Eamco/eamco_office_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Working log in/route guard

Browse Source
This commit is contained in:
Edwin Eames
2025-09-04 08:05:01 -04:00
parent d250e136c3
commit 20f9a4485e
9 changed files with 199 additions and 355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

184
app/payment/views.py
View File

@@ -94,53 +94,6 @@ def get_user_specific_card(card_id):
return jsonify(card_schema.dump(get_user_card))
@payment.route("/card/create/<int:user_id>", methods=["POST"])
def create_user_card(user_id):
"""
adds a card of a user
"""
get_customer = (db.session
.query(Customer_Customer)
.filter(Customer_Customer.id == user_id)
.first())
# --- FIX: Use .get() for safety and get the correct key 'name_on_card' ---
data = request.get_json()
name_on_card = data.get("name_on_card") # <-- CORRECT KEY
expiration_month = data.get("expiration_month")
expiration_year = data.get("expiration_year")
type_of_card = data.get("type_of_card")
security_number = data.get("security_number")
main_card = data.get("main_card", False)
zip_code = data.get("zip_code")
card_number = data.get("card_number")
# --- FIX: Correctly slice the last four digits ---
last_four = card_number[-4:] if card_number else ""
create_new_card = Card_Card(
user_id=get_customer.id,
card_number=card_number,
last_four_digits=last_four,
name_on_card=name_on_card,
expiration_month=expiration_month,
expiration_year=expiration_year,
type_of_card=type_of_card,
security_number=security_number,
accepted_or_declined=None,
main_card=main_card,
zip_code=zip_code
)
db.session.add(create_new_card)
db.session.flush()
if main_card:
set_card_main(user_id=get_customer.id, card_id=create_new_card.id)
db.session.commit()
return jsonify({"ok": True}), 200
@payment.route("/card/main/<int:card_id>/<int:user_id>", methods=["PUT"])
def set_main_card(user_id, card_id):
@@ -171,50 +124,6 @@ def set_main_card(user_id, card_id):
return jsonify({"ok": True}), 200
@payment.route("/card/edit/<int:card_id>", methods=["PUT"])
def update_user_card(card_id):
"""
edits a card
"""
get_card = (db.session
.query(Card_Card)
.filter(Card_Card.id == card_id)
.first())
if not get_card:
return jsonify({"ok": False, "error": "Card not found"}), 404
# --- FIX: Use .get() for safety and get the correct key 'name_on_card' ---
data = request.get_json()
name_on_card = data.get("name_on_card") # <-- CORRECT KEY
expiration_month = data.get("expiration_month")
expiration_year = data.get("expiration_year")
type_of_card = data.get("type_of_card")
security_number = data.get("security_number")
card_number = data.get("card_number")
main_card = data.get("main_card", False)
zip_code = data.get("zip_code")
get_card.card_number = card_number
get_card.name_on_card = name_on_card
get_card.expiration_month = expiration_month
get_card.expiration_year = expiration_year
get_card.type_of_card = type_of_card
get_card.security_number = security_number
get_card.main_card = main_card
get_card.zip_code = zip_code
# --- FIX: Correctly slice the last four digits on edit ---
if card_number:
get_card.last_four_digits = card_number[-4:]
if main_card:
set_card_main(user_id=get_card.user_id, card_id=get_card.id)
db.session.add(get_card)
db.session.commit()
return jsonify({"ok": True}), 200
@payment.route("/card/remove/<int:card_id>", methods=["DELETE"])
@@ -232,3 +141,96 @@ def remove_user_card(card_id):
db.session.commit()
return jsonify({"ok": True}), 200
@payment.route("/card/create/<int:user_id>", methods=["POST"])
def create_user_card(user_id):
"""
adds a card of a user
"""
get_customer = (db.session
.query(Customer_Customer)
.filter(Customer_Customer.id == user_id)
.first())
data = request.get_json()
# FIX: Use .get() for safety and get the correct key 'name_on_card'
name_on_card = data.get("name_on_card") # <-- This now matches the frontend
expiration_month = data.get("expiration_month")
expiration_year = data.get("expiration_year")
type_of_card = data.get("type_of_card")
security_number = data.get("security_number")
main_card = data.get("main_card", False)
zip_code = data.get("zip_code")
card_number = data.get("card_number")
# FIX: Correctly slice the last four digits
last_four = card_number[-4:] if card_number else ""
create_new_card = Card_Card(
user_id=get_customer.id,
card_number=card_number,
last_four_digits=last_four, # <-- Use the correctly sliced value
name_on_card=name_on_card,
expiration_month=expiration_month,
expiration_year=expiration_year,
type_of_card=type_of_card,
security_number=security_number,
accepted_or_declined=None,
main_card=main_card,
zip_code=zip_code
)
db.session.add(create_new_card)
db.session.flush()
if main_card:
set_card_main(user_id=get_customer.id, card_id=create_new_card.id)
db.session.commit()
return jsonify({"ok": True}), 200
@payment.route("/card/edit/<int:card_id>", methods=["PUT"])
def update_user_card(card_id):
"""
edits a card
"""
get_card = (db.session
.query(Card_Card)
.filter(Card_Card.id == card_id)
.first())
if not get_card:
return jsonify({"ok": False, "error": "Card not found"}), 404
data = request.get_json()
# FIX: Use .get() for safety and get the correct key 'name_on_card'
name_on_card = data.get("name_on_card") # <-- This now matches the frontend
expiration_month = data.get("expiration_month")
expiration_year = data.get("expiration_year")
type_of_card = data.get("type_of_card")
security_number = data.get("security_number")
card_number = data.get("card_number")
main_card = data.get("main_card", False)
zip_code = data.get("zip_code")
get_card.card_number = card_number
get_card.name_on_card = name_on_card
get_card.expiration_month = expiration_month
get_card.expiration_year = expiration_year
get_card.type_of_card = type_of_card
get_card.security_number = security_number
get_card.main_card = main_card
get_card.zip_code = zip_code
# FIX: Correctly slice the last four digits on edit
if card_number:
get_card.last_four_digits = card_number[-4:]
if main_card:
set_card_main(user_id=get_card.user_id, card_id=get_card.id)
db.session.add(get_card)
db.session.commit()
return jsonify({"ok": True}), 200