class Comment(db.Model): id = db.Column(db.Integer, primary_key=True) author = db.Column(db.String(30)) email = db.Column(db.String(254)) site = db.Column(db.String(255)) body = db.Column(db.Text) reviewed = db.Column(db.Boolean, default=False) timestamp = db.Column(db.DateTime, default=datetime.utcnow, index=True) post_id = db.Column(db.Integer, db.ForeignKey('post.id')) post = db.relationship('Post', back_populates='comments')
class Post(db.Model): id = db.Column(db.Integer, primary_key=True) title = db.Column(db.String(60), unique=True) body = db.Column(db.Text) timestamp = db.Column(db.DateTime, default=datetime.utcnow, index=True) category_id = db.Column(db.Integer, db.ForeignKey('category.id')) category = db.relationship('Category', back_populates='posts') comments = db.relationship('Comment', back_populates='post', cascade='all, delete-orphan') post_author = db.Column(db.String(60))
class Category(db.Model): id = db.Column(db.Integer, primary_key=True) name = db.Column(db.String(30), unique=True) project_emails = db.Column(db.String(256)) posts = db.relationship('Post', back_populates='category') def delete(self): default_category = Category.query.get(1) posts = self.posts[:] for post in posts: post.category = default_category db.session.delete(self) db.session.commit()
class Subscription(ResourceMixin, db.Model): __tablename__ = 'subscriptions' id = db.Column(db.Integer, primary_key=True) user_id = db.Column(db.Integer, db.ForeignKey('users.id', onupdate='CASCADE', ondelete='CASCADE'), index=True, nullable=False) plan = db.Column(db.String(128))
class Admin(db.Model, UserMixin): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(20), unique=True) password_hash = db.Column(db.String(128)) category_id = db.Column(db.Integer, db.ForeignKey('category.id')) category = db.relationship('Category', back_populates='users') def set_password(self, password): self.password_hash = generate_password_hash(password) def validate_password(self, password): return check_password_hash(self.password_hash, password) def can(self, role): return True if self.role >= role else False def generate_reset_token(self, expiration=3600): s = Serializer(current_app.config['SECRET_KEY'], expiration) return s.dumps({'reset': self.id})
class User(UserMixin, ResourceMixin, db.Model): __tablename__ = 'users' id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(64), index=True) email = db.Column(db.String(120), index=True, unique=True) password_hash = db.Column(db.String(128)) confirmed = db.Column(db.Boolean, default=False) role_id = db.Column(db.Integer, db.ForeignKey('roles.id')) name = db.Column(db.String(64)) location = db.Column(db.String(64)) about_me = db.Column(db.Text()) member_since = db.Column(db.DateTime(), default=datetime.utcnow) last_seen = db.Column(db.DateTime(), default=datetime.utcnow) posts = db.relationship('Post', backref='author', lazy='dynamic') # billing fields payment_id = db.Column(db.String(128), index=True) cancelled_subscription_on = db.Column(db.DateTime()) subscription = db.relationship('Subscription', backref='users', passive_deletes=True) invoices = db.relationship('Invoice', backref='users', passive_deletes=True) def __init__(self, **kwargs): """Assign default role upon registration. FLASK ADMIN Role assigned to ADMIN Emails """ super().__init__(**kwargs) if self.role is None: if self.email == current_app.config['DEMO_ADMIN']: self.role = Role.query.filter_by(name='Administrator').first() if self.role is None: self.role = Role.query.filter_by(default=True).first() @property def password(self): raise AttributeError('password is not a readable attribute') @password.setter def password(self, password): self.password_hash = generate_password_hash(password) def verify_password(self, password): return check_password_hash(self.password_hash, password) def generate_confirmation_token(self, expiration=360): s = Serializer(current_app.config['SECRET_KEY'], expiration) return s.dumps({'confirm': self.id}).decode('utf-8') def confirm(self, token): # note this doesn't commit the change, which is called in the views s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token.encode('utf-8')) except: return False if data.get('confirm') != self.id: return False self.confirmed = True db.session.add(self) return True def generate_reset_token(self, expiration=360): s = Serializer(current_app.config['SECRET_KEY'], expiration) return s.dumps({'reset': self.id}).decode('utf-8') @staticmethod def reset_password(token, new_password): s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token.encode('utf-8')) except: return False user = User.query.get(data.get('reset')) if user is None: return False user.password = new_password db.session.add(user) return True def generate_email_change_token(self, new_email, expiration=3600): s = Serializer(current_app.config['SECRET_KEY'], expiration) return s.dumps({ 'change_email': self.id, 'new_email': new_email }).decode('utf-8') def change_email(self, token): s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token.encode('utf-8')) except: return False if data.get('change_email') != self.id: return False new_email = data.get('new_email') if new_email is None: return False if self.query.filter_by(email=new_email).first() is not None: return False self.email = new_email db.session.add(self) return True def can(self, perm): return self.role is not None and self.role.has_permission(perm) def is_administrator(self): return self.can(Permission.ADMIN) def ping(self): self.last_seen = datetime.utcnow() db.session.add(self) db.session.commit() def generate_auth_token(self, expiration): """Generate token - for API route token based authentication """ s = Serializer(current_app.config['SECRET_KEY'], expiration) return s.dumps({'id': self.id}).decode('utf-8') @staticmethod def verify_auth_token(token): """Verify token - for API route token based authentication """ s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token) except: return None return User.query.get(data['id']) @staticmethod def parse_event_checkout_completed(parsed_info): """Parse checkout completed event and link customer to user """ user = User.query.get(parsed_info['user_id']) if not user: return None user.payment_id = parsed_info['stripe_customer_id'] user.cancelled_subscription_on = None user.save() def to_json(self): json_user = { 'url': url_for('api.get_user', id=self.id), 'username': self.username, 'member_since': self.member_since, 'last_seen': self.last_seen, 'posts_url': url_for('api.get_user_posts', id=self.id), 'post_count': self.posts.count(), } return json_user def __repr__(self): return '<User {}>'.format(self.username)
class User(db.Model): __tablename__ = 'users' id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(64), index=True) email = db.Column(db.String(120), index=True, unique=True) password_hash = db.Column(db.String(128)) posts = db.relationship('Post', backref='author', lazy='dynamic') votes = db.relationship('Vote', backref='author', lazy='dynamic') def __repr__(self): return '<User {}>'.format(self.username) @property def password(self): raise AttributeError('password is not a readable attribute') @password.setter def password(self, password): self.password_hash = generate_password_hash(password) def verify_password(self, password): return check_password_hash(self.password_hash, password) def to_dict(self): return { 'id': self.id, 'username': self.username, 'email': self.email, } def from_dict(self, data, new_user=False): for field in ['username', 'email']: if field in data: setattr(self, field, data[field]) if new_user and 'password' in data: self.password = data['password'] def encode_auth_token(self, user_id): try: payload = { 'exp': dt.datetime.utcnow() + dt.timedelta(days=0, seconds=60 * 60 * 6), 'iat': dt.datetime.utcnow(), 'user_id': user_id } return jwt.encode(payload, current_app.config['SECRET_KEY'], algorithm='HS256') except Exception as e: return e @staticmethod def decode_auth_token(request): auth_header = request.headers.get('Authorization') if auth_header: auth_token = auth_header.split(" ")[1] else: auth_token = '' try: payload = jwt.decode(auth_token, current_app.config['SECRET_KEY']) return payload['user_id'] except jwt.ExpiredSignatureError: return 'Signature expired. Please log in again.' except jwt.InvalidTokenError: return 'Invalid token. Please log in again.'
class Invoice(ResourceMixin, db.Model): __tablename__ = 'invoices' id = db.Column(db.Integer, primary_key=True) user_id = db.Column(db.Integer, db.ForeignKey('users.id', onupdate='CASCADE', ondelete='CASCADE'), index=True, nullable=False) plan = db.Column(db.String(128)) receipt_number = db.Column(db.String(128)) description = db.Column(db.String(128)) period_start_on = db.Column(db.Date) period_end_on = db.Column(db.Date) currency = db.Column(db.String(8)) tax = db.Column(db.Integer) tax_percent = db.Column(db.Float()) total = db.Column(db.Integer) # denormalizes the card details brand = db.Column(db.String(32)) last4 = db.Column(db.Integer) exp_date = db.Column(db.Date) @classmethod def billing_history(cls, user): """Get all invoices for a user """ invoices = cls.query.filter(cls.user_id == user.id) \ .order_by(cls.created_on.desc()).limit(12) return invoices @classmethod def parse_from_event(cls, payload): """ Parse and return the invoice information that will get saved locally. :return: dict """ data = payload['data']['object'] plan_info = data['lines']['data'][0]['plan'] period_start_on = datetime.utcfromtimestamp( data['lines']['data'][0]['period']['start']).date() period_end_on = datetime.utcfromtimestamp( data['lines']['data'][0]['period']['end']).date() invoice = { 'payment_id': data['customer'], 'plan': plan_info['name'], 'receipt_number': data['receipt_number'], 'description': plan_info['statement_descriptor'], 'period_start_on': period_start_on, 'period_end_on': period_end_on, 'currency': data['currency'], 'tax': data['tax'], 'tax_percent': data['tax_percent'], 'total': data['total'] } return invoice @classmethod def parse_event_save_invoice(cls, parsed_event): """Save invoice after parsing from event """ # import from User and avoid circular imports from .users import User # only save invoice if the user is valid id = parsed_event.get('payment_id') user = User.query.filter((User.payment_id == id)).first() if user: parsed_event['user_id'] = user.id # parsed_event['brand'] = user.credit_card.brand # parsed_event['last4'] = user.credit_card.last4 # parsed_event['exp_date'] = user.credit_card.exp_date del parsed_event['payment_id'] invoice = Invoice(**parsed_event) invoice.save() return user @classmethod def upcoming(cls, customer_id): """Upcoming invoice item """ payload = stripe.Invoice.upcoming(customer=customer_id) line_info = payload['lines']['data'][0] plan_info = line_info['plan'] next_billing_date = datetime.utcfromtimestamp( line_info['period']['start']) invoice = { 'plan': plan_info['id'], 'description': line_info['description'], 'next_bill_on': next_billing_date, 'amount_due': payload['amount_due'], 'interval': plan_info['interval'] } return invoice