Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

""" 

Book: Building RESTful Python Web Services 

Chapter 8: Testing and Deploying an API with Flask 

Author: Gaston C. Hillar - Twitter.com/gastonhillar 

Publisher: Packt Publishing Ltd. - http://www.packtpub.com 

""" 

from flask import Blueprint, request, jsonify, make_response 

from flask_restful import Api, Resource 

from models import db, Category, CategorySchema, Message, MessageSchema 

from sqlalchemy.exc import SQLAlchemyError 

import status 

from helpers import PaginationHelper 

from flask_httpauth import HTTPBasicAuth 

from flask import g 

from models import User, UserSchema 

 

 

auth = HTTPBasicAuth() 

 

 

@auth.verify_password 

def verify_user_password(name, password): 

user = User.query.filter_by(name=name).first() 

if not user or not user.verify_password(password): 

return False 

g.user = user 

return True 

 

 

class AuthRequiredResource(Resource): 

method_decorators = [auth.login_required] 

 

 

api_bp = Blueprint('api', __name__) 

category_schema = CategorySchema() 

message_schema = MessageSchema() 

user_schema = UserSchema() 

api = Api(api_bp) 

 

 

class UserResource(AuthRequiredResource): 

def get(self, id): 

user = User.query.get_or_404(id) 

result = user_schema.dump(user).data 

return result 

 

 

class UserListResource(Resource): 

@auth.login_required 

def get(self): 

pagination_helper = PaginationHelper( 

request, 

query=User.query, 

resource_for_url='api.userlistresource', 

key_name='results', 

schema=user_schema) 

result = pagination_helper.paginate_query() 

return result 

 

def post(self): 

request_dict = request.get_json() 

if not request_dict: 

response = {'user': 'No input data provided'} 

return response, status.HTTP_400_BAD_REQUEST 

errors = user_schema.validate(request_dict) 

if errors: 

return errors, status.HTTP_400_BAD_REQUEST 

name = request_dict['name'] 

existing_user = User.query.filter_by(name=name).first() 

if existing_user is not None: 

response = {'user': 'An user with the same name already exists'} 

return response, status.HTTP_400_BAD_REQUEST 

try: 

user = User(name=name) 

error_message, password_ok = \ 

user.check_password_strength_and_hash_if_ok(request_dict['password']) 

if password_ok: 

user.add(user) 

query = User.query.get(user.id) 

result = user_schema.dump(query).data 

return result, status.HTTP_201_CREATED 

else: 

return {"error": error_message}, status.HTTP_400_BAD_REQUEST 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = {"error": str(e)} 

return resp, status.HTTP_400_BAD_REQUEST 

 

 

class MessageResource(AuthRequiredResource): 

def get(self, id): 

message = Message.query.get_or_404(id) 

result = message_schema.dump(message).data 

return result 

 

def patch(self, id): 

message = Message.query.get_or_404(id) 

message_dict = request.get_json(force=True) 

if 'message' in message_dict: 

message_message = message_dict['message'] 

if Message.is_unique(id=id, message=message_message): 

message.message = message_message 

else: 

response = {'error': 'A message with the same message already exists'} 

return response, status.HTTP_400_BAD_REQUEST 

if 'duration' in message_dict: 

message.duration = message_dict['duration'] 

if 'printed_times' in message_dict: 

message.printed_times = message_dict['printed_times'] 

if 'printed_once' in message_dict: 

message.printed_once = message_dict['printed_once'] 

dumped_message, dump_errors = message_schema.dump(message) 

if dump_errors: 

return dump_errors, status.HTTP_400_BAD_REQUEST 

validate_errors = message_schema.validate(dumped_message) 

if validate_errors: 

return validate_errors, status.HTTP_400_BAD_REQUEST 

try: 

message.update() 

return self.get(id) 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = {"error": str(e)} 

return resp, status.HTTP_400_BAD_REQUEST 

 

def delete(self, id): 

message = Message.query.get_or_404(id) 

try: 

delete = message.delete(message) 

response = make_response() 

return response, status.HTTP_204_NO_CONTENT 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = jsonify({"error": str(e)}) 

return resp, status.HTTP_401_UNAUTHORIZED 

 

 

class MessageListResource(AuthRequiredResource): 

def get(self): 

pagination_helper = PaginationHelper( 

request, 

query=Message.query, 

resource_for_url='api.messagelistresource', 

key_name='results', 

schema=message_schema) 

result = pagination_helper.paginate_query() 

return result 

 

def post(self): 

request_dict = request.get_json() 

if not request_dict: 

response = {'message': 'No input data provided'} 

return response, status.HTTP_400_BAD_REQUEST 

errors = message_schema.validate(request_dict) 

if errors: 

return errors, status.HTTP_400_BAD_REQUEST 

message_message = request_dict['message'] 

if not Message.is_unique(id=0, message=message_message): 

response = {'error': 'A message with the same message already exists'} 

return response, status.HTTP_400_BAD_REQUEST 

try: 

category_name = request_dict['category']['name'] 

category = Category.query.filter_by(name=category_name).first() 

if category is None: 

# Create a new Category 

category = Category(name=category_name) 

db.session.add(category) 

# Now that we are sure we have a category 

# create a new Message 

message = Message( 

message=message_message, 

duration=request_dict['duration'], 

category=category) 

message.add(message) 

query = Message.query.get(message.id) 

result = message_schema.dump(query).data 

return result, status.HTTP_201_CREATED 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = {"error": str(e)} 

return resp, status.HTTP_400_BAD_REQUEST 

 

 

class CategoryResource(AuthRequiredResource): 

def get(self, id): 

category = Category.query.get_or_404(id) 

result = category_schema.dump(category).data 

return result 

 

def patch(self, id): 

category = Category.query.get_or_404(id) 

category_dict = request.get_json() 

if not category_dict: 

resp = {'message': 'No input data provided'} 

return resp, status.HTTP_400_BAD_REQUEST 

errors = category_schema.validate(category_dict) 

if errors: 

return errors, status.HTTP_400_BAD_REQUEST 

try: 

if 'name' in category_dict: 

category_name = category_dict['name'] 

if Category.is_unique(id=id, name=category_name): 

category.name = category_name 

else: 

response = {'error': 'A category with the same name already exists'} 

return response, status.HTTP_400_BAD_REQUEST 

category.update() 

return self.get(id) 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = {"error": str(e)} 

return resp, status.HTTP_400_BAD_REQUEST 

 

def delete(self, id): 

category = Category.query.get_or_404(id) 

try: 

category.delete(category) 

response = make_response() 

return response, status.HTTP_204_NO_CONTENT 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = jsonify({"error": str(e)}) 

return resp, status.HTTP_401_UNAUTHORIZED 

 

 

class CategoryListResource(AuthRequiredResource): 

def get(self): 

categories = Category.query.all() 

results = category_schema.dump(categories, many=True).data 

return results 

 

def post(self): 

request_dict = request.get_json() 

if not request_dict: 

resp = {'message': 'No input data provided'} 

return resp, status.HTTP_400_BAD_REQUEST 

errors = category_schema.validate(request_dict) 

if errors: 

return errors, status.HTTP_400_BAD_REQUEST 

category_name = request_dict['name'] 

if not Category.is_unique(id=0, name=category_name): 

response = {'error': 'A category with the same name already exists'} 

return response, status.HTTP_400_BAD_REQUEST 

try: 

category = Category(category_name) 

category.add(category) 

query = Category.query.get(category.id) 

result = category_schema.dump(query).data 

return result, status.HTTP_201_CREATED 

except SQLAlchemyError as e: 

db.session.rollback() 

resp = {"error": str(e)} 

return resp, status.HTTP_400_BAD_REQUEST 

 

 

api.add_resource(CategoryListResource, '/categories/') 

api.add_resource(CategoryResource, '/categories/<int:id>') 

api.add_resource(MessageListResource, '/messages/') 

api.add_resource(MessageResource, '/messages/<int:id>') 

api.add_resource(UserListResource, '/users/') 

api.add_resource(UserResource, '/users/<int:id>')