Add API endpoint to pull single user and add requirements

Signed-off-by: Sachin S. Kamath <sskamath96@gmail.com>

Add API endpoint to pull single user and add requirements
1da07eb8 · Sachin Kamath · 6f621ae0 · 1da07eb8 · 1da07eb8
Verified Commit 1da07eb8 authored Oct 25, 2017 by Sachin Kamath
--- a/hodor/controllers/user.py
+++ b/hodor/controllers/user.py
@@ -4,6 +4,22 @@ from flask import request, jsonify, abort, make_response
 from hodor.models.user import User
 from sqlalchemy.exc import IntegrityError
+def _extract_required_fields(user):
+    filtered_user = dict()
+    '''
+    This can be done by directly dumping the dictionary but there's always
+    a risk of data leak.So, we pick what we need to give out out of the API
+    '''
+    filtered_user['username'] = user.username
+    filtered_user['first_name'] = user.first_name
+    filtered_user['last_name'] = user.last_name
+    filtered_user['email'] = user.email
+    filtered_user['verified_account'] = user.verified_account
+    return filtered_user
 #########################################
 # Get all the user from the database    #
@@ -20,21 +36,33 @@ def get_all_users():
    response['data'] = []
    for user in User.get_all():
-        current_user = dict()
+        '''Here, we pass the raw user object to extract only what we need
-        '''
+            to _extract_required_vars to filter it'''
-        This can be done by directly dumping the dictionary but there's always
+        response['data'].append(_extract_required_fields(user))
-        a risk of data leak.So, we pick what we need to give out out of the API
-        '''
-        current_user['username'] = user.username
-        current_user['first_name'] = user.first_name
-        current_user['last_name'] = user.last_name
-        current_user['email'] = user.email
-        current_user['verified_account'] = user.verified_account
-        response['data'].append(current_user)
    return response
+################################################
+# Get a specific the user from the database    #
+################################################
+@app.route('/user/<user_slug>', methods=['GET'])
+def get_user_by_username(user_slug):
+    # TODO: Authentication for calling this API endpoint. Admin only.
+    """
+    This function iterates the database to find all users and returns as JSON
+    :return: Response Code
+    """
+    check_username = str(user_slug).strip()
+    get_user = User.query.filter_by(username=check_username).first()
+    if get_user:
+        requested_user = _extract_required_fields(get_user)
+        return make_response(jsonify(status=200, data=requested_user), 200)
+    else:
+        return make_response(jsonify(status=404, msg="No such user found in database"), 404)
 # Register a user
 @app.route('/users/new', methods=['POST'])
 def add_new_user():

--- a/requirements.txt
+++ b/requirements.txt
@@ -7,3 +7,6 @@ termcolor
 flask_sqlalchemy
 sqlalchemy_utils
 SQLAlchemy
+flask_script
+flask_migrate
+passlib
\ No newline at end of file