### **📚 Library Management System API with JWT Authentication**

## **🚀 Exercise Overview**
### **User Roles**
- **Admin**: Can **add**, **update**, and **delete** books.
- **User**: Can **borrow** and **return** books.
- **Guest**: Can only **view** available books.

### **Authentication Method**
- Uses **Basic-Based Authentication**.
- Uses **JWT-Based Authentication**.

---

## **🛠️ Endpoints & Role-Based Access**
| HTTP Method | Endpoint           | Description                        | Access |
|------------|-------------------|--------------------------------|--------|
| `POST`    | `/books`           | Add a new book                | Admin  |
| `GET`     | `/books`           | List all books                | Guest, User, Admin |
| `PUT`     | `/books/<id>`      | Update book details           | Admin  |
| `DELETE`  | `/books/<id>`      | Remove a book                 | Admin  |
| `POST`    | `/borrow/<id>`     | Borrow a book                 | User |
| `POST`    | `/return/<id>`     | Return a borrowed book        | User |

---

## **📌 API Endpoint Details**
### **1️⃣ Add a New Book** (Admin Only)
- **POST `/books`**
- **Request:**
  ```json
  {
    "title": "Clean Code",
    "author": "Robert C. Martin",
    "isbn": "978-0132350884"
  }
  ```
- **Response:**
  ```json
  {
    "success": "Book added successfully.",
    "data": {
      "id": 1,
      "title": "Clean Code",
      "author": "Robert C. Martin",
      "isbn": "978-0132350884"
    }
  }
  ```

---

### **2️⃣ Get All Books** (Guest, User, Admin)
- **GET `/books`**
- **Response:**
  ```json
  {
    "books": [
      {
        "id": 1,
        "title": "Clean Code",
        "author": "Robert C. Martin",
        "isbn": "978-0132350884",
        "available": true
      }
    ]
  }
  ```

---

### **3️⃣ Update Book** (Admin Only)
- **PUT `/books/<id>`**
- **Request:**
  ```json
  {
    "title": "Updated Title",
    "author": "Updated Author"
  }
  ```
- **Errors:** `403 Forbidden`, `404 Not Found`.

---

### **4️⃣ Delete Book** (Admin Only)
- **DELETE `/books/<id>`**
- **Errors:** `403 Forbidden`, `404 Not Found`.

---

### **5️⃣ Borrow a Book** (User Only)
- **POST `/borrow/<id>`**
- **Response:**
  ```json
  {
    "message": "Book borrowed successfully.",
    "user": "johndoe",
    "book": "Clean Code"
  }
  ```

---

### **6️⃣ Return a Book** (User Only)
- **POST `/return/<id>`**
- **Response:**
  ```json
  {
    "message": "Book returned successfully.",
    "user": "johndoe",
    "book": "Clean Code"
  }
  ```

---

## **💾 Data Models**
### **📚 Book Model**
```json
{
  "id": 1,
  "title": "Clean Code",
  "author": "Robert C. Martin",
  "isbn": "978-0132350884",
  "available": true
}
```
---
### **👤 User Model**
```json
{
  "id": 1,
  "username": "johndoe",
  "role": "user",
  "password": "hashed_password"
}
```

---

## **💡 Implementation Steps**
1. **Generate application specification**
2. **Scaffold and implement the specification there**
3. **Make the application a git repo**
---
 
--- 



### scaffold structure

```text
todo-app/
├── .gitignore               # Ignore unnecessary files
├── .env                     # Environment variables
├── .vscode/                 # VSCode settings
│   ├── settings.json        # Workspace settings
│   └── launch.json          # Debugging configurations
├── app/                     # Application logic
│   ├── __init__.py          # Initialize Flask app
│   ├── models/              # Database models
│   │   ├── __init__.py      # Initialize models
│   │   ├── user.py          # User model
│   │   └── todo.py          # ToDo model
│   ├── routes/              # Application routes
│   │   ├── __init__.py      # Initialize routes
│   │   ├── auth.py          # Authentication routes
│   │   ├── todo.py          # ToDo routes
│   │   └── views.py         # View routes
│   ├── schemas/             # API schemas
│   │   ├── __init__.py      # Initialize schemas
│   │   ├── user_schema.py   # User schema
│   │   └── todo_schema.py   # ToDo schema
│   ├── forms/               # Web forms
│   │   ├── __init__.py      # Initialize forms
│   │   ├── login_form.py    # Login form
│   │   ├── register_form.py # Registration form
│   │   └── todo_form.py     # ToDo form
│   ├── templates/           # HTML templates
│   │   ├── base.html        # Base template
│   │   ├── login.html       # Login template
|   |   ├── home.html        # Home page
|   |   ├── dashboard.html   # Dashboard page
|   |   ├── edit_todo.html   # Edit ToDo page
│   │   ├── register.html    # Register template
│   │   ├── todo.html        # ToDo template
│   │   └── 404.html         # 404 error template
│   └── static/              # Static files
│       ├── style.css        # Stylesheet
│       └── script.js        # JavaScript file
├── migrations/              # Flask-Migrate folder
├── requirements.txt         # Python dependencies
├── run.py                   # Application entry point
└── README.md                # Project documentation
```
### Use the following script

```python
from pathlib import Path
import subprocess
import json

def create_flask_scaffold(parent: Path, structure: dict):
    stack = [(parent, structure)]
    while stack:
        current_parent, current_structure = stack.pop()
        for name, content in current_structure.items():
            path = current_parent / name
            if isinstance(content, dict):
                path.mkdir(parents=True, exist_ok=True)
                stack.append((path, content))
            else:
                path.touch(exist_ok=True)
                if content:
                    path.write_text(content)

def setup_virtualenv(parent: Path):
    venv_path = parent / ".venv"
    subprocess.run(["python3", "-m", "venv", str(venv_path)])
    subprocess.run([str(venv_path / "bin/pip"), "install", "-r", str(parent / "requirements.txt")])

project_structure = {
    ".gitignore": "",
    ".env": "",
    ".vscode": {
        "settings.json": json.dumps({
            "python.defaultInterpreterPath": "${workspaceFolder}/.venv/bin/python",
            "editor.formatOnSave": True
        }, indent=4),
        "launch.json": json.dumps({
            "version": "0.2.0",
            "configurations": [
                {
                    "name": "Python: Run run.py",
                    "type": "python",
                    "request": "launch",
                    "program": "${workspaceFolder}/run.py",
                    "console": "integratedTerminal",
                    "envFile": "${workspaceFolder}/.env",
                    "pythonPath": "${workspaceFolder}/.venv/bin/python"
                }
            ]
        }, indent=4)
    },
    "README.md": "",
    "requirements.txt": """alembic==1.14.0
aniso8601==9.0.1
attrs==24.3.0
blinker==1.9.0
click==8.1.7
Flask==2.2.5
Flask-HTTPAuth==4.8.0
Flask-JWT-Extended==4.4.4
Flask-Login==0.6.3
Flask-Migrate==4.0.4
flask-restx==1.3.0
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.2
greenlet==3.1.1
importlib_resources==6.4.5
itsdangerous==2.2.0
Jinja2==3.1.4
jsonschema==4.23.0
jsonschema-specifications==2024.10.1
Mako==1.3.8
MarkupSafe==3.0.2
mysql-connector-python==8.0.33
mysqlclient==2.2.7
protobuf==3.20.3
PyJWT==2.10.1
PyMySQL==1.1.1
python-dotenv==1.0.0
pytz==2024.2
referencing==0.35.1
rpds-py==0.22.3
SQLAlchemy==2.0.36
typing_extensions==4.12.2
Werkzeug==3.1.3
WTForms==3.2.1""",
    "app": {
        "__init__.py": "",
        "models": {...put your models here},
        "routes": {...put your routes here},
        "schemas": {...put your schemas here},
        "utils": {"__init__.py": "", "auth_utils.py": ""}
        "forms": {...put your forms here},
        "templates": {...put your template here},
        "static": {"style.css": "", "script.js": ""},
    },
    "run.py": ""
}

destination = Path.cwd()
create_flask_scaffold(destination, project_structure)
setup_virtualenv(destination)
```
 