Merge pull request #15 from schoolofcode-me/fix_requirements

merged

Author: CristianoYL

.gitignore

@@ -1,3 +1,4 @@
+.vscode/
 *.pyc
 .idea/
 __pycache__/

section11/README.md

@@ -83,7 +83,7 @@ tips:
 Introduce the concept of `claims`, it's just the data we choose to attach to the JWT payload. Use the `Item.delete()` endpoint as example, we make it only accessible by authenticated admins. So we need to configure the claims in `app.py` and decide whether a user is an admin, then we add a boolean claim `is_admin` to the JWT payload.
 
 tips:
-- `get_jwt_oidentity()` now as opposed to `current_identity`
+- `get_jwt_identity()` now as opposed to `current_identity`
 - The identity is just the user id now as opposed to a UserModel object.
 
 ### Half protected endpoints

section11/app.py

@@ -10,29 +10,27 @@
 app = Flask(__name__)
 app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db'
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
+app.config['PROPAGATE_EXCEPTIONS'] = True
 api = Api(app)
-db.init_app(app)
 
 """
-JWT related configurations began. The following functions includes:
+JWT related configuration. The following functions includes:
 1) add claims to each jwt
 2) customize the token expired error message 
 """
-app.config['JWT_SECRET_KEY'] = 'jose'   # we can also use app.secret like before, Flask-JWT-Extended can recognize both
+app.config['JWT_SECRET_KEY'] = 'jose'  # we can also use app.secret like before, Flask-JWT-Extended can recognize both
 app.config['JWT_BLACKLIST_ENABLED'] = True  # enable blacklist feature
 app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = ['access', 'refresh']  # allow blacklisting for access and refresh tokens
 jwt = JWTManager(app)
 
 """
-`claims` are data we choose to attached to each jwt payload
+`claims` are data we choose to attach to each jwt payload
 and for each jwt protected endpoint, we can retrieve these claims via `get_jwt_claims()`
 one possible use case for claims are access level control, which is shown below
 """
-
-
 @jwt.user_claims_loader
 def add_claims_to_jwt(identity):
-    if identity == 1:   # instead of hard-coding, we can read from a config file to get a list of admins instead
+    if identity == 1:   # instead of hard-coding, we should read from a config file to get a list of admins instead
         return {'is_admin': True}
     return {'is_admin': False}
 
@@ -104,4 +102,5 @@ def create_tables():
 api.add_resource(TokenRefresh, '/refresh')
 
 if __name__ == '__main__':
+    db.init_app(app)
     app.run(port=5000, debug=True)

section11/models/user.py

@@ -12,12 +12,6 @@ def __init__(self, username, password):
         self.username = username
         self.password = password
 
-    def json(self):
-        return {
-            'id': self.id,
-            'username': self.username
-        }
-
     def save_to_db(self):
         db.session.add(self)
         db.session.commit()

section11/requirement.txt

@@ -0,0 +1,3 @@
+Flask-JWT-Extended
+Flask-RESTful
+Flask-SQLAlchemy

section11/requirements.txt

@@ -80,4 +80,7 @@ def get(self):
         items = [item.json() for item in ItemModel.find_all()]
         if user_id:
             return {'items': items}, 200
-        return {'items': [item['name'] for item in items]}, 401
+        return {
+            'items': [item['name'] for item in items],
+            'message': 'More data available if you log in.'
+        }, 200