-
Notifications
You must be signed in to change notification settings - Fork 0
/
routes.py
143 lines (112 loc) · 4.62 KB
/
routes.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
from flask import render_template, redirect, url_for, flash, jsonify, session, request
from flask_login import login_user, current_user, logout_user, login_required
from app import app, db
from models import User, Product, UserRole
from forms import RegistrationForm, LoginForm, ProductForm,DeleteForm
import yoomoney
@app.route('/')
@app.route('/home')
def home():
return render_template('home.html')
@app.route('/register', methods=['GET', 'POST'])
def register():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RegistrationForm()
if form.validate_on_submit():
role = UserRole.query.filter_by(name='User').first()
user = User(username=form.username.data, email=form.email.data, password=form.password.data, role=role)
db.session.add(user)
db.session.commit()
flash('Your account has been created!', 'success')
return redirect(url_for('login'))
return render_template('register.html', title='Register', form=form)
@app.route('/login', methods=['GET', 'POST'])
def login():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and user.password == form.password.data:
login_user(user)
return redirect(url_for('home'))
else:
flash('Login Unsuccessful. Please check email and password', 'danger')
return render_template('login.html', title='Login', form=form)
@app.route('/products', methods=['GET', 'POST'])
@login_required
def products():
products = Product.query.all()
return render_template('products.html', title='Products', products=products)
@app.route('/admin', methods=['GET', 'POST'])
@login_required
def admin():
if current_user.role.name not in ['Admin', 'Manager']:
flash('You do not have permission to access this page.', 'danger')
return redirect(url_for('home'))
form = ProductForm()
if form.validate_on_submit():
product = Product(name=form.name.data, price=form.price.data, description=form.description.data)
db.session.add(product)
db.session.commit()
flash('Product has been added!', 'success')
return redirect(url_for('admin'))
products = Product.query.all()
delete_form = DeleteForm()
return render_template('admin.html', title='Admin', form=form, products=products, delete_form=delete_form)
# Маршрут для удаления продукта
@app.route('/delete_product/<int:product_id>', methods=['POST'])
@login_required
def delete_product(product_id):
form = DeleteForm()
product = Product.query.get_or_404(product_id)
if current_user.role.name not in ['Admin', 'Manager']:
flash('You do not have permission to access this page.', 'danger')
return redirect(url_for('home'))
if form.validate_on_submit():
db.session.delete(product)
db.session.commit()
flash('Продукт успешно удален', 'success')
return redirect(url_for('products'))
else:
flash('Ошибка при удалении продукта', 'danger')
return redirect(url_for('products'))
@app.route('/cart/add/<int:product_id>', methods=['POST'])
@login_required
def add_to_cart(product_id):
# Логика добавления товара в корзину
# если корзина ещё не создана
if not session.get('cart'):
session['cart'] = []
# добавляем инфу о товаре в список
session['cart'] += [{
'product_name': product_id,
}]
flash(f'Product {product_id} has been added to your cart!', 'success')
return jsonify(success=True)
@app.route('/logout')
def logout():
logout_user()
return redirect(url_for('home'))
@app.route('/createdb')
def tables():
db.create_all()
roles = ['User', 'Admin', 'Manager']
for role in roles:
if not UserRole.query.filter_by(name=role).first():
new_role = UserRole(name=role)
db.session.add(new_role)
db.session.commit()
return True
# yoo_money_api = yoomoney.YooMoneyAPI(token='YOUR_YOOMONEY_API_TOKEN')
# @app.route('/pay', methods=['POST'])
# @login_required
# def pay():
# amount = request.json.get('amount')
# description = "Payment for order"
#
# payment = yoo_money_api.payment.create(amount, '643', description)
# if payment:
# return jsonify({'success': True, 'url': payment.confirmation.confirmation_url})
# return jsonify({'success': False, 'error': 'Payment creation failed'})