ch14

Author: adii1823

ch14/README.md

@@ -0,0 +1,56 @@
+# CH14 - Readme
+
+This chapter is about APIs. You will find three main folders:
+
+1. `api_code` contains the FastAPI project about Railways
+2. `apic` or API Consumer. This is a Django project to show an example on how to talk to an API from another application.
+3. `samples`. This folder contains the examples that went in the chapter, so you can ignore it.
+
+## Setup
+
+Install requirements with pip from their folder:
+
+    $ pip install -r requirements.txt
+
+If you want to create your own dummy data, please also install the dev requirements:
+
+    $ pip install -r dev.txt
+
+To generate a new database with random data:
+
+    $ cd api_code
+    $ python dummy_data.py
+
+This will generate a new `train.db` file for you.
+
+## Running the API
+
+Open a terminal window, change into the `api_code` folder and type this command:
+
+    $ uvicorn main:app --reload
+
+The `--reload` flag makes sure uvicorn is reloaded if you make changes to the
+source while the app is running.
+
+## Running the Django consumer
+
+While the API is running in a terminal, open another terminal window,
+change into the `apic` folder, and type the following:
+
+    $ python manage.py migrate  # only the first time, to generate the django db
+
+Once migrations have been applied, run this to start the app:
+
+    $ python manage.py runserver 8080
+
+We need to specify a port for Django that is not 8000 (its normal default),
+since the API is running on that one.
+
+When the Django app is running, open a browser and go to: http://localhost:8080
+
+You should see the welcome page of the Railways app. From there you can navigate using links.
+
+In the authentication section, you can use these credentials to authenticate:
+
+    username: [email protected]
+    password: f4bPassword

ch14/api_code/.env

@@ -0,0 +1,4 @@
+# api_code/.env
+SECRET_KEY="ec604d5610ac4668a44418711be8251f"
+DEBUG=false
+API_VERSION=1.0.0

ch14/api_code/api/__init__.py

@@ -0,0 +1 @@
+# api_code/api/__init__.py

ch14/api_code/api/admin.py

@@ -0,0 +1,42 @@
+# api_code/api/admin.py
+from typing import Optional
+
+from fastapi import (
+    APIRouter,
+    Depends,
+    Header,
+    HTTPException,
+    Response,
+    status,
+)
+from sqlalchemy.orm import Session
+
+from . import crud
+from .deps import Settings, get_db, get_settings
+from .util import is_admin
+
+router = APIRouter(prefix="/admin")
+
+
+def ensure_admin(settings: Settings, authorization: str):
+    if not is_admin(
+        settings=settings, authorization=authorization
+    ):
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=f"You must be an admin to access this endpoint.",
+        )
+
+
+@router.delete("/stations/{station_id}", tags=["Admin"])
+def admin_delete_station(
+    station_id: int,
+    authorization: Optional[str] = Header(None),
+    settings: Settings = Depends(get_settings),
+    db: Session = Depends(get_db),
+):
+    ensure_admin(settings, authorization)
+    row_count = crud.delete_station(db=db, station_id=station_id)
+    if row_count:
+        return Response(status_code=status.HTTP_204_NO_CONTENT)
+    return Response(status_code=status.HTTP_404_NOT_FOUND)

ch14/api_code/api/config.py

@@ -0,0 +1,11 @@
+# api_code/api/config.py
+from pydantic import BaseSettings
+
+
+class Settings(BaseSettings):
+    secret_key: str
+    debug: bool
+    api_version: str
+
+    class Config:
+        env_file = ".env"

ch14/api_code/api/crud.py

@@ -0,0 +1,231 @@
+# api_code/api/crud.py
+from datetime import datetime, timezone
+
+from sqlalchemy import delete, update
+from sqlalchemy.orm import Session, aliased
+
+from . import models, schemas
+
+# USERS
+
+
+def get_users(db: Session, email: str = None):
+    q = db.query(models.User)
+    if email is not None:
+        q = q.filter(models.User.email.ilike(f"%{email}%"))
+    return q.all()
+
+
+def get_user(db: Session, user_id: int):
+    return (
+        db.query(models.User)
+        .filter(models.User.id == user_id)
+        .first()
+    )
+
+
+def get_user_by_email(db: Session, email: str):
+    return (
+        db.query(models.User)
+        .filter(models.User.email.ilike(email))
+        .first()
+    )
+
+
+def create_user(
+    db: Session, user: schemas.UserCreate, user_id: int = None
+):
+    hashed_password = models.User.hash_password(user.password)
+    user_dict = {
+        **user.dict(exclude_unset=True),
+        "password": hashed_password,
+    }
+    if user_id is not None:
+        user_dict.update({"id": user_id})
+    db_user = models.User(**user_dict)
+    db.add(db_user)
+    db.commit()
+    db.refresh(db_user)
+    return db_user
+
+
+def update_user(
+    db: Session, user: schemas.UserUpdate, user_id: int
+):
+    user_dict = {
+        **user.dict(exclude_unset=True),
+    }
+    if user.password is not None:
+        user_dict.update(
+            {"password": models.User.hash_password(user.password)}
+        )
+    stm = (
+        update(models.User)
+        .where(models.User.id == user_id)
+        .values(user_dict)
+    )
+    result = db.execute(stm)
+    db.commit()
+    return result.rowcount
+
+
+def delete_user(db: Session, user_id: int):
+    stm = delete(models.User).where(models.User.id == user_id)
+    result = db.execute(stm)
+    db.commit()
+    return result.rowcount
+
+
+# STATIONS
+
+
+def get_stations(db: Session, code: str = None):
+    q = db.query(models.Station)
+    if code is not None:
+        q = q.filter(models.Station.code.ilike(code))
+    return q.all()
+
+
+def get_station(db: Session, station_id: int):
+    return (
+        db.query(models.Station)
+        .filter(models.Station.id == station_id)
+        .first()
+    )
+
+
+def get_station_by_code(db: Session, code: str):
+    return (
+        db.query(models.Station)
+        .filter(models.Station.code.ilike(code))
+        .first()
+    )
+
+
+def create_station(
+    db: Session,
+    station: schemas.StationCreate,
+):
+    db_station = models.Station(**station.dict())
+    db.add(db_station)
+    db.commit()
+    db.refresh(db_station)
+    return db_station
+
+
+def update_station(
+    db: Session, station: schemas.StationUpdate, station_id: int
+):
+    stm = (
+        update(models.Station)
+        .where(models.Station.id == station_id)
+        .values(station.dict(exclude_unset=True))
+    )
+    result = db.execute(stm)
+    db.commit()
+    return result.rowcount
+
+
+def delete_station(db: Session, station_id: int):
+    stm = delete(models.Station).where(
+        models.Station.id == station_id
+    )
+    result = db.execute(stm)
+    db.commit()
+    return result.rowcount
+
+
+# TRAINS
+
+
+def get_trains(
+    db: Session,
+    station_from_code: str = None,
+    station_to_code: str = None,
+    include_all: bool = False,
+):
+    q = db.query(models.Train)
+
+    if station_from_code is not None:
+        st_from = aliased(models.Station)
+        q = q.join(st_from, models.Train.station_from)
+        q = q.filter(st_from.code.ilike(f"%{station_from_code}%"))
+
+    if station_to_code is not None:
+        st_to = aliased(models.Station)
+        q = q.join(st_to, models.Train.station_to)
+        q = q.filter(st_to.code.ilike(f"%{station_to_code}%"))
+
+    if not include_all:
+        now = datetime.now(tz=timezone.utc)
+        q = q.filter(models.Train.departs_at > now)
+
+    return q.all()
+
+
+def get_train(db: Session, train_id: int):
+    return (
+        db.query(models.Train)
+        .filter(models.Train.id == train_id)
+        .first()
+    )
+
+
+def get_train_by_name(db: Session, name: str):
+    return (
+        db.query(models.Train)
+        .filter(models.Train.name == name)
+        .first()
+    )
+
+
+def create_train(db: Session, train: schemas.TrainCreate):
+    train_dict = train.dict(exclude_unset=True)
+    db_train = models.Train(**train_dict)
+    db.add(db_train)
+    db.commit()
+    db.refresh(db_train)
+    return db_train
+
+
+def delete_train(db: Session, train_id: int):
+    stm = delete(models.Train).where(models.Train.id == train_id)
+    result = db.execute(stm)
+    db.commit()
+    return result.rowcount
+
+
+# TICKETS
+
+
+def get_tickets(db: Session):
+    return db.query(models.Ticket).all()
+
+
+def get_ticket(db: Session, ticket_id: int):
+    return (
+        db.query(models.Ticket)
+        .filter(models.Ticket.id == ticket_id)
+        .first()
+    )
+
+
+def create_ticket(db: Session, ticket: schemas.TicketCreate):
+    ticket_dict = ticket.dict(exclude_unset=True)
+    ticket_dict.update(
+        {"created_at": datetime.now(tz=timezone.utc)}
+    )
+    db_ticket = models.Ticket(**ticket_dict)
+    db.add(db_ticket)
+    db.commit()
+    db.refresh(db_ticket)
+    return db_ticket
+
+
+def delete_ticket(db: Session, ticket_id: int):
+    stm = delete(models.Ticket).where(
+        models.Ticket.id == ticket_id
+    )
+    result = db.execute(stm)
+    db.commit()
+    return result.rowcount

ch14/api_code/api/database.py

@@ -0,0 +1,24 @@
+# api_code/api/database.py
+from sqlalchemy import create_engine
+from sqlalchemy.ext.declarative import declarative_base
+from sqlalchemy.orm import sessionmaker
+
+from .config import Settings
+
+settings = Settings()
+
+
+DB_URL = "sqlite:///train.db"
+
+
+engine = create_engine(
+    DB_URL,
+    connect_args={"check_same_thread": False},
+    echo=settings.debug,  # when debug is True, queries are logged
+)
+
+SessionLocal = sessionmaker(
+    autocommit=False, autoflush=False, bind=engine
+)
+
+Base = declarative_base()

ch14/api_code/api/deps.py

@@ -0,0 +1,20 @@
+# api_code/api/deps.py
+from functools import lru_cache
+
+from .config import Settings
+from .database import SessionLocal
+
+
+def get_db():
+    """Return a DB Session."""
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()
+
+
+@lru_cache
+def get_settings():
+    """Return the app settings."""
+    return Settings()