In [1]:
import requests
import pathlib
import json

In [2]:
HOST = 'http://0.0.0.0:5000'

In [3]:
PATH = pathlib.Path('/home/haidaansko/Downloads')

## Registration

In [4]:
user1 = {
    'username': 'user1',
    'password': 'password1',
    'email': 'a@example.com',
    'gender': 'male',
    'stats': {
        'total_sessions': 9,
        'total_victories': 4,
        'total_defeats': 5,
        'total_time': 100
    }
}

In [5]:
avatar_path = PATH / 'cat1.jpeg'

In [6]:
# For passing both json and image (avatar), we pass dict as file 
# (identified as request.form in flask) 

files = {
    'json': (None, json.dumps(user1), 'application/json'),
    'avatar': (str(avatar_path.absolute()), open(avatar_path, 'rb'))
}

In [7]:
# Creating probably existing user with avatar
result = requests.post(HOST + '/users',files=files)
result.text

'User already exists'

In [8]:
# Creating definitely new user
import datetime

username = datetime.datetime.now().strftime("m%md%dY%YH%HM%MS%Sf%f")
user_n = {
    'username': username,
    'password': 'password1',
    'email': 'a@example.com',
    'gender': 'male',
    'stats': {
        'total_sessions': 9,
        'total_victories': 4,
    }
}

In [9]:
# Pass as json because avatar image is abcent

result = requests.post(HOST + '/users',json=user_n)
result.text

'{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYxNjQ1MzIwMSwianRpIjoiYzVhOTA2MGItMWM5ZS00N2MwLTlhODEtNjQzNzE5ZTUwOWM5IiwibmJmIjoxNjE2NDUzMjAxLCJ0eXBlIjoiYWNjZXNzIiwic3ViIjozfQ.lUZAqFEcr0Jwkdpa006hw5oucX0xT_5zZmzm31o30TA","user":{"avatar":null,"email":"a@example.com","gender":"male","self_url":"/users/3","stats_url":"/users/3/stats","user_id":3,"username":"m03d23Y2021H01M46S41f453973"}}\n'

In [10]:
# List all users
result = requests.get(HOST + '/users').json()
result

[{'avatar': 'home_haidaansko_Downloads_cat1.jpeg',
  'email': 'a@example.com',
  'gender': 'male',
  'self_url': '/users/1',
  'stats_url': '/users/1/stats',
  'user_id': 1,
  'username': 'user1'},
 {'avatar': None,
  'email': 'a@example.com',
  'gender': 'female',
  'self_url': '/users/2',
  'stats_url': '/users/2/stats',
  'user_id': 2,
  'username': 'user2'},
 {'avatar': None,
  'email': 'a@example.com',
  'gender': 'male',
  'self_url': '/users/3',
  'stats_url': '/users/3/stats',
  'user_id': 3,
  'username': 'm03d23Y2021H01M46S41f453973'}]

In [11]:
# List the 1st user
result = requests.get(HOST + '/users/1').json()
result

{'avatar': 'home_haidaansko_Downloads_cat1.jpeg',
 'email': 'a@example.com',
 'gender': 'male',
 'self_url': '/users/1',
 'stats_url': '/users/1/stats',
 'user_id': 1,
 'username': 'user1'}

## Login

In [12]:
# Two ways of dict params are supported: through files
creds = {'username': 'user1', 'password': 'password1'}
result = requests.post(HOST + '/login',files={'json': (None, json.dumps(creds), 'application/json')})
result.text

'{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYxNjQ1MzIwMSwianRpIjoiNzEwOGEyMTgtMzcyMS00ZDFlLThkNjYtNzU3ZGY5MGY3YTA3IiwibmJmIjoxNjE2NDUzMjAxLCJ0eXBlIjoiYWNjZXNzIiwic3ViIjoxfQ.KBRuYVxuCkWaPSNT-zlq9BaDasjWkxOdXRhNMp6X8U4","user":"/users/1"}\n'

In [13]:
# And through json

creds = {'username': 'user1', 'password': 'password1'}
result = requests.post(HOST + '/login',json=creds)
result.json()

{'token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYxNjQ1MzIwMSwianRpIjoiZjNkNzhiZTUtNmQ2MC00YmIxLWEyOTAtMGEyZTlhNWZlMDc1IiwibmJmIjoxNjE2NDUzMjAxLCJ0eXBlIjoiYWNjZXNzIiwic3ViIjoxfQ.FTH3vr1o5tcZ_rTQ5Uo7o8oe4wwjXAo56Nl6d_D-2_U',
 'user': '/users/1'}

In [14]:
# Accessing JWT-protected queries

token = result.json()['token']
headers = {"Authorization": f"Bearer {token}"}
result = requests.get(HOST + '/users/me', headers=headers)
result.json()

{'avatar': 'home_haidaansko_Downloads_cat1.jpeg',
 'email': 'a@example.com',
 'gender': 'male',
 'self_url': '/users/1',
 'stats_url': '/users/1/stats',
 'user_id': 1,
 'username': 'user1'}

In [15]:
# Loggin in as another user
creds_old = {'username': username, 'password': 'password1'}
result = requests.post(HOST + '/login', json=creds_old)
result.json()

{'token': 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTYxNjQ1MzIwMSwianRpIjoiN2QyNDAwZWEtZTlmYy00MzZiLWE0NmQtZDQyNWVkMmVlZWU5IiwibmJmIjoxNjE2NDUzMjAxLCJ0eXBlIjoiYWNjZXNzIiwic3ViIjozfQ.6h3ro4WhR7Qqmt6Q9mANQMHPXPwObsTtG1J91fLE2Wg',
 'user': '/users/3'}

In [16]:
# Tokens are different
token2 = result.json()['token']
token2 == token

False

In [17]:
headers = {"Authorization": f"Bearer {token2}"}
result = requests.get(HOST + '/users/me', headers=headers)
self_url = result.json()['self_url']
stats_url = result.json()['stats_url']
result.json()

{'avatar': None,
 'email': 'a@example.com',
 'gender': 'male',
 'self_url': '/users/3',
 'stats_url': '/users/3/stats',
 'user_id': 3,
 'username': 'm03d23Y2021H01M46S41f453973'}

In [18]:
# Accessing stats data
result = requests.get(HOST + stats_url, headers=headers)
result.json()

{'total_defeats': 0,
 'total_sessions': 9,
 'total_time': 0,
 'total_victories': 4}

In [19]:
# Modifing stats data
edits = {'total_sessions': 10, 'total_time': 1000}
result = requests.patch(HOST + stats_url, headers=headers, json=edits)
result.json()

{'total_defeats': 0,
 'total_sessions': 10,
 'total_time': 1000,
 'total_victories': 4}

In [20]:
# Modifing user data (username and password themselves!)
edits = {'username': 'usern', 'password': 'password2', 'gender': 'female'}
result = requests.patch(HOST + self_url, headers=headers, json=edits)
result.json()

{'avatar': None,
 'email': 'a@example.com',
 'gender': 'female',
 'self_url': '/users/3',
 'stats_url': '/users/3/stats',
 'user_id': 3,
 'username': 'usern'}

In [21]:
# Logging in with new credentials
creds_new = {'username': 'usern', 'password': 'password2'}
result = requests.post(HOST + '/login', json=creds_new)
token2 = result.json()['token']

headers = {"Authorization": f"Bearer {token2}"}
result = requests.get(HOST + '/users/me', headers=headers)
result.json()

{'avatar': None,
 'email': 'a@example.com',
 'gender': 'female',
 'self_url': '/users/3',
 'stats_url': '/users/3/stats',
 'user_id': 3,
 'username': 'usern'}

In [22]:
# Deleting user (ourselves)
result = requests.delete(HOST + self_url, headers=headers)
result

<Response [204]>

In [23]:
# Neither of the credentials pairs
result = requests.post(HOST + '/login', json=creds_old)
result.text

'Bad username or password'

In [24]:
# is correct
result = requests.post(HOST + '/login', json=creds_new)
result.text

'Bad username or password'

## Reports

In [25]:
headers = {"Authorization": f"Bearer {token}"}
result = requests.post(HOST + '/users/1/pdf', headers=headers)
result.json()

{'url': '/users/1/pdf'}

In [26]:
result = requests.get(HOST + result.json()['url'], headers=headers)
result

<Response [200]>

In [27]:
with open('report.pdf', 'wb') as f:
    f.write(result.content)