.all()]
return APIResponse(response={"users": users}).serialize()
import sys
from pathlib import Path
# add parent folder
sys.path.append(str(Path(__file__).parent.parent.absolute()))
from app import db, app # noqa: E402
from database_models import User # noqa: E402
email = input("Enter email: ")
user = User(email=email)
with app.app_context():
db.session.add(user)
db.session.commit()