Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

Flask REST API

Well done!

You have completed Flask REST API!

Sign up for Treehouse Back to Library

User Resource

6:58 with Kenneth Love

Now that the User model is done, it's time to create the User resource and tie the User and Review models together.

Don't want to trash your database to add a new field? Check out the Peewee docs about migrations.

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    All right, so 0:00
    I actually wanted to show you a lot of building this user resource on camera. 0:01
    You can definitely check out what's in the existing workspace, it's a new one so 0:05
    I need to launch it over again. 0:09
    And you can also of course check out what you did yourself. 0:11
    But I want to show a couple of things that you might not have thought of. 0:14
    One of the first things we need to do is we have these users. 0:17
    The reason I wanna have users, is so that I can authenticate them, I can make sure 0:21
    that they are who they say they are, but also so I can tie them to a review. 0:24
    So let's add a new thing down here, 0:31
    which is a ForeignKeyField that goes back up to user, and 0:35
    that has a related name of, again, let's just call it review_set. 0:39
    And so then we also need to create User before we create Course and Review. 0:44
    All right, so there's our models, so we can save that. 0:51
    When we run this we're gonna have a problem 0:55
    because a review already exists and we're adding a new field. 0:58
    So we need to create a migration. 1:01
    I'm actually just going to trash the thing and it'll be recreated. 1:02
    The other thing we need to talk about is the user's API. 1:07
    So i'll show you what I have for right now, it's pretty simple. 1:11
    I have my user fields, I'm only gonna show one field which is the username. 1:14
    I don't want to show anything else, I don't want to show ID, nothing like that. 1:18
    And I have a few arguments, user name and email and I don't have a post yet. 1:22
    And then I registered it, of course, with app.py. 1:28
    And I used the URL prefix, because, like I said, I think I like that a little better. 1:30
    Cuz it's really easy, here, to go, no, 1:34
    this is actually version two, instead of version one. 1:36
    So let's talk about this users.py thing here. 1:39
    Iā€™m actually not done with the argument part of the thing. 1:43
    If you think about when you sign up for a website, usually you have to put in your 1:45
    password twice and I want that to happen for our API as well. 1:49
    Sorry, that's not of type URL. 1:55
    So, how do we do that? 1:58
    So we can do that pretty easily, reqparse.add_argument and 2:00
    we're gonna add in password, required=True. 2:06
    help=no password provided. 2:12
    And location is of course still form and 2:16
    json, so, that's like it was before. 2:19
    I'm gonna add a new one here and I'm gonna call this password, 2:24
    we could call it password two, password verification. 2:29
    I actually think I wanna call it verify_password and I'll say, 2:32
    no password verification provided and it's in those same locations. 2:36
    All right, cool, and then we call the super. 2:42
    So now, let's talk about post. 2:45
    So for post, I want to do args = self.reqparse.parse_args, 2:51
    that's still so hard to say out loud. 2:58
    And so what we want to do is we wanna do if args.get 3:02
    password is equal to args.get verify_password. 3:06
    Although this right here should fail if they didn't provide both of those things, 3:12
    but still it's nice to be a little bit defensive. 3:16
    And then user = models.User.create user, 3:20
    pass in the args, right? 3:25
    And if you remember our create user thing, 3:28
    right here, this handles all the stuff we want it to do. 3:31
    Okay, that's cool we've got that user. 3:35
    And we can return marshal, user, 3:39
    user_fields, and it's a 201 cuz you created a record. 3:42
    Location url_for resources.users.user, id=user.id. 3:47
    Actually, that doesn't make a lot of sense 3:52
    cuz we're not gonna have an individual user, 3:58
    so let's just return 201. 4:03
    We don't need to send back the location, so just send back the user 201. 4:07
    That's the only time you ever get that user. 4:11
    All right, otherwise, we want to return and 4:13
    we're gonna use make_response json.dumps. 4:17
    And we're gonna pass back a field called error. 4:21
    The error is gonna be password and password verification do not match. 4:24
    And then we're gonna send that back with a status code 4:32
    of 400 because that's a mistake. 4:35
    You're missing stuff, don't be missing stuff. 4:39
    So now we need to import make_response and we need to import json. 4:43
    And I know there's some things here that I'm not using, I'll go through and 4:49
    clean that up later on I guess. 4:54
    All right, so that stuff's all done, so that's cool. 4:57
    And now we don't have any way of knowing which user is 5:02
    creating the review for right now, because we don't have any sort of authentication. 5:07
    But I just wanted to show how this thing works. 5:13
    So let's go ahead and run this again. 5:16
    Python app.py, and I misspelled unique. 5:18
    So if you ever have a day where you feel like you're just not typing good enough to 5:27
    be a programmer, no such thing. 5:31
    All right, so now if I was to get courses, there shouldn't be any courses. 5:36
    Right, courses are empty. 5:40
    So I'm going to send a post to the users, 5:42
    and mainly this is just a test that everything works. 5:48
    But let's do this form URL encoded thing, 5:50
    cuz I don't think I've shown you all this yet. 5:55
    So username will be kennethlove, password will be password. 5:57
    Password_verify, was that we called it? 6:02
    No we called it verify_password, will also be password, and 6:06
    email will be kenneth@teamtreehouse.com. 6:11
    And if I send that. 6:16
    Cannot be understood, the server could not understand. 6:20
    Maybe it's that content type header. 6:28
    There we go, so sending a header saying that my content type of application JSON 6:34
    and then there wasn't any application JSON. 6:39
    So cool, we get back to our user with a username of kennethlove. 6:42
    So we're good, things were created and we have that user coming back. 6:45
    All right, so in just a minute, once we have authentication 6:49
    then we can log users in and track who's doing what. 6:53

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up