In [6]:
from flask import Flask
from flask_restful import Api,Resource, reqparse
from flask_jwt import JWT,jwt_required
import sqlite3
from werkzeug.security import safe_str_cmp
from flask_sqlalchemy import SQLAlchemy

In [None]:
db = SQLAlchemy()

In [7]:
class User(db.Model):
    TABLE_NAME = 'users'
    
    id =db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(80))
    password = db.Column(db.String(80))

    def __init__(self, _id, username, password):
        self.id = _id
        self.username = username
        self.password = password

    @classmethod
    def find_by_username(cls, username):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "SELECT * FROM {table} WHERE username=?".format(table=cls.TABLE_NAME)
        result = cursor.execute(query, (username,))
        row = result.fetchone()
        if row:
            user = cls(*row)
        else:
            user = None

        connection.close()
        return user

    @classmethod
    def find_by_id(cls, _id):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "SELECT * FROM {table} WHERE id=?".format(table=cls.TABLE_NAME)
        result = cursor.execute(query, (_id,))
        row = result.fetchone()
        if row:
            user = cls(*row)
        else:
            user = None

        connection.close()
        return user


class UserRegister(Resource):
    TABLE_NAME = 'users'

    parser = reqparse.RequestParser()
    parser.add_argument('username',
                        type=str,
                        required=True,
                        help="This field cannot be left blank!"
                        )
    parser.add_argument('password',
                        type=str,
                        required=True,
                        help="This field cannot be left blank!"
                        )

    def post(self):
        data = UserRegister.parser.parse_args()

        if User.find_by_username(data['username']):
            return {"message": "User with that username already exists."}, 400

        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "INSERT INTO {table} VALUES (NULL, ?, ?)".format(table=self.TABLE_NAME)
        cursor.execute(query, (data['username'], data['password']))

        connection.commit()
        connection.close()

        return {"message": "User created successfully."}, 201

In [8]:
def authenticate(username, password):
    user = User.find_by_username(username)
    if user and safe_str_cmp(user.password, password):
        return user


def identity(payload):
    user_id = payload['identity']
    return User.find_by_id(user_id)

In [9]:
class Item(Resource,db.Model):
    TABLE_NAME = 'items'

    id =db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(80))
    price = db.Column(db.Float(precision=3))
    
    
    parser = reqparse.RequestParser()
    parser.add_argument('price',
        type=float,
        required=True,
        help="This field cannot be left blank!"
    )

    @jwt_required()
    def get(self, name):
        item = Item.find_by_name(name)
        if item:
            return item
        return {'message': 'Item not found'}, 404

    @classmethod
    def find_by_name(cls, name):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "SELECT * FROM {table} WHERE name=?".format(table=cls.TABLE_NAME)
        result = cursor.execute(query, (name,))
        row = result.fetchone()
        connection.close()

        if row:
            return {'item': {'name': row[0], 'price': row[1]}}

    def post(self, name):
        if Item.find_by_name(name):
            return {'message': "An item with name '{}' already exists.".format(name)}

        data = Item.parser.parse_args()

        item = {'name': name, 'price': data['price']}

        try:
            Item.insert(item)
        except:
            return {"message": "An error occurred inserting the item."},500 #Internal server error

        return item,201

    @classmethod
    def insert(cls, item):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "INSERT INTO {table} VALUES(?, ?)".format(table=cls.TABLE_NAME)
        cursor.execute(query, (item['name'], item['price']))

        connection.commit()
        connection.close()

    @jwt_required()
    def delete(self, name):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "DELETE FROM {table} WHERE name=?".format(table=self.TABLE_NAME)
        cursor.execute(query, (name,))

        connection.commit()
        connection.close()

        return {'message': 'Item deleted'}

    @jwt_required()
    def put(self, name):
        data = Item.parser.parse_args()
        item = self.find_by_name(name)
        updated_item = {'name': name, 'price': data['price']}
        if item is None:
            try:
                Item.insert(updated_item)
            except:
                return {"message": "An error occurred inserting the item."},500
        else:
            try:
                Item.update(updated_item)
            except:
                return {"message": "An error occurred updating the item."},500
        return updated_item

    @classmethod
    def update(cls, item):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "UPDATE {table} SET price=? WHERE name=?".format(table=cls.TABLE_NAME)
        cursor.execute(query, (item['price'], item['name']))

        connection.commit()
        connection.close()


class ItemList(Resource,,db.Model):
    TABLE_NAME = 'items'
    
    id =db.Column(db.Integer, primary_key=True)
    name = db.Column(db.String(80))
    price = db.Column(db.Float(precision=3))  

    def get(self):
        connection = sqlite3.connect('data.db')
        cursor = connection.cursor()

        query = "SELECT * FROM {table}".format(table=self.TABLE_NAME)
        result = cursor.execute(query)
        items = []
        for row in result:
            items.append({'name': row[0], 'price': row[1]})
        connection.close()

        return {'items': items}

In [10]:
app = Flask(__name__)
app.config['PROPAGATE_EXCEPTIONS'] = True
app.secret_key = 'jose'
api = Api(app)

jwt = JWT(app, authenticate, identity)

api.add_resource(Item, '/item/<string:name>')
api.add_resource(ItemList, '/items')
api.add_resource(UserRegister, '/register')

if __name__ == '__main__':
    db.init_app(app)
    app.run(port=5000)  # important to mention debug=True

 * Serving Flask app "__main__" (lazy loading)
 * Environment: production
   Use a production WSGI server instead.
 * Debug mode: off


 * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
Bad Request. Invalid credentials
127.0.0.1 - - [03/Jan/2021 16:06:21] "[31m[1mPOST /auth HTTP/1.1[0m" 401 -
127.0.0.1 - - [03/Jan/2021 16:06:26] "[37mPOST /register HTTP/1.1[0m" 201 -
127.0.0.1 - - [03/Jan/2021 16:06:29] "[37mPOST /auth HTTP/1.1[0m" 200 -
127.0.0.1 - - [03/Jan/2021 16:07:19] "[37mPOST /item/chair HTTP/1.1[0m" 201 -
127.0.0.1 - - [03/Jan/2021 16:16:12] "[37mGET /items HTTP/1.1[0m" 200 -
127.0.0.1 - - [03/Jan/2021 16:26:43] "[37mPOST /auth HTTP/1.1[0m" 200 -
127.0.0.1 - - [03/Jan/2021 16:31:44] "[37mPOST /auth HTTP/1.1[0m" 200 -
127.0.0.1 - - [03/Jan/2021 16:32:46] "[37mPOST /auth HTTP/1.1[0m" 200 -
127.0.0.1 - - [03/Jan/2021 16:32:59] "[33mGET /item/test HTTP/1.1[0m" 404 -
127.0.0.1 - - [03/Jan/2021 16:33:24] "[31m[1mPOST /register HTTP/1.1[0m" 400 -
127.0.0.1 - - [03/Jan/2021 16:33:29] "[37mPOST /auth HTTP/1.1[0m" 200 -
127.0.0.1 - - [03/Jan/2021 16:34:17] "[37mGET /items HTTP/1.1[0m"