Home Explore Help
Sign In
stevet
/
flask_rest1
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
flask_rest1
/
full_todo.py

full_todo.py 2.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. #!/bin/env python
    2. 

  2. 

  3. from flask import Flask
    4. 

  4. from flask_restful import reqparse, abort, Api, Resource
    5. 

  5. from flask_httpauth import HTTPBasicAuth
    6. 

  6. 

  7. # This "protects" paths with @auth.login_required
    8. 

  8. auth = HTTPBasicAuth()
    9. 

  9. 

  10. # This is a very basic (and dumb) security model
    11. 

  11. # We'll actually want the @auth.verify_password model,
    12. 

  12. # which will let us use hashed passwords, etc.
    13. 

  13. 

  14. @auth.get_password
    15. 

  15. def get_password(username):
    16. 

  16.     if username == 'admin':
    17. 

  17.         return '12345'
    18. 

  18.     return None
    19. 

  19. 

  20. @auth.error_handler
    21. 

  21. def unauthorized():
    22. 

  22.     return abort(401, message='Unauthorized access')
    23. 

  23. 

  24. 

  25. app = Flask(__name__)
    26. 

  26. api = Api(app)
    27. 

  27. 

  28. TODOS = {
    29. 

  29.     'todo1': {'task': 'build an API'},
    30. 

  30.     'todo2': {'task': '?????'},
    31. 

  31.     'todo3': {'task': 'profit!'},
    32. 

  32. }
    33. 

  33. 

  34. 

  35. def abort_if_todo_doesnt_exist(todo_id):
    36. 

  36.     if todo_id not in TODOS:
    37. 

  37.         abort(404, message="Todo {} doesn't exist".format(todo_id))
    38. 

  38. 

  39. parser = reqparse.RequestParser()
    40. 

  40. parser.add_argument('task')
    41. 

  41. 

  42. 

  43. # Todo
    44. 

  44. # shows a single todo item and lets you delete a todo item
    45. 

  45. 

  46. # Yes!  You can add the @auth.login_required to methods of the class.  ! \o/ !
    47. 

  47. 

  48. class Todo(Resource):
    49. 

  49.     def get(self, todo_id):
    50. 

  50.         abort_if_todo_doesnt_exist(todo_id)
    51. 

  51.         return TODOS[todo_id]
    52. 

  52. 

  53.     def delete(self, todo_id):
    54. 

  54.         abort_if_todo_doesnt_exist(todo_id)
    55. 

  55.         del TODOS[todo_id]
    56. 

  56.         return '', 204
    57. 

  57. 

  58.     @auth.login_required
    59. 

  59.     def put(self, todo_id):
    60. 

  60.         args = parser.parse_args()
    61. 

  61.         t = args['task']
    62. 

  62.         if t is None:
    63. 

  63.             abort(400, message="I need text for the task. task=...")
    64. 

  64.         task = {'task': args['task']}
    65. 

  65.         TODOS[todo_id] = task
    66. 

  66.         return task, 201
    67. 

  67. 

  68. 

  69. # TodoList
    70. 

  70. # shows a list of all todos, and lets you POST to add new tasks
    71. 

  71. class TodoList(Resource):
    72. 

  72.     def get(self):
    73. 

  73.         return TODOS
    74. 

  74. 

  75.     def post(self):
    76. 

  76.         args = parser.parse_args()
    77. 

  77.         todo_id = int(max(TODOS.keys()).lstrip('todo')) + 1
    78. 

  78.         todo_id = 'todo%i' % todo_id
    79. 

  79.         TODOS[todo_id] = {'task': args['task']}
    80. 

  80.         return TODOS[todo_id], 201
    81. 

  81. 

  82. ##
    83. 

  83. ## Actually setup the Api resource routing here
    84. 

  84. ##
    85. 

  85. api.add_resource(TodoList, '/todos')
    86. 

  86. api.add_resource(Todo, '/todos/<todo_id>')
    87. 

  87. 

  88. 

  89. if __name__ == '__main__':
    90. 

  90.     app.run(port=11022, debug=True)
    91.