vpCpL1mZ

· 5 years ago · Jul 29, 2020, 02:54 AM
1import os
2
3from cs50 import SQL
4from flask import Flask, flash, jsonify, redirect, render_template, request, session
5from flask_session import Session
6from tempfile import mkdtemp
7from werkzeug.exceptions import default_exceptions, HTTPException, InternalServerError
8from werkzeug.security import check_password_hash, generate_password_hash
9
10from helpers import apology, login_required, lookup, usd
11
12# Configure application
13app = Flask(__name__)
14
15# Ensure templates are auto-reloaded
16app.config["TEMPLATES_AUTO_RELOAD"] = True
17
18# Ensure responses aren't cached
19@app.after_request
20def after_request(response):
21    response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
22    response.headers["Expires"] = 0
23    response.headers["Pragma"] = "no-cache"
24    return response
25
26# Custom filter
27app.jinja_env.filters["usd"] = usd
28
29# Configure session to use filesystem (instead of signed cookies)
30app.config["SESSION_FILE_DIR"] = mkdtemp()
31app.config["SESSION_PERMANENT"] = False
32app.config["SESSION_TYPE"] = "filesystem"
33Session(app)
34
35# Configure CS50 Library to use SQLite database
36db = SQL("sqlite:///finance.db")
37
38# Make sure API key is set
39if not os.environ.get("API_KEY"):
40    raise RuntimeError("API_KEY not set")
41
42
43@app.route("/")
44@login_required
45def index():
46    """Show portfolio of stocks"""
47
48    shares = db.execute("SELECT shares FROM sells WHERE users_id = :id", id = session['user_id'])
49    symbol = db.execute("SELECT symbol FROM sells WHERE users_id = :id", id = session['user_id'])
50    cash = db.execute("SELECT cash FROM users WHERE id = :id", id = session['user_id'])
51
52    final_ttl = 0
53    total = cash[0]['cash']
54    quote = []
55
56    quote = lookup(symbol)
57    price = quote['price']
58
59    ttl_val_share = price * shares
60    final_ttl += ttl_val_share
61
62    return render_template("index.html", symbol = symbol, name = quote[0], price = price, total = ttl_val_share, cash = total, totalvalue = final_ttl)
63
64
65
66@app.route("/buy", methods=["GET", "POST"])
67@login_required
68def buy():
69    """Buy shares of stock"""
70    if request.method == "POST":
71        stock = request.form.get("stock")
72        if stock == "":
73            return apology("Blank stock")
74        results = []
75        results = lookup(stock)
76        if lookup(stock) == None:
77            return apology("Incorrect stock quote")
78
79        shares = request.form.get("shares")
80        if shares <= 0:
81            return apology("Invalid number of shares")
82        cash = db.execute("SELECT cash FROM users WHERE id = :id", id = session['user_id'])
83
84        payment = stock[2] * shares
85
86        cash = cash - payment
87        if cash < payment:
88            return apology("Not enough money")
89
90        # update table sells
91        db.execute("INSERT INTO (symbol, shares, price) FROM sells WHERE users_id = :id", id = session['user_id'], symbol=results[1], price=payment)
92        db.execute("INSERT INTO (symbol, shares, price) FROM history WHERE users_id = :id", id = session['user_id'], symbol=results[1], price=payment)
93
94        # update money left
95        db.execute("UPDATE cash FROM users WHERE id = :id", id = session['user_id'], cash=cash)
96
97    else:
98        return render_template("buy.html")
99
100
101@app.route("/history")
102@login_required
103def history():
104    """Show history of transactions"""
105
106    shares = db.execute("SELECT * FROM history WHERE users_id = :id", id = session['user_id'])
107# stock_list=db.execute("SELECT symbol, shares, price, type FROM progress WHERE id=:sessioni", sessioni=id)
108    for share in shares:
109        return render_template("history.html", shares=shares)
110
111@app.route("/login", methods=["GET", "POST"])
112def login():
113    """Log user in"""
114
115    # Forget any user_id
116    session.clear()
117
118    # User reached route via POST (as by submitting a form via POST)
119    if request.method == "POST":
120
121        # Ensure username was submitted
122        if not request.form.get("username"):
123            return apology("must provide username", 403)
124
125        # Ensure password was submitted
126        elif not request.form.get("password"):
127            return apology("must provide password", 403)
128
129        # Query database for username
130        rows = db.execute("SELECT * FROM users WHERE username = :username",
131                          username=request.form.get("username"))
132
133        # Ensure username exists and password is correct
134        if len(rows) != 1 or not check_password_hash(rows[0]["hash"], request.form.get("password")):
135            return apology("Invalid", 403)
136
137        # Remember which user has logged in
138        session["user_id"] = rows[0]["id"]
139
140        # Redirect user to home page
141        return redirect("/")
142
143    # User reached route via GET (as by clicking a link or via redirect)
144    else:
145        return render_template("login.html")
146
147
148@app.route("/logout")
149def logout():
150    """Log user out"""
151
152    # Forget any user_id
153    session.clear()
154
155    # Redirect user to login form
156    return redirect("/")
157
158
159@app.route("/quote", methods=["GET", "POST"])
160@login_required
161def quote():
162    """Get stock quote."""
163    if request.method == "POST":
164        stocks = []
165        quote = request.form.get("symbol")
166        stocks = lookup(quote)
167        return render_template("quoted.html", name=stocks[0], symbol=stocks[1], price=stocks[2])
168
169    else:
170        return render_template("quote.html")
171    return apology("Invalid quote")
172
173
174@app.route("/register", methods=["GET", "POST"])
175def register():
176    """Register user"""
177
178    if request.method == "POST":
179
180        # get username
181        username = request.form.get("username")
182
183        # check if username is not empty
184        if username == "":
185            return apology("Must provide username")
186
187        # chech if username in database
188
189        users = db.execute("SELECT * FROM users WHERE username = :username", username=request.form.get("username"))
190        for i in users:
191            if i == username:
192                return apology("Username alredy taken")
193
194        # get password with 6 numbers and at least one letter
195        password1 = request.form.get("password1")
196        password2 = request.form.get("password2")
197
198        if len(password1) == 0 or len(password2) == 0:
199            return apology("Provide a password")
200
201        if password1 != password2:
202            return apology("Passwords do not match")
203
204        let = 0
205        num = 0
206
207        for i in password1:
208            if i.isdigit() == True:
209                num += 1
210            else:
211                let += 1
212        if let > 0 and num > 0 and let + num >= 6:
213            pass
214        else:
215            return apology("Must provide a complex password")
216
217        # hash password
218        password = generate_password_hash(password1)
219
220        # get id
221        rows = db.execute("SELECT * FROM users WHERE username = :username", username = username)
222
223        # remember session
224        #session["user_id"] = rows[0]['id'] ######### BUGGGGGGGGGGGGGGGGG
225
226        # insert into table username and password
227        db.execute("INSERT INTO users (username, hash) VALUES (?, ?)", username, password)
228
229        return redirect("/")
230    # User reached route via GET (as by clicking a link or via redirect)
231    else:
232        return render_template("register.html")
233
234@app.route("/sell", methods=["GET", "POST"])
235@login_required
236def sell():
237    """Sell shares of stock"""
238
239    if request.method == "POST":
240
241        symbol = request.form.get("symbol")
242        shares = request.form.get("shares")
243
244        results = []
245        results = lookup(symbol)
246        shares_symb = db.execute("SELECT symbol FROM sells WHERE users_id = :id", id = session['user_id'])
247        shares_amount = db.execute("SELECT shares FROM sells WHERE users_id = :id", id = session['user_id'])
248
249        # check if the stock is owned
250        if symbol not in shares_symb:
251            return apology("Incorrect stock quote")
252        # check if owns less or equal shares of stock
253        if shares > shares_amount:
254            return apology("Too many shares")
255
256        cash = db.execute("SELECT cash FROM users WHERE id = :id", id = session['user_id'])
257
258        payment = results[2] * int(shares)
259
260        cash = cash + payment
261
262        # update table sells
263        db.execute("INSERT INTO (symbol, shares, price) FROM sells WHERE users_id = :id", id=session['user_id'], symbol=results[1], price=payment)
264        db.execute("INSERT INTO (symbol, shares, price) FROM history WHERE users_id = :id", id=session['user_id'], symbol=results[1], price=payment)
265
266        # update money left
267        db.execute("UPDATE cash FROM users WHERE id = :id", id = session['user_id'], cash=cash)
268
269    else:
270        return render_template("sell.html")
271
272def errorhandler(e):
273    """Handle error"""
274    if not isinstance(e, HTTPException):
275        e = InternalServerError()
276    return apology(e.name, e.code)
277
278
279# Listen for errors
280for code in default_exceptions:
281    app.errorhandler(code)(errorhandler)
282