6YtAtqCY

1from flask import Flask, jsonify, request, session
2from flask_httpauth import HTTPBasicAuth
3from werkzeug.security import generate_password_hash, check_password_hash
4from lxml import html
5import requests
6import sqlite3
7import os
8import csv
9
10
11app = Flask(__name__)
12auth = HTTPBasicAuth()
13app.secret_key = b'r2q35b4536y5yasdfg5656y98543h394yhtr7834t3490tsrtg'
14
15@auth.hash_password
16def hash_pw(username, password):
17    salt = get_salt(username)
18    return hash(password, salt)
19
20@auth.verify_password
21def verify_password(username, password):
22	conn = sqlite3.connect('db.db')
23	cur = conn.cursor()
24	cur.execute('select * from users where username like ?', (username, ))
25	try:
26		userdata = cur.fetchone()
27		id = userdata[0]
28	except TypeError:  # If user not exists
29		session['userid'] = None
30		conn.close()
31		return False
32	is_authenticated = check_password_hash(userdata[2], password)
33	if is_authenticated:
34		session['userid'] = int(userdata[0])
35	else:
36		session['userid'] = None
37	conn.close()
38	return is_authenticated
39
40
41def db_connect(function_to_decorate):
42	def wrapper(*args, **kwargs):
43		conn = sqlite3.connect('db.db')
44		cur = conn.cursor()
45		res = function_to_decorate(cur, conn, *args, **kwargs)  # Сама функция
46		conn.close()
47		return res
48	wrapper.__name__ = function_to_decorate.__name__
49	return wrapper
50
51#delete all users even if you not logged in
52@app.route('/users_clear_force', methods=['GET'])
53@db_connect
54def force_refresh_users_db(cur, conn):
55	cur.execute('delete from users')
56	conn.commit()
57	return jsonify({'Action': 'Force users clear', 'State': 'Success'})
58
59#delete all users exepct current
60@app.route('/users_clear', methods=['GET'])
61@auth.login_required
62@db_connect
63def refresh_users_db(cur, conn):
64	cur.execute("delete from users where username not like '%" + auth.username() + "'")
65	conn.commit()
66	return jsonify({'Action': 'Users clear', 'State': 'Success'})
67	
68@app.route('/db_refresh', methods=['POST'])
69@auth.login_required
70@db_connect
71def refresh_db(cur, conn):
72	cur.execute('delete from water')
73	conn.commit()
74	cur.execute("delete from sqlite_sequence where name='water'")
75	conn.commit()
76	with open('water.csv') as csvfile:
77		readCSV = csv.reader(csvfile, delimiter=';')
78		for row in readCSV:
79			print(row)
80			if len(row[0]) > 0 and row[0] != 'Name':
81				cur.execute("""insert or ignore into water(Name, Ca, Mg, F, Zn) 
82				values (?, ?, ?, ?, ?)""", (row[0], row[1], row[2], row[3], row[4]))
83				conn.commit()
84							
85	return jsonify({'Action': 'Refresh data', 'State': 'Success'})
86
87@app.route('/products')
88@auth.login_required
89@db_connect
90def get_all_products(cur, conn):
91	format_data = request.args.get('format', default='Ca,Mg,F,Zn')
92	find = request.args.get('find', default=None)
93	if set(format_data.split(',')) > set('waterid,Ca,Mg,F,Zn'.split(',')):  # Все эл-ты format_data принадлежат всем возможным элементам
94		return jsonify({'Action': 'get all products', 'State': 'Error'})
95	print(format_data)
96	cur.execute("select Name {} from water".format( ', '+format_data if len(format_data) > 0 else ''))
97	water = {i[0]: dict(zip(format_data.split(','), i[1:])) for i in cur.fetchall() if find is None or i[0] == find}
98	return jsonify(water)
99
100@app.route('/users', methods=['POST'])
101@db_connect
102def signup(cur, conn):
103	username = request.args.get('username', default=None)
104	password = request.args.get('password', default=None)
105	if None in (username, password):
106		return jsonify({'Action': 'Register user', 'State': 'Error'})
107	else:
108		try:
109			cur.execute('insert into users(username, password) values(?, ?)', (username, generate_password_hash(password)))
110			conn.commit()
111		except sqlite3.Error:
112			return jsonify({'Action': 'Register user', 'State': 'Already exists'})
113		return jsonify({'Action': 'Register user', 'State': 'Success'})
114
115@app.route('/users', methods=['GET'])
116@auth.login_required
117@db_connect
118def users(cur, conn):
119	users = cur.execute("select userid, username from users").fetchall()
120	users_json = [dict(zip(('userid', 'username'), user)) for user in users]
121	return jsonify(users_json)
122
123
124@app.route('/users/<userid>', methods=['PUT', 'GET', 'DELETE'])
125@auth.login_required
126@db_connect
127def user(cur, conn, userid):
128	try:
129		userid = int(userid)
130	except ValueError:
131		return jsonify({'Action': 'User', 'State': 'Error'})
132	if request.method == 'PUT':
133		password = request.args.get('password', default=None)
134		if password is None or userid != session['userid']:
135			return jsonify({'Action': 'Edit user', 'State': 'Error'})
136		else:
137			cur.execute('update users set password = ? where userid = ?',
138						(generate_password_hash(password), userid))
139			conn.commit()
140			return jsonify({'Action': 'Edit user', 'State': 'Success'})
141	elif request.method == 'GET':
142		users = cur.execute("select userid, username from users where userid = ?", (userid, )).fetchall()
143		users_json = [dict(zip(('userid', 'username'), user)) for user in users]
144		return jsonify(users_json)
145	elif request.method == 'DELETE':
146		userid = request.args.get('userid', default=None)
147		if userid == session['userid']:
148			cur.execute('delete from users where userid = ?', (userid ,))
149			conn.commit()
150			return jsonify({'Action': 'Delete user', 'State': 'Success'})
151		else:
152			return jsonify({'Action': 'Delete user', 'State': 'Error'})
153
154
155@app.route('/')
156def index():
157	return "<h1>Finally, works!</h1>"
158
159@db_connect
160def init(cur, conn):
161	cur.execute("""
162		create table IF NOT EXISTS users (
163		 userid INTEGER PRIMARY KEY AUTOINCREMENT,
164		 username TEXT NOT NULL UNIQUE,
165		 password TEXT NOT NULL
166		)
167		""")
168	conn.commit()
169	cur.execute("""
170		create table IF NOT EXISTS water (
171		 waterid INTEGER PRIMARY KEY AUTOINCREMENT,
172		 Name TEXT NOT NULL UNIQUE,
173		 Ca TEXT NOT NULL,
174		 Mg TEXT NOT NULL,
175		 F TEXT NOT NULL,
176		 Zn TEXT
177		)
178		""")
179	conn.commit()
180
181port = os.environ.get('PORT')
182
183if __name__ == '__main__':
184	init()
185	app.run(host= '0.0.0.0', threaded=True, port=port)
186
187"""
188
189refresh_db          - POST              - обновляет данные в бд о продуктах. Не принимает аргументов
190
191products            - GET               - Отображает для пользователя все продукты. 
192											Аргумент format задаёт последовательность/полноту данных для пользователя
193											Аргумент find задаёт фразу для поиска по словарю
194
195users               - POST/GET          - добавляет пользователя.
196											Аргумент usename 
197											Аргумент password
198										- Отображает всех пользователей
199
200users/<userid>      - GET/PUT/DELETE    - Отображает пользователя с таким ИД, может быть не вашим
201										- Редактирует пользователя с таким ИД, если он ваш
202											Аргумент password
203										- Удаляет пользователя с таким ИД, если он ваш
204
205"""