hasslesstech
/
backend-development-course
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: hasslesstech:master
Branches Tags
hasslesstech:master
hasslesstech:dev
hasslesstech:lab4
hasslesstech:lab3
hasslesstech:lab2
hasslesstech:lab1
..
compare: hasslesstech:lab2
Branches Tags
hasslesstech:master
hasslesstech:dev
hasslesstech:lab4
hasslesstech:lab3
hasslesstech:lab2
hasslesstech:lab1

No commits in common. "master" and "lab2" have entirely different histories.
master ... lab2

7 changed files with 78 additions and 415 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,2 +1 @@
__pycache__/ __pycache__/
*.env

4
README.md
View File

@ -13,7 +13,3 @@ docker-compose up
``` ```
That should be enough to get the server up and running. That should be enough to get the server up and running.
## Lab3 specifics
Variant for functionality extension: 27 % 3 = 0 => Income accountance

397
app/__init__.py
View File

@ -1,83 +1,10 @@
from flask import Flask, request, jsonify from flask import Flask, request
from flask_jwt_extended import create_access_token, get_jwt_identity, jwt_required, JWTManager
import time import time
import json import json
import uuid from app.local_db import LocalDB
import datetime
import os
from hashlib import sha256
from marshmallow import Schema, fields
from flask_sqlalchemy import SQLAlchemy
app = Flask(__name__) app = Flask(__name__)
app.config.from_pyfile('config.py', silent=True) ldb = LocalDB()
app.config["JWT_SECRET_KEY"] = os.getenv("JWT_SECRET_KEY")
db = SQLAlchemy(app)
jwt = JWTManager(app)
class UserModel(db.Model):
__tablename__ = "user"
uuid = db.Column(db.String(32), unique=True, primary_key=True, nullable=False)
name = db.Column(db.String(64), nullable=False)
password = db.Column(db.String(64), nullable=False)
bal_uuid = db.Column(db.String(32), db.ForeignKey('balance.uuid'))
class CategoryModel(db.Model):
__tablename__ = "category"
uuid = db.Column(db.String(32), unique=True, primary_key=True, nullable=False)
name = db.Column(db.String(64), nullable=False)
class RecordModel(db.Model):
__tablename__ = "record"
uuid = db.Column(db.String(32), primary_key=True, nullable=False)
user_uuid = db.Column(db.String(32), db.ForeignKey('user.uuid'))
cat_uuid = db.Column(db.String(32), db.ForeignKey('category.uuid'))
date = db.Column(db.Date)
amount = db.Column(db.Integer)
class BalanceModel(db.Model):
__tablename__ = "balance"
uuid = db.Column(db.String(32), primary_key=True, nullable=False)
value = db.Column(db.Integer, nullable=False)
class UserSchema(Schema):
uuid = fields.Str()
name = fields.Str()
password = fields.Str()
bal_uuid = fields.Str()
class CategorySchema(Schema):
uuid = fields.Str()
name = fields.Str()
class RecordSchema(Schema):
uuid = fields.Str()
user_uuid = fields.Str()
cat_uuid = fields.Str()
date = fields.Date('iso')
amount = fields.Integer()
class BalanceSchema(Schema):
uuid = fields.Str()
value = fields.Integer()
user_schema = UserSchema()
users_schema = UserSchema(many = True)
category_schema = CategorySchema()
categories_schema = CategorySchema(many = True)
record_schema = RecordSchema()
records_schema = RecordSchema(many = True)
balance_schema = BalanceSchema()
# "migration"
with app.app_context():
db.create_all()
@app.route("/healthcheck") @app.route("/healthcheck")
def ep_healthcheck(): def ep_healthcheck():
@ -88,306 +15,138 @@ def ep_healthcheck():
@app.route("/reset_users_because_postman_is_dumb_like_that") @app.route("/reset_users_because_postman_is_dumb_like_that")
def ep_reset(): def ep_reset():
db.session.query(RecordModel).delete() ldb.reset()
db.session.query(CategoryModel).delete() return {}
db.session.query(UserModel).delete()
db.session.query(BalanceModel).delete()
db.session.commit()
return {}, 200
@app.route("/users", methods = ["GET"]) @app.route("/users", methods = ["GET"])
@jwt_required()
def ep_users_get(): def ep_users_get():
result = db.session.query(UserModel).all() return ldb.get_users()
return users_schema.dumps(result)
@app.route("/user/<user_id>", methods = ["GET"])
def ep_user_get(user_id):
user = ldb.get_user(user_id)
if 'uuid' in user:
return user
else:
return user, 404
@app.route("/user", methods = ["POST"]) @app.route("/user", methods = ["POST"])
def ep_user_post(): def ep_user_post():
name = request.json.get('name', None) body = request.json
password = request.json.get('password', None)
pass_hashed = sha256(password.encode("UTF-8")).digest().hex() if 'name' in body:
r = ldb.add_user(body['name'])
b = BalanceModel(uuid=uuid.uuid4().hex, value=0) if 'uuid' in r:
return r
u_uuid = uuid.uuid4().hex else:
bal_uuid = b.uuid return r, 403
else:
try:
_ = user_schema.load({'uuid': u_uuid, 'name': name,
'password': pass_hashed, 'bal_uuid': bal_uuid})
except Exception as e:
return {}, 403 return {}, 403
u = UserModel(uuid=u_uuid, name=name, @app.route("/user/<user_id>", methods = ["DELETE"])
password=pass_hashed, bal_uuid=bal_uuid) def ep_user_delete(user_id):
r = ldb.del_user(user_id)
at = create_access_token(identity = json.dumps({'uuid': u.uuid, 'bal_uuid': u.bal_uuid})) if 'uuid' in r:
return r
try: else:
db.session.add(b) return r, 403
db.session.add(u)
db.session.commit()
except Exception as e:
db.session.rollback()
return {}, 403
return jsonify(access_token = at), 200
@app.route("/user", methods = ["GET"])
def ep_user_get():
name = request.json.get('user', None)
password = request.json.get('password', None)
pass_hashed = sha256(password.encode("UTF-8")).digest().hex()
u = db.session.query(UserModel).filter(UserModel.name == name).one_or_none()
if not u:
return {}, 404
if u.password != pass_hashed:
return {"message": "Wrong password."}, 401
at = create_access_token(identity = json.dumps({'uuid': u.uuid, 'bal_uuid': u.bal_uuid}))
return jsonify(access_token = at), 200
@app.route("/user", methods = ["DELETE"])
@jwt_required()
def ep_user_delete():
current_user = json.loads(get_jwt_identity())
try:
db.session.query(UserModel).filter(UserModel.uuid == current_user['uuid']).delete()
db.session.query(BalanceModel).filter(BalanceModel.uuid == current_user['bal_uuid']).delete()
db.session.commit()
except Exception as e:
db.session.rollback()
return {}, 403
return {"message": "Success."}, 200
@app.route("/category", methods = ["GET"]) @app.route("/category", methods = ["GET"])
@jwt_required()
def ep_category_get(): def ep_category_get():
body = request.json body = request.json
if 'uuid' in body: if 'uuid' in body:
result = db.session.query(CategoryModel).filter(CategoryModel.uuid == body['uuid']).all() category = ldb.get_category(body['uuid'])
if len(result) == 1: if 'uuid' in category:
return user_schema.dumps(result[0]), 200 return category
else: else:
return {}, 404 return category, 404
else: else:
return {}, 403 return {}, 403
@app.route("/category", methods = ["POST"]) @app.route("/category", methods = ["POST"])
@jwt_required()
def ep_category_post(): def ep_category_post():
body = request.json body = request.json
if not body: if 'name' in body:
r = ldb.add_category(body['name'])
if 'uuid' in r:
return r
else:
return r, 403
else:
return {}, 403 return {}, 403
if 'uuid' in body:
return {}, 403
body.update({'uuid': uuid.uuid4().hex})
try:
_ = category_schema.load(body)
except ValidationError as e:
return {}, 403
c = CategoryModel(**body)
try:
db.session.add(c)
db.session.commit()
except Exception as e:
db.session.rollback()
return {}, 403
return jsonify(category_schema.load(body)), 200
@app.route("/category", methods = ["DELETE"]) @app.route("/category", methods = ["DELETE"])
@jwt_required()
def ep_category_delete(): def ep_category_delete():
body = request.json body = request.json
if 'uuid' not in body: if 'uuid' in body:
category = ldb.del_category(body['uuid'])
if 'uuid' in category:
return category
else:
return category, 404
else:
return {}, 403 return {}, 403
cat_id = body['uuid']
try:
result = db.session.query(CategoryModel).filter(CategoryModel.uuid == cat_id).all()
except Exception as e:
return {}, 403
if len(result) == 0:
return {}, 404
try:
db.session.query(CategoryModel).filter(CategoryModel.uuid == cat_id).delete()
db.session.commit()
except Exception as e:
return {}, 403
return category_schema.dumps(result[0]), 200
@app.route("/record/<record_id>", methods = ["GET"]) @app.route("/record/<record_id>", methods = ["GET"])
@jwt_required()
def ep_record_get(record_id): def ep_record_get(record_id):
current_user = json.loads(get_jwt_identity()) r = ldb.get_record(record_id)
result = db.session.query(RecordModel).filter(RecordModel.uuid == record_id).one_or_none()
if result and result.user_uuid == current_user['uuid']: if 'uuid' in r:
return user_schema.dumps(result), 200 return r
else: else:
return {}, 403 return r, 404
@app.route("/record", methods = ["GET"]) @app.route("/record", methods = ["GET"])
@jwt_required()
def ep_record_get_filtered(): def ep_record_get_filtered():
r = db.session.query(RecordModel) options = {}
filtered = False
if 'user_id' in request.json: if 'user_id' in request.json:
r = r.filter(RecordModel.user_uuid == request.json['user_id']) options['user_id'] = request.json['user_id']
filtered = True
elif 'user_uuid' in request.json:
r = r.filter(RecordModel.user_uuid == request.json['user_uuid'])
filtered = True
if 'cat_id' in request.json: if 'cat_id' in request.json:
r = r.filter(RecordModel.cat_uuid == request.json['cat_id']) options['cat_id'] = request.json['cat_id']
filtered = True
if 'cat_uuid' in request.json:
r = r.filter(RecordModel.cat_uuid == request.json['cat_uuid'])
filtered = True
if filtered: if len(list(options.keys())) == 0:
return records_schema.dumps(r.all()) return [], 400
else:
return [], 403 r = ldb.filter_records(options)
return json.dumps(r)
@app.route("/record/<record_id>", methods = ["DELETE"]) @app.route("/record/<record_id>", methods = ["DELETE"])
@jwt_required()
def ep_record_del(record_id): def ep_record_del(record_id):
current_user = json.loads(get_jwt_identity()) r = ldb.del_record(record_id)
try: if 'uuid' in r:
result = db.session.query(RecordModel).filter(RecordModel.uuid == record_id).one_or_none() return r
except Exception as e:
return {}, 403
if result and result.user_uuid == current_user['uuid']:
db.session.query(RecordModel).filter(RecordModel.uuid == record_id).delete()
db.session.commit()
else: else:
return {}, 401 return r, 404
return record_schema.dumps(result), 200
@app.route("/record", methods = ["POST"]) @app.route("/record", methods = ["POST"])
@jwt_required()
def ep_record_post(): def ep_record_post():
current_user = json.loads(get_jwt_identity()) body = request.json
amount = request.json.get('amount', None) if 'user_id' not in body:
category = request.json.get('category', None)
if not all([amount, category]):
return {}, 403
u_uuid = uuid.uuid4().hex
r_time = time.strftime("%Y-%m-%d")
try:
_ = record_schema.load({'amount': amount, "cat_uuid": category, "uuid": u_uuid,
'user_uuid': current_user['uuid'], 'date': r_time})
except Exception as e:
return {}, 400 return {}, 400
r = RecordModel(amount=amount, cat_uuid=category, uuid=u_uuid, user_uuid=current_user['uuid'], date=r_time) if 'cat_id' not in body:
return {}, 400
v = db.session \ if 'amount' not in body:
.query(BalanceModel) \ return {}, 400
.filter(BalanceModel.uuid == current_user['bal_uuid']) \
.one_or_none() \
.value
BalanceModel \ r = ldb.add_record(body['user_id'], body['cat_id'], body['amount'])
.metadata.tables.get("balance") \
.update() \
.where(BalanceModel.metadata.tables.get("balance").c.uuid == current_user['bal_uuid']) \
.values(value = v - amount)
try: if 'uuid' in r:
db.session.add(r) return r
db.session.commit() else:
except Exception as e: return r, 403
db.session.rollback()
return {}, 403
return {'uuid': r.uuid}, 200
@app.route("/balance_up", methods = ["POST"])
@jwt_required()
def ep_balance_up():
current_user = json.loads(get_jwt_identity())
amount = request.json.get('amount', None)
try:
v = db.session \
.query(BalanceModel) \
.filter(BalanceModel.uuid == current_user['bal_uuid']) \
.one_or_none() \
.value
BalanceModel.metadata.tables.get("balance").update().where(BalanceModel.metadata.tables.get("balance").c.uuid == current_user['bal_uuid']).values(value = v + amount)
except Exception as e:
return {}, 407
return {}, 200
@app.route("/balance", methods = ["GET"])
@jwt_required()
def ep_balance_get():
current_user = json.loads(get_jwt_identity())
result = db.session.query(BalanceModel).filter(BalanceModel.uuid == current_user['bal_uuid']).one_or_none()
return balance_schema.dumps(result), 200
@jwt.expired_token_loader
def expired_token_callback(jwt_header, jwt_payload):
return (
jsonify({"message": "The token has expired.", "error": "token_expired"}),
401,
)
@jwt.invalid_token_loader
def invalid_token_callback(error):
return (
jsonify(
{"message": "Signature verification failed.", "error": "invalid_token"}
),
401,
)
@jwt.unauthorized_loader
def missing_token_callback(error):
return (
jsonify(
{
"description": "Request does not contain an access token.",
"error": "authorization_required",
}
),
401,
)

7
app/config.py
View File

@ -1,7 +0,0 @@
import os
PROPAGATE_EXCEPTIONS = True
SQLALCHEMY_DATABASE_URI = f'postgresql://{os.environ["POSTGRES_USER"]}:{os.environ["POSTGRES_PASSWORD"]}@db:5432/accountance'
SQLALCHEMY_TRACK_MODIFICATIONS = False
API_TITLE = "Finance REST API"
API_VERSION = 'v1'

11
docker-compose.yaml
View File

@ -12,14 +12,3 @@ services:
- "12402:12402" - "12402:12402"
volumes: volumes:
- ./app:/app/app - ./app:/app/app
env_file:
- db.env
- app.env
depends_on:
- db
db:
restart: unless-stopped
image: postgres:17.2-alpine3.21
env_file:
- db.env

15
requirements.txt
View File

@ -1,22 +1,7 @@
alembic==1.14.0
apispec==6.8.0
blinker==1.8.2 blinker==1.8.2
click==8.1.7 click==8.1.7
Flask==3.0.3 Flask==3.0.3
Flask-JWT-Extended==4.7.1
Flask-Migrate==4.0.7
flask-smorest==0.45.0
Flask-SQLAlchemy==3.1.1
greenlet==3.1.1
itsdangerous==2.2.0 itsdangerous==2.2.0
Jinja2==3.1.4 Jinja2==3.1.4
Mako==1.3.8
MarkupSafe==2.1.5 MarkupSafe==2.1.5
marshmallow==3.23.2
packaging==24.2
psycopg2-binary==2.9.10
PyJWT==2.10.1
SQLAlchemy==2.0.36
typing_extensions==4.12.2
webargs==8.6.0
Werkzeug==3.0.4 Werkzeug==3.0.4

58
tests/lab3/user_test.sh
View File

@ -1,58 +0,0 @@
#!/bin/sh
HOST=$1
if [ -z HOST ]; then
echo "Host not specified, exiting"
exit 1;
fi;
echo -n 'Resetting DB...'
curl -X GET -f -s \
http://$HOST:12402/reset_users_because_postman_is_dumb_like_that > /dev/null
if [ $? -ne 0 ]; then
echo 'Exiting due to previous error'
exit 1
fi
echo ' Done.'
echo -n 'Creating users...'
for i in $(seq 1); do
curl -X POST -f -s \
--data "{\"name\": \"hi$i\"}" \
--header "Content-Type: application/json" \
http://$HOST:12402/user > /dev/null;
if [ $? -ne 0 ]; then
echo 'Exiting due to previous error'
exit 1
fi
done
echo ' Done.'
echo -n 'Getting user UUID to delete...'
DELETION_UUID=$(curl -X GET -f -s \
http://$HOST:12402/users \
| jq .[0].uuid);
if [ $? -ne 0 ]; then
echo 'Exiting due to previous error'
exit 1
fi
DELETION_UUID=${DELETION_UUID#\"}
DELETION_UUID=${DELETION_UUID%\"}
echo " $DELETION_UUID."
echo -n "Deleting user $DELETION_UUID..."
curl -X DELETE -f -s \
http://$HOST:12402/user/$DELETION_UUID > /dev/null
if [ $? -ne 0 ]; then
echo 'Exiting due to previous error'
exit 1
fi
echo ' Done.'