In [19]:
!pip3 install pymysql
!pip3 install pandas
!pip3 install sqlalchemy
!pip3 install flask flask_restful



In [20]:
import pymysql.cursors
from sqlalchemy import create_engine
import pandas as pd
import datetime
import uuid
import numpy as np
import json
from itertools import combinations

In [21]:
database_uri = 'mysql+pymysql://yul478:InfSci2710_4690737@164.90.137.194/greenstep'
engine = create_engine(database_uri)

In [22]:
qry = "SELECT * FROM orders;"
order_result = pd.read_sql(qry, con=engine)
order_result.head()

Unnamed: 0,order_id,user_id,address_id,date_placed,total_price,status
0,1,1,1,2024-03-26 09:00:00,299.98,Shipped
1,2,2,2,2024-03-27 10:30:00,129.99,Processing
2,3,3,3,2024-03-28 11:45:00,99.99,Delivered
3,4,4,4,2024-03-29 14:00:00,59.99,Shipped
4,5,5,5,2024-03-30 16:15:00,49.99,Processing


In [38]:
from flask import Flask, jsonify, request, render_template, redirect, url_for
from flask_restful import Resource, Api, reqparse
import pandas as pd
from sqlalchemy import text
import json
from datetime import datetime
import os
from sqlalchemy.exc import SQLAlchemyError

app = Flask(__name__)
api = Api(app)

# 主页路由
@app.route('/')
def home():
    return render_template('index.html')

# 订单管理页面路由
@app.route('/orders')
def orders_page():
    return render_template('orders.html')

# # 用户管理页面路由
# @app.route('/users')
# def users_page():
#     return render_template('users.html')

# 产品管理页面路由
@app.route('/products')
def products_page():
    return render_template('products.html')

@app.route('/users', methods=['GET'])
def users_page():
    with engine.connect() as connection:
        result = pd.read_sql("SELECT * FROM users;", con=connection)
        users = result.to_dict(orient='records')  # Convert DataFrame to list of dictionaries
    return render_template('users.html', users=users)

@app.route('/users', methods=['POST'])

class Orders(Resource):
    def get(self):
        with engine.connect() as connection:
            result = pd.read_sql("SELECT * FROM orders;", con=connection)
            return jsonify(json.loads(result.to_json(orient='records')))
    def post(self):
        post_parser = reqparse.RequestParser()
        post_parser.add_argument('address_id', type=int, required=True, help="Address ID is required")
        post_parser.add_argument('date_placed', type=int, required=True, help="Date placed is required")
        post_parser.add_argument('status', type=str, required=True, help="Status of the order is required")
        post_parser.add_argument('total_price', type=float, required=True, help="Total price cannot be blank")
        post_parser.add_argument('user_id', type=int, required=True, help="User ID is required")
        
        args = post_parser.parse_args()
        
        date_placed = datetime.fromtimestamp(args['date_placed'] / 1000.0)

        sql = text("""
            INSERT INTO orders (address_id, date_placed, status, total_price, user_id)
            VALUES (:address_id, :date_placed,:status, :total_price, :user_id);
        """)

        # 将参数传递为字典
        params = {
            'address_id': args['address_id'],
            'date_placed': date_placed,
            'status': args['status'],
            'total_price': args['total_price'],
            'user_id': args['user_id']
        }

        with engine.connect() as connection:
            connection.execute(sql, params)  # 使用字典传递参数
            connection.commit()
        return {'message': 'Order added successfully'}, 201      

    def put(self):
        put_parser = reqparse.RequestParser()
        put_parser.add_argument('order_id', type=int, help="Order ID is required", required=True)
        put_parser.add_argument('address_id', type=int, help="Address ID is required", required=True)
        put_parser.add_argument('date_placed', type=int, help="Date placed is required", required=True)
        put_parser.add_argument('status', type=str, help="Status of the order is required", required=True)
        put_parser.add_argument('total_price', type=float, help="Total price cannot be blank", required=True)
        put_parser.add_argument('user_id', type=int, help="User ID is required", required=True)
        args = put_parser.parse_args()
        order_id = args.get('order_id')
        
        if not order_id:
            return {'message': 'Order ID is required.'}, 400

        date_placed = datetime.fromtimestamp(args['date_placed'] / 1000.0)

        sql = text("""
            UPDATE orders 
            SET address_id=:address_id, date_placed=:date_placed, status=:status, 
                total_price=:total_price, user_id=:user_id
            WHERE order_id=:order_id;
        """)

        params = {
            'order_id': order_id,
            'address_id': args['address_id'],
            'date_placed': date_placed,
            'status': args['status'],
            'total_price': args['total_price'],
            'user_id': args['user_id']
        }

        with engine.connect() as connection:
            result = connection.execute(sql, params)
            connection.commit()
            if result.rowcount == 0:
                return {'message': 'No order found with the given ID or no update needed as the data is the same.'}, 404

        return {'message': 'Order updated successfully'}, 200
        
    def delete(self):
        delete_parser = reqparse.RequestParser()
        delete_parser.add_argument('order_id', type=int, help="Order ID is required", required=True)
        
        args = delete_parser.parse_args()
        order_id = args.get('order_id')
        
        if not order_id:
            return {'message': 'Order ID is required??.'}, 400

        sql = text("DELETE FROM orders WHERE order_id = :order_id;")

        with engine.connect() as connection:
            result = connection.execute(sql, {'order_id': order_id})
            connection.commit()
            if result.rowcount == 0:
                return {'message': 'No order found with the given ID.'}, 404
        return {'message': 'Order deleted successfully'}, 200


class Users(Resource):

    def get(self):
        with engine.connect() as connection:
            result = pd.read_sql("SELECT * FROM users;", con=connection)
            return jsonify(json.loads(result.to_json(orient='records')))
        
        return render_template('users.html', users=users)

    def post(self):
        parser = reqparse.RequestParser()
        parser.add_argument('username', type=str, required=True, help="Username is required")
        parser.add_argument('email', type=str, required=True, help="Email is required")
        parser.add_argument('password_hash', type=str, required=True, help="Password hash is required")
        #parser.add_argument('date_joined', type=int, required=True, help="Date joined is required in timestamp format")
        #parser.add_argument('last_login', type=int, required=False, help="Last login is optional and should be in timestamp format")
        parser.add_argument('user_type_id', type=int, required=True, help="User Type ID is required")

        args = parser.parse_args()
        # Check if the request contains JSON data
        if not request.is_json:
            return {'message': 'Request must be JSON'}, 400
        
        current_time = datetime.utcnow()
        data = {
            'username': args['username'],
            'email': args['email'],
            'password_hash': args['password_hash'],
            'date_joined': current_time,
            'last_login': current_time,
            'user_type_id': 1
        }

        # Check for required fields in JSON data
        required_fields = ['username', 'email', 'password_hash', 'date_joined', 'user_type_id']
        if not all(field in data for field in required_fields):
            return {'message': 'Missing fields in JSON data'}, 400
        
        # Convert timestamp to datetime object
        #data['date_joined'] = datetime.utcnow()
        #data['last_login'] = datetime.utcnow()

        sql = text("""
            INSERT INTO users (username, email, password_hash, date_joined, last_login, user_type_id)
            VALUES (:username, :email, :password_hash, :date_joined, :last_login, :user_type_id);
        """)


        with engine.connect() as connection:
            connection.execute(sql, data)
            connection.commit()
        return {'message': 'User added successfully'}, 201

        

    def put(self):
        put_parser = reqparse.RequestParser()
        put_parser.add_argument('username', type=str, required=True, help="Username is required")
        put_parser.add_argument('email', type=str, required=True, help="Email is required")
        put_parser.add_argument('password_hash', type=str, required=True, help="Password hash is required")
        put_parser.add_argument('date_joined', type=int, required=True, help="Date joined is required in timestamp format")
        put_parser.add_argument('last_login', type=int, required=False, help="Last login is optional and should be in timestamp format")
        put_parser.add_argument('user_type_id', type=int, required=True, help="User Type ID is required")
        put_parser.add_argument('user_id', type=int, required=True, help="User ID is required")
    
        args = put_parser.parse_args()

        data = {
            'username': args['username'],
            'email': args['email'],
            'password_hash': args['password_hash'],
            'date_joined': data.get('date_joined', datetime.utcnow()),
            'last_login': data.get('last_login', datetime.utcnow()),
            'user_type_id': args['user_type_id'],
            'user_id': args['user_id']
        }
        # date_joined = datetime.fromtimestamp(args['date_joined'] / 1000.0)
        # last_login = datetime.fromtimestamp(args['last_login'] / 1000.0) if args['last_login'] else None
        user_id = args.get('user_id')
    
        sql = text("""
            UPDATE users SET
                username = :username,
                email = :email,
                password_hash = :password_hash,
                date_joined = :date_joined,
                last_login = :last_login,
                user_type_id = :user_type_id
            WHERE user_id = :user_id;
        """)
    
    
        with engine.connect() as connection:
            result = connection.execute(sql, data)
            connection.commit()
    
        if result.rowcount == 0:
            return {'message': 'No user found with this ID'}, 404
    
        return {'message': 'User updated successfully'}, 200
        

    def delete(self):
        delete_parser = reqparse.RequestParser()
        delete_parser.add_argument('user_id', type=int, help="user ID is required", required=True)
        
        args = delete_parser.parse_args()
        user_id = args.get('user_id')
        
        if not user_id:
            return {'message': 'user_id is required??.'}, 400

        sql = text("DELETE FROM users WHERE user_id = :user_id;")

        with engine.connect() as connection:
            result = connection.execute(sql, {'user_id': user_id})
            connection.commit()
            if result.rowcount == 0:
                return {'message': 'No user_id found with the given ID.'}, 404
        return {'message': 'User deleted successfully'}, 200

class Product(Resource):
    def get(self): 
        with engine.connect() as connection:
            result = pd.read_sql("SELECT * FROM products;", con=connection)
            return jsonify(json.loads(result.to_json(orient='records')))

    def post(self):
        post_parser = reqparse.RequestParser()
        post_parser.add_argument('name', type=str, required=True, help="Product name is required.")
        post_parser.add_argument('description', type=str, required=False, default="")
        post_parser.add_argument('brand_id', type=int, required=True, help="Brand ID is required.")
        post_parser.add_argument('category_id', type=int, required=True, help="Category ID is required.")
        post_parser.add_argument('price', type=float, required=True, help="Price is required.")
        post_parser.add_argument('stock_quantity', type=int, required=True, help="Stock quantity is required.")
        post_parser.add_argument('eco_rating', type=int, required=True, help="Eco rating is required.")
        
        args = post_parser.parse_args()

        sql = text("""
            INSERT INTO products (name, description, brand_id, category_id, price, stock_quantity, eco_rating)
            VALUES (:name, :description, :brand_id, :category_id, :price, :stock_quantity, :eco_rating);
        """)

        params = {
            'name': args['name'],
            'description': args['description'],
            'brand_id': args['brand_id'],
            'category_id': args['category_id'],
            'price': args['price'],
            'stock_quantity': args['stock_quantity'],
            'eco_rating': args['eco_rating']
        }

        with engine.connect() as connection:
            connection.execute(sql, args)
            connection.commit()
        return {'message': 'Product added successfully'}, 201

    def put(self):
        put_parser = reqparse.RequestParser()
        put_parser.add_argument('product_id', type=int, help="Product ID is required", required=True)
        put_parser.add_argument('name', type=str, required=True, help="Product name is required.")
        put_parser.add_argument('description', type=str, required=False, default="")
        put_parser.add_argument('brand_id', type=int, required=True, help="Brand ID is required.")
        put_parser.add_argument('category_id', type=int, required=True, help="Category ID is required.")
        put_parser.add_argument('price', type=float, required=True, help="Price is required.")
        put_parser.add_argument('stock_quantity', type=int, required=True, help="Stock quantity is required.")
        put_parser.add_argument('eco_rating', type=int, required=True, help="Eco rating is required.")
        
        args = put_parser.parse_args()
        product_id = args.get('product_id')

        if not product_id:
            return {'message': 'Product ID is required.'}, 400

        sql = text("""
            UPDATE products
            SET name=:name, description=:description, brand_id=:brand_id, category_id=:category_id, 
                price=:price, stock_quantity=:stock_quantity, eco_rating=:eco_rating
            WHERE product_id=:product_id;
        """)

        params = {
            "product_id": product_id,
            'name': args['name'],
            'description': args['description'],
            'brand_id': args['brand_id'],
            'category_id': args['category_id'],
            'price': args['price'],
            'stock_quantity': args['stock_quantity'],
            'eco_rating': args['eco_rating']
        }

        with engine.connect() as connection:
            result = connection.execute(sql, params)
            connection.commit()

            if result.rowcount == 0:
                return {'message': 'No product found with the given ID or no update needed as the data is the same.'}, 404

        return {'message': 'Product updated successfully'}, 200

    def delete(self):
        delete_parser = reqparse.RequestParser()
        delete_parser.add_argument('product_id', type=int, required=True, help="Product ID is required")

        args = delete_parser.parse_args()
        product_id = args.get('product_id')

        if not product_id:
            return {'message': 'Product ID is required.'}, 400

        sql = text("DELETE FROM products WHERE product_id = :product_id;")

        with engine.connect() as connection:
            result = connection.execute(sql, {'product_id': product_id})
            connection.commit()
            if result.rowcount == 0:
                return {'message': 'No product found with the given ID.'}, 404
        return {'message': 'Product deleted successfully'}, 200


api.add_resource(Orders, '/orders')
api.add_resource(Users, '/users')
api.add_resource(Product, '/products')

if __name__ == '__main__':
    app.run(debug=True, use_reloader=False)

 * Serving Flask app '__main__'
 * Debug mode: on


 * Running on http://127.0.0.1:5000
Press CTRL+C to quit
127.0.0.1 - - [22/Apr/2024 21:04:47] "GET /users HTTP/1.1" 200 -
127.0.0.1 - - [22/Apr/2024 21:04:47] "GET /users HTTP/1.1" 200 -
127.0.0.1 - - [22/Apr/2024 21:04:48] "GET /users HTTP/1.1" 200 -
127.0.0.1 - - [22/Apr/2024 21:04:48] "GET /users HTTP/1.1" 200 -
127.0.0.1 - - [22/Apr/2024 21:05:00] "POST /users HTTP/1.1" 500 -
Traceback (most recent call last):
  File "c:\Users\Leon\AppData\Local\Programs\Python\Python311\Lib\site-packages\sqlalchemy\engine\base.py", line 1971, in _exec_single_context
    self.dialect.do_execute(
  File "c:\Users\Leon\AppData\Local\Programs\Python\Python311\Lib\site-packages\sqlalchemy\engine\default.py", line 919, in do_execute
    cursor.execute(statement, parameters)
  File "c:\Users\Leon\AppData\Local\Programs\Python\Python311\Lib\site-packages\pymysql\cursors.py", line 153, in execute
    result = self._query(query)
             ^^^^^^^^^^^^^^^^^^
  File "c:\Users\Leon\AppData\Local\Programs\Py