Books-Management-API/app.py at main · Eduardo-J-Morales/Books-Management-API · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
from flask import Flask, request, render_template, abort
from flask_sqlalchemy import SQLAlchemy
from flask_restful import Resource, Api
from flask_httpauth import HTTPBasicAuth
from werkzeug.security import generate_password_hash, check_password_hash
import os

app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///books.db'  # Use PostgreSQL/MySQL in production
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

db = SQLAlchemy(app)
api = Api(app)
auth = HTTPBasicAuth()


@app.route('/')
def index():
    return render_template('index.html')


# In-memory user store for demonstration
users = {
    "admin": generate_password_hash("password123")
}

@auth.verify_password
def verify_password(username, password):
    if username in users and check_password_hash(users.get(username), password):
        return username

class Book(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    title = db.Column(db.String(120), nullable=False)
    author = db.Column(db.String(80), nullable=False)
    published_year = db.Column(db.Integer, nullable=False)
    isbn = db.Column(db.String(20), unique=True, nullable=False)

    def to_dict(self):
        return {
            "id": self.id,
            "title": self.title,
            "author": self.author,
            "published_year": self.published_year,
            "isbn": self.isbn
        }

def validate_book_data(data):
    if not all(k in data for k in ("title", "author", "published_year", "isbn")):
        abort(400, description="Missing required book fields.")
    if not isinstance(data["published_year"], int):
        abort(400, description="published_year must be an integer.")

class BookListResource(Resource):
    @auth.login_required
    def get(self):
        books = Book.query.all()
        return [book.to_dict() for book in books], 200

    @auth.login_required
    def post(self):
        data = request.get_json()
        validate_book_data(data)
        if Book.query.filter_by(isbn=data["isbn"]).first():
            abort(400, description="Book with this ISBN already exists.")
        book = Book(**data)
        db.session.add(book)
        db.session.commit()
        return book.to_dict(), 201

class BookResource(Resource):
    @auth.login_required
    def get(self, book_id):
        book = Book.query.get_or_404(book_id)
        return book.to_dict(), 200

    @auth.login_required
    def put(self, book_id):
        book = Book.query.get_or_404(book_id)
        data = request.get_json()
        validate_book_data(data)
        if data["isbn"] != book.isbn and Book.query.filter_by(isbn=data["isbn"]).first():
            abort(400, description="Book with this ISBN already exists.")
        book.title = data["title"]
        book.author = data["author"]
        book.published_year = data["published_year"]
        book.isbn = data["isbn"]
        db.session.commit()
        return book.to_dict(), 200

    @auth.login_required
    def delete(self, book_id):
        book = Book.query.get_or_404(book_id)
        db.session.delete(book)
        db.session.commit()
        return '', 204

api.add_resource(BookListResource, '/books')
api.add_resource(BookResource, '/books/<int:book_id>')

if __name__ == '__main__':
    with app.app_context():
        db.create_all()
    app.run(debug=False, host='0.0.0.0', port=os.getenv('PORT', default=5000))