@app.route("/api/health")
def health():
return jsonify({"status": "ok"})
@app.route("/api/register", methods=["POST"])
def register():
data = request.get_json()
conn = get_db()
cursor = conn.cursor()
hashed = bcrypt.hashpw(
data["password"].encode('utf-8'),
bcrypt.gensalt()
).decode('utf-8')
cursor.execute(
"INSERT INTO customers (first_name, last_name, email, PWD_Hash, Address) VALUES (%s,%s,%s,%s,%s)",
(data["first_name"], data["last_name"], data["email"], hashed, data["address"])
)
conn.commit()
conn.close()
return jsonify({"message": "Account created"})
@app.route("/api/login", methods=["POST"])
def login():
data = request.get_json()
conn = get_db()
cursor = conn.cursor(dictionary=True)
cursor.execute(
"SELECT * FROM customers WHERE email = %s",
(data["email"],)
)
customer = cursor.fetchone()
conn.close()
if not customer:
return jsonify({"error": "Wrong email or password"}), 401
password_correct = bcrypt.checkpw(
data["password"].encode('utf-8'),
customer["PWD_Hash"].encode('utf-8')
)
if not password_correct:
return jsonify({"error": "Wrong email or password"}), 401
return jsonify({
"customerID": customer["customerID"],
"name": customer["first_name"],
"role": "customer"
})
@app.route("/api/producer/login", methods=["POST"])
def producer_login():
data = request.get_json()
conn = get_db()
cursor = conn.cursor(dictionary=True)
cursor.execute(
"SELECT * FROM producers WHERE email=%s AND PWD_Hash=%s",
(data["email"], data["password"])
)
producer = cursor.fetchone()
conn.close()
if not producer:
return jsonify({"error": "Wrong email or password"}), 401
return jsonify({
"producerID": producer["producerID"],
"name": producer["producer_name"],
"role": "producer"
})
@app.route("/api/products")
def get_products():
conn = get_db()
cursor = conn.cursor(dictionary=True)
cursor.execute("SELECT * FROM products")
products = cursor.fetchall()
conn.close()
return jsonify(products)
@app.route("/api/products", methods=["POST"])
def add_product():
data = request.get_json()
conn = get_db()
cursor = conn.cursor()
cursor.execute(
"INSERT INTO products (product_name, product_price, product_stock, product_description, producerID) VALUES (%s,%s,%s,%s,%s)",
(data["product_name"], data["product_price"], data["product_stock"], data["product_description"], data["producerID"])
)
conn.commit()
conn.close()
return jsonify({"message": "Product added"})
@app.route("/api/orders", methods=["POST"])
def place_order():
data = request.get_json()
conn = get_db()
cursor = conn.cursor()
cursor.execute(
"INSERT INTO orders (customerID) VALUES (%s)",
(data["customerID"],)
)
order_id = cursor.lastrowid
for item in data["items"]:
cursor.execute(
"INSERT INTO order_details (orderID, productID, product_quantity) VALUES (%s,%s,%s)",
(order_id, item["productID"], item["quantity"])
)
conn.commit()
conn.close()
return jsonify({"message": "Order placed"})
@app.route("/api/orders/int:customer_id")
def get_orders(customer_id):
conn = get_db()
cursor = conn.cursor(dictionary=True)
cursor.execute("""
SELECT orders.orderID, products.product_name,
order_details.product_quantity, orders.order_date
FROM orders
JOIN order_details ON orders.orderID = order_details.orderID
JOIN products ON order_details.productID = products.productID
WHERE orders.customerID = %s
""", (customer_id,))
orders = cursor.fetchall()
conn.close()
return jsonify(orders)
@app.route("/api/producer/orders/int:producer_id")
def producer_orders(producer_id):
conn = get_db()
cursor = conn.cursor(dictionary=True)
cursor.execute("""
SELECT orders.orderID, products.product_name,
order_details.product_quantity, orders.order_date,
customers.first_name, customers.last_name
FROM orders
JOIN order_details ON orders.orderID = order_details.orderID
JOIN products ON order_details.productID = products.productID
JOIN customers ON orders.customerID = customers.customerID
WHERE products.producerID = %s
""", (producer_id,))
orders = cursor.fetchall()
conn.close()
return jsonify(orders)
if name == "main":
app.run(debug=True)`
Top comments (0)