107 lines
2.8 KiB
Python
107 lines
2.8 KiB
Python
from flask_login import login_required, login_user, logout_user
|
|
from app.bp import bp
|
|
from flask import jsonify, request
|
|
from app.errors import error_response
|
|
from flask_login import current_user
|
|
|
|
from app import login, db
|
|
from app.models import Course, User
|
|
|
|
|
|
@login.user_loader
|
|
def load_user(user_id):
|
|
return User.query.get(user_id)
|
|
|
|
|
|
def check_data(data, required_fields):
|
|
for f in required_fields:
|
|
if f not in data:
|
|
return f
|
|
return None
|
|
|
|
|
|
@bp.route("/login", methods=["POST"])
|
|
def login_route():
|
|
data = request.get_json()
|
|
|
|
if current_user.is_authenticated:
|
|
return error_response(400, "A user is already logged in!")
|
|
|
|
if not data.get("username") or not data.get("password"):
|
|
return error_response(400, "Must supply username and password")
|
|
|
|
user = User.query.filter_by(username=data["username"]).first()
|
|
if not user:
|
|
return error_response(400, "User not found")
|
|
|
|
if not user.check_password(data.get("password")):
|
|
return error_response(400, "Invalid password")
|
|
|
|
login_user(user)
|
|
resp = jsonify(user.to_dict())
|
|
return resp
|
|
|
|
|
|
@bp.route("/logout", methods=["POST"])
|
|
@login_required
|
|
def logout_route():
|
|
resp = jsonify(current_user.to_dict())
|
|
logout_user()
|
|
return resp
|
|
|
|
|
|
@bp.route("/register", methods=["POST"])
|
|
def register():
|
|
data = request.get_json()
|
|
required_fields = ["role", "username", "email", "password", "password2"]
|
|
if f := check_data(data, required_fields):
|
|
return error_response(400, f"Must supply {f}")
|
|
|
|
if User.query.filter_by(username=data["username"]).first():
|
|
return error_response(409, "User with that username already exists")
|
|
|
|
if User.query.filter_by(email=data["email"]).first():
|
|
return error_response(409, "User with that email already exists")
|
|
|
|
u = User()
|
|
u.from_dict(data, new_user=True)
|
|
db.session.add(u)
|
|
db.session.commit()
|
|
|
|
resp = jsonify(u.to_dict())
|
|
return resp
|
|
|
|
|
|
@bp.route("/course", methods=["POST"])
|
|
def create_course():
|
|
data = request.get_json()
|
|
|
|
required_fields = ["name", "description", "instructor"]
|
|
|
|
if f := check_data(data, required_fields):
|
|
return error_response(400, f"Must supply {f}")
|
|
|
|
u = User.query.get(data["instructor"])
|
|
if not u:
|
|
return error_response(400, f"User with id {data['instructor']} does not exist")
|
|
|
|
if u.role != "instructor":
|
|
return error_response(400, "User is not instructor")
|
|
|
|
c = Course()
|
|
c.from_dict(data)
|
|
db.session.add(c)
|
|
db.session.commit()
|
|
|
|
return jsonify(c.to_dict())
|
|
|
|
|
|
@bp.route("/user/<int:id>/courses", methods=["GET"])
|
|
def get_courses(id):
|
|
u = User.query.get(id)
|
|
d = {"courses": []}
|
|
for c in u.enrolled_courses.all():
|
|
d["courses"].append(c.to_dict())
|
|
resp = jsonify(d)
|
|
return resp
|