Merge pull request #6 from Kasulejoseph/ft-order-history-160819084

#160819084 Ft order history to develop
Kasulejoseph · Oct 4, 2018 · ba0d12b · ba0d12b
2 parents b7dff07 + 7a07779
commit ba0d12b
Show file tree

Hide file tree

Showing 13 changed files with 439 additions and 283 deletions.
diff --git a/.coverage b/.coverage
@@ -1 +1 @@
-!coverage.py: This is a private format, don't read it directly!{"lines":{"/home/kasule/Desktop/fast-food-fast-db/run.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/models/users.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/views/__init__.py":[1,2,4,5],"/home/kasule/Desktop/fast-food-fast-db/tests/test_user.py":[1],"/home/kasule/Desktop/fast-food-fast-db/tests/test_base.py":[1],"/home/kasule/Desktop/fast-food-fast-db/app/database/connect.py":[1],"/home/kasule/Desktop/fast-food-fast-db/app/database/__init__.py":[1],"/home/kasule/Desktop/fast-food-fast-db/app/models/model.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/models/__init__.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/views/routes.py":[1,2,3],"/home/kasule/Desktop/fast-food-fast-db/app/views/menu.py":[],"/home/kasule/Desktop/fast-food-fast-db/tests/__init__.py":[1],"/home/kasule/Desktop/fast-food-fast-db/app/__init__.py":[1,2]}}
+!coverage.py: This is a private format, don't read it directly!{"lines":{"/home/kasule/Desktop/fast-food-fast-db/app/views/__init__.py":[1,2,4,5],"/home/kasule/Desktop/fast-food-fast-db/run.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/database/__init__.py":[1],"/home/kasule/Desktop/fast-food-fast-db/tests/test_user.py":[1],"/home/kasule/Desktop/fast-food-fast-db/app/models/model.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/__init__.py":[1,2],"/home/kasule/Desktop/fast-food-fast-db/app/views/orders.py":[1,2,3],"/home/kasule/Desktop/fast-food-fast-db/app/views/menu.py":[],"/home/kasule/Desktop/fast-food-fast-db/app/database/connect.py":[1],"/home/kasule/Desktop/fast-food-fast-db/app/models/__init__.py":[],"/home/kasule/Desktop/fast-food-fast-db/tests/test_orders.py":[1],"/home/kasule/Desktop/fast-food-fast-db/tests/__init__.py":[1],"/home/kasule/Desktop/fast-food-fast-db/tests/test_base.py":[1]}}
diff --git a/README.md b/README.md
@@ -47,6 +47,7 @@ To run tests run this command below in your terminal
 coverage run --source=. -m unittest discover
 ```
 ## API End Points
+
 |           End Point                      |     Resource Accessed    |   Access   | Requirements|
 |   -------------------------------------- |-----------------------|------------|-------------|
 |     api/v1/auth/signup      POST             | Register a user   |   PUBLIC   | username, email, password
@@ -58,3 +59,4 @@ coverage run --source=. -m unittest discover
 |    api/v1/orders/order_id  PUT  | Update the status of an order   |   ADMIN   | order_id
 |     api/v1/menu GET  | Get available menu    |   PUBLIC   | menu_id
 |     api/v1/menu POST | Add a meal option to the menu.    |   ADMIN   | menu_id
+
diff --git a/app/__init__.py b/app/__init__.py
@@ -1,11 +1,10 @@
-from flask import Flask 
+from flask import Flask
 from app.views.orders import main
 from app.auth.views import auth
+from app.auth import views
 from instance.config import app_config
 
 app = Flask(__name__, instance_relative_config=True)
 app.config.from_object(app_config["development"])
 app.register_blueprint(main)
 app.register_blueprint(auth)
-
-from app.auth import views
diff --git a/app/auth/decorator.py b/app/auth/decorator.py
@@ -1,24 +1,28 @@
 from functools import wraps
-from flask import request, jsonify, current_app,make_response
+from flask import request, jsonify, current_app, make_response
 import jwt
 from app.models.model import User
-from app.database.connect import Database 
+from app.database.connect import Database
+
+
 def get_token():
     token = None
     if 'Authorization' in request.headers:
         token = request.headers['Authorization']
-
-    token = token.split(" ")[1]
+        token = token.split(" ")[1]
 
     if not token:
         return make_response(jsonify({
-            'status':'failed',
-            'message':'Token is missing!'
-            }),401)
+            'status': 'failed',
+            'message': 'Token is missing!'
+            }), 401)
     return token
 
-def role_required(user):
-    return user
+
+# def role_required(user):
+#     return user
+
+
 def token_required(f):
     """
     Decotator function to ensure that end points are provided by
@@ -28,51 +32,54 @@ def token_required(f):
     def decorated(*args, **kwargs):
         token = get_token()
         try:
-            data = jwt.decode(token,'mysecret')
+            data = jwt.decode(token, 'mysecret')
             user_role = data['role']
-            # role_required(user = user_role)
             database = Database()
             query = database.get_order_by_value(
-                'users','email', data['email']
+                'users', 'email', data['email']
             )
-            current_user = User(query[0], query[1], query[2], query[3],query[4])
+            current_user = User(
+                query[0], query[1], query[2], query[3], query[4], query[5])
         except jwt.ExpiredSignatureError:
-            return 'Signature expired. Please log in again.'
+            return 'Signature expired. Please log in again.', 401
         except jwt.InvalidTokenError:
-            return 'Invalid token. Please log in again.' 
-        except:
-            return make_response(jsonify({
-                "status": "failed",
-                "mesage": "Invalid token"
-                }), 401)
-
+            return 'Invalid token. Please log in again.', 401
         return f(current_user, *args, **kwargs)
     return decorated
 
+
 def role_required():
     token = get_token()
-    data = jwt.decode(token,'mysecret')
+    data = jwt.decode(token, 'mysecret')
     user_role = data['role']
     return user_role
 
+
+def user_id():
+    token = get_token()
+    data = jwt.decode(token, 'mysecret')
+    id = data['sub']
+    return id
+
+
 def response(id, username, message, token, status_code):
     """
     method to make http response for authorization token
     """
-    return make_response(jsonify({
+    return {
         "id": id,
         "username": username,
-       "message": message,
-       "auth_token": token
+        "message": message,
+        "auth_token": token
+
+    }, status_code
 
-    }), status_code)
 
-def response_message(status,message,status_code):
+def response_message(status, message, status_code):
     """
     method to handle response messages
     """
-    return make_response(jsonify({
+    return {
         "status": status,
         "message": message
-    }), status_code)
-
+        }, status_code
diff --git a/app/auth/views.py b/app/auth/views.py
@@ -6,102 +6,105 @@
 from app.models.model import User
 from app.auth.decorator import response, response_message
 from werkzeug.security import generate_password_hash, check_password_hash
-from flask_restful import Api,Resource
-from flask import make_response,Blueprint,request,jsonify
+from flask_restful import Api, Resource
+from flask import make_response, Blueprint, request, jsonify
 auth = Blueprint('auth', __name__)
 db = Database()
 api = Api(auth)
 
+
 class RegisterUser(Resource):
     """
     Class to register a user via api
     """
-
     def post(self):
         """
-        User creates an account 
+        User creates an account
         User sign up details are added to the data base
         """
         if request.content_type != 'application/json':
-            return response_message('Bad request','Content-type must be in json', 202)
-
+            return response_message(
+                'Bad request', 'Content-type must be in json', 202)   
         detail = request.get_json()
         username = detail['username']
         email = detail['email']
         location = detail['location']
         password = generate_password_hash(detail['password'])
 
-        if not username :
+        if not username:
             return response_message('Missing', 'Username required', 400)
-
-        if not re.match(r"[^@]+@[^@]+\.[^@]+", email) :
-            return response_message('Error','Missing or wrong email format', 202)
-
+        if not re.match(r"[^@]+@[^@]+\.[^@]+", email):
+            return response_message(
+                'Error', 'Missing or wrong email format', 202)
         if not len(detail['password']) > 4:
-            return response_message('Failed','Ensure password is morethan 4 characters', 202)
-
-        if not isinstance(username, str) :
-            return response_message('Type Error', 'username must all be string', 202)
-
+            return response_message(
+                'Failed', 'Ensure password is morethan 4 characters', 202)
+        if not isinstance(username, str):
+            return response_message(
+                'Type Error', 'username must all be string', 202)
         if not re.match("^[a-zA-Z0-9_.-]+$", username):
-            return response_message('Space Error', 'Username should not have space, better user -', 400)
-
-        if db.get_order_by_value('users','email',email):
+            return response_message(
+                'Space Error', 'Username should not have space, better user -',
+                400)
+        if db.get_order_by_value('users', 'email', email):
             return response_message('Failed', 'User already registered', 409)
-
-        db.insert_into_user(username, email,location,password)
-        return response_message('Success', 'User account successfully created, log in', 201)
+        db.insert_into_user(username, email, location, password)
+        if detail['role']:
+            db.update_role(detail['role'], email)
+        return response_message(
+            'Success', 'User account successfully created, log in', 201)
+
 
 class LoginUser(Resource):
     """
     Class to register a user via api
     """
-
     def post(self):
         """
         User login if he supplies correct credentials
-        Token is generated and given to a user
+        token is generated and given to a user
         """
         if request.content_type != 'application/json':
-            return response_message('Bad request','Content-type must be in json', 202)
-
+            return response_message(
+                'Bad request', 'Content-type must be in json', 202)
         detail = request.get_json()
         username = detail['username']
-        role = detail['role']
+        # role = detail['role']
         password = generate_password_hash(detail['password'])
-
-        if not username :
+        if not username:
             return response_message('Failed', 'Username required', 400)
-
-        if not username :
+        if not username:
             return response_message('Failed', 'Passed required', 400)
-
-        db_user = db.get_order_by_value('users','username',username)
-        new_user = User(db_user[0],db_user[1],db_user[2],db_user[3],db_user[4])
-
-        if new_user.username == detail['username'] and check_password_hash(new_user.password, detail['password']):
-            #generate token
+        db_user = db.get_order_by_value('users', 'username', username)
+        if not db_user:
+            return ({"Failed": "incorect username"}, 401)
+        new_user = User(
+            db_user[0], db_user[1], db_user[2], db_user[3],
+            db_user[4], db_user[5]
+        )
+        if new_user.username == detail['username'] and check_password_hash(
+                new_user.password, detail['password']):
             payload = {
                 'email': new_user.email,
                 'exp': datetime.datetime.utcnow() +
-                        datetime.timedelta(days=60),
+                datetime.timedelta(days=60),
                 'iat': datetime.datetime.utcnow(),
                 'sub': new_user.user_id,
-                'role': role
+                'role': new_user.role
             }
             token = jwt.encode(
                 payload,
                 'mysecret',
                 algorithm='HS256'
                 )
-
             if token:
                 return response(
-                    new_user.user_id,new_user.username,'You have succesfully logged in.',
-                    token.decode('UTF-8'),200)
-        return response_message('Failed', 'Check your username or password', 401)
-
-
-api.add_resource(RegisterUser,'/api/v1/auth/signup')
-api.add_resource(LoginUser,'/api/v1/auth/login')
-
+                    new_user.user_id, new_user.username,
+                    'You have succesfully logged in.',
+                    token.decode('UTF-8'), 200)
+        return response_message(
+            'Failed', 'incorrect password', 401
+        )
+# register
+api.add_resource(RegisterUser, '/api/v1/auth/signup')
+api.add_resource(LoginUser, '/api/v1/auth/login')