cake-erp-challenge/api/views/trainer.py

from sqlalchemy.exc import NoResultFound, IntegrityError
from api.models.trainer import Trainer, trainer_schema, trainer_schemas, InvalidTeam
from api.app import db
from api.app import app
from flask import request, jsonify
from .errors import ParsingError, ConflictingParameters, ConflictingResources, AuthenticationFailure
from werkzeug.security import check_password_hash
import datetime
import jwt

def get_trainer(id):
    try:
        return trainer_schema.dump(Trainer.query.get(id))
    except:
        return jsonify({})

def get_trainers():
    args = request.args

    try:
        limit = int(args.get("limit", -1))
        offset = int(args.get("offset", 0))
    except ValueError:
        return ParsingError("Couldn't parse parameter as integer")

    if limit < -1 or offset < 0:
        return ParsingError("Expected positive integer as parameter")

    nickname = args.get("nickname", "")
    nickname_contains = args.get("nickname_contains", "")

    try:
        if nickname:
            if nickname_contains:
                return ConflictingParameters("nickname and nickname_contains are mutually exclusive")

            query = Trainer.query.filter_by(nickname=nickname).limit(limit).offset(offset)
            return trainer_schemas.dumps(query.all())

        else:               # se nickname_contains também está vazio, retornará todos trainers
            pattern = '%'+nickname_contains+'%'
            query = Trainer.query.filter(Trainer.nickname.like(pattern)).limit(limit).offset(offset)
            return trainer_schemas.dumps(query.all())

    except NoResultFound:
        return jsonify([])

def get_trainer_by_email(email):
    try:
        return Trainer.query.filter_by(email=email).one()
    except:
        return None

def post_trainer():
    try:
        json = request.get_json()
    except:
        return ParsingError("Failed to parse JSON body")

    if type(json) is not dict:
        return ParsingError("Expected JSON object as body")

    try:
        nickname = json["nickname"]
        first_name = json["first_name"]
        last_name = json["last_name"]
        email = json["email"]
        password = json["password"]
        team = json["team"]

        trainer = Trainer(
                nickname=nickname,
                first_name=first_name,
                last_name=last_name,
                email=email,
                password=password,
                team=team
                )

        db.session.add(trainer)
        db.session.commit()

        return trainer_schema.dump(trainer)
    except InvalidTeam:
        return ParsingError("Field team is invalid")
    except KeyError:
        return ParsingError("Missing JSON object fields")
    except IntegrityError:
        return ConflictingResources("Trainer with the same nickname or email already exists", http_code=500)

def auth_trainer():
    try:
        auth = request.get_json()
    except:
        return ParsingError("Failed to parse JSON body")

    if type(auth) is not dict:
        return ParsingError("Expected JSON object as body")

    try:
        email = auth["email"]
        password = auth["password"]
    except KeyError:
        return AuthenticationFailure("Login required")

    trainer = get_trainer_by_email(email)
    if not trainer:
        return AuthenticationFailure("Trainer not found")

    if trainer and check_password_hash(trainer.password, password):
        token = jwt.encode(
                {
                    "username": trainer.nickname,
                    "exp": datetime.datetime.now() + datetime.timedelta(hours=12)
                },
                app.config["SECRET_KEY"])
        return jsonify(
                {
                    "id": trainer.id,
                    "token": token
                })

    return AuthenticationFailure("Invalid login")
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`from sqlalchemy.exc import NoResultFound, IntegrityError`
			`from api.models.trainer import Trainer, trainer_schema, trainer_schemas, InvalidTeam`
			`from api.app import db`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`from api.app import app`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`from flask import request, jsonify`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`from .errors import ParsingError, ConflictingParameters, ConflictingResources, AuthenticationFailure`
			`from werkzeug.security import check_password_hash`
			`import datetime`
			`import jwt`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00
Adicionar endpoint: GET /trainer/{trainerId} 2021-10-17 18:15:56 -04:00			`def get_trainer(id):`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`try:`
			`return trainer_schema.dump(Trainer.query.get(id))`
			`except:`
			`return jsonify({})`
Adicionar endpoint: GET /trainer/{trainerId} 2021-10-17 18:15:56 -04:00
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`def get_trainers():`
			`args = request.args`

			`try:`
			`limit = int(args.get("limit", -1))`
			`offset = int(args.get("offset", 0))`
			`except ValueError:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ParsingError("Couldn't parse parameter as integer")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00
			`if limit < -1 or offset < 0:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ParsingError("Expected positive integer as parameter")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00
			`nickname = args.get("nickname", "")`
			`nickname_contains = args.get("nickname_contains", "")`

			`try:`
			`if nickname:`
			`if nickname_contains:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ConflictingParameters("nickname and nickname_contains are mutually exclusive")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00
Adicionar limit e offset na query (GET /trainer) 2021-10-18 08:51:50 -04:00			`query = Trainer.query.filter_by(nickname=nickname).limit(limit).offset(offset)`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`return trainer_schemas.dumps(query.all())`

			`else: # se nickname_contains também está vazio, retornará todos trainers`
			`pattern = '%'+nickname_contains+'%'`
Adicionar limit e offset na query (GET /trainer) 2021-10-18 08:51:50 -04:00			`query = Trainer.query.filter(Trainer.nickname.like(pattern)).limit(limit).offset(offset)`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`return trainer_schemas.dumps(query.all())`

			`except NoResultFound:`
			`return jsonify([])`

Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`def get_trainer_by_email(email):`
			`try:`
			`return Trainer.query.filter_by(email=email).one()`
			`except:`
			`return None`

Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`def post_trainer():`
			`try:`
			`json = request.get_json()`
			`except:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ParsingError("Failed to parse JSON body")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00
			`if type(json) is not dict:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ParsingError("Expected JSON object as body")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00
			`try:`
			`nickname = json["nickname"]`
			`first_name = json["first_name"]`
			`last_name = json["last_name"]`
			`email = json["email"]`
			`password = json["password"]`
			`team = json["team"]`

			`trainer = Trainer(`
			`nickname=nickname,`
			`first_name=first_name,`
			`last_name=last_name,`
			`email=email,`
			`password=password,`
			`team=team`
			`)`

			`db.session.add(trainer)`
			`db.session.commit()`

			`return trainer_schema.dump(trainer)`
			`except InvalidTeam:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ParsingError("Field team is invalid")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`except KeyError:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ParsingError("Missing JSON object fields")`
Usar ORM ao invés de SQL bruto 2021-10-17 17:59:27 -04:00			`except IntegrityError:`
Adicionar endpoint: POST /trainer/authenticate 2021-10-17 20:14:56 -04:00			`return ConflictingResources("Trainer with the same nickname or email already exists", http_code=500)`

			`def auth_trainer():`
			`try:`
			`auth = request.get_json()`
			`except:`
			`return ParsingError("Failed to parse JSON body")`

			`if type(auth) is not dict:`
			`return ParsingError("Expected JSON object as body")`

			`try:`
			`email = auth["email"]`
			`password = auth["password"]`
			`except KeyError:`
			`return AuthenticationFailure("Login required")`

			`trainer = get_trainer_by_email(email)`
			`if not trainer:`
			`return AuthenticationFailure("Trainer not found")`

			`if trainer and check_password_hash(trainer.password, password):`
			`token = jwt.encode(`
			`{`
			`"username": trainer.nickname,`
			`"exp": datetime.datetime.now() + datetime.timedelta(hours=12)`
			`},`
			`app.config["SECRET_KEY"])`
			`return jsonify(`
			`{`
			`"id": trainer.id,`
			`"token": token`
			`})`

			`return AuthenticationFailure("Invalid login")`