Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

WIP - feature/basic api for app #99

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Ombental wants to merge 1 commit into PythonFreeCourse:develop
base: develop
Choose a base branch
Loading
from Ombental:feature/basic-api-for-app

Conversation

Copy link

@Ombental Ombental commented Jan 20, 2021

basic implementation, no docs on front, no tests, no documentation yet

Hey, want some CRs for code

@Ombental Ombental changed the base branch from main to develop January 20, 2021 17:53
@yammesicka yammesicka deleted the branch PythonFreeCourse:develop January 21, 2021 02:36

api_routes = [{'name': '/new_event',}, {'name': '/{date}'}]
api_key = session.query(Token).filter_by(owner_id=user.id).first()
session.close()
Copy link
Contributor

@IdanPelled IdanPelled Jan 21, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary? The session is being closed at the end of the get_db

type="text/javascript"
src="{{ url_for('static', path='/apiKeyGenerator.js') }}"
></script>
{% endblock %}
Copy link
Contributor

@IdanPelled IdanPelled Jan 21, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great work!
remember, tests and documentation are essential

ivarshav reacted with thumbs up emoji
@@ -8,11 +8,13 @@


SQLALCHEMY_DATABASE_URL = os.getenv(
"DATABASE_CONNECTION_STRING", config.DEVELOPMENT_DATABASE_STRING)
"DATABASE_CONNECTION_STRING2", config.DEVELOPMENT_DATABASE_STRING)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mistake?


#pool_pre_ping=True for POSTGRES
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove

@@ -32,3 +33,11 @@ class Event(Base):
owner_id = Column(Integer, ForeignKey("users.id"))

owner = relationship("User", back_populates="events")


class Token(Base):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it could be nice to add a short documentation for this table.

callAPIKeyRoute("/api/generate_key", { user: user_id, refresh: state }).then(
(data) => {
let keyText = document.getElementById("apiKeyHolder");
keyText.textContent = "API Key: " + data.key;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can't you use f"string {param}" ?

@@ -1,9 +1,9 @@
// Enable bootstrap popovers
// // Enable bootstrap popovers
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please revisit this file and remove unneeded code.

@@ -8,11 +8,13 @@


SQLALCHEMY_DATABASE_URL = os.getenv(
"DATABASE_CONNECTION_STRING", config.DEVELOPMENT_DATABASE_STRING)
"DATABASE_CONNECTION_STRING2", config.DEVELOPMENT_DATABASE_STRING)
Copy link
Member

@yammesicka yammesicka Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make sure you don't commit this change :)


id = Column(String, primary_key=True, index=True)
owner_id = Column(Integer, ForeignKey("users.id"), nullable=False, unique=True)
owner = relationship("User", back_populates="token")
Copy link
Member

@yammesicka yammesicka Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a good practice, we can add expiry_date. If you really into it, read about security in APIs: https://owasp.org/www-project-api-security/

return JSONResponse(jsonable_encoder({'key': token}))


@key_gen_router.post('/delete_key')
Copy link
Member

@yammesicka yammesicka Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should use @key_gen_route.delete?

api_routes = [{'name': '/new_event',}, {'name': '/{date}'}]
api_key = session.query(Token).filter_by(owner_id=user.id).first()
session.close()
no_api_key = True
Copy link
Member

@yammesicka yammesicka Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can change these lines to key = getattr(api_key, 'id', None) and remove the no_api_key variable?

from typing import Optional


def check_api_key(key: str, session=Depends(get_db)):
Copy link
Member

@yammesicka yammesicka Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should implement rate limit to this check

data = await request.json()
if data.get('refresh', False):
session.query(Token).filter_by(owner_id=data['user']).delete()
token = secrets.token_urlsafe(32)
Copy link
Member

@yammesicka yammesicka Jan 20, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job for using secrets!

@@ -0,0 +1,8 @@
#apiKeyDelete {
font-size: 0.6rem;
margin-left: 20px;
Copy link
Member

@yammesicka yammesicka Jan 22, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Prefer working with em/%

session.commit()
session.close()
return JSONResponse(jsonable_encoder({'success': True}))

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Too many blank lines :)

session.add(event)
session.commit()
d['id'] = event.id
session.close()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as @IdanPelled comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yammesicka yammesicka yammesicka requested changes

+2 more reviewers

@ivarshav ivarshav ivarshav left review comments

@IdanPelled IdanPelled IdanPelled left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /