backend: implement users methods according to frontend

backend/src/user.py

@@ -6,106 +6,78 @@ user.py is a source for all user endpoints.
 '''
 
 from flask import request, jsonify
+import os
 
 def registerUserEndpoints(app, database):
-  @app.route('/users', methods=['GET'])
-  def get_users():
-      query = f'SELECT * from users'
-      users = database.query(query_str=query)
-      if not users:
-          return jsonify({"message": "No users exist"}), 404
-      response = {}
-      for user in users: 
-        if len(user) != 3:
-            return jsonify({'error': 'User data is corrupted'}), 500
+    @app.route('/users/isSet', methods=['GET'])
+    def user_is_set():
+        user_name = request.args.get('userName')
+        try:
+            query = "SELECT * FROM users WHERE Name=%s"
+            result = database.query(query, params=(user_name,))
+            return jsonify(bool(result and result[0][2])), 200
+        except mysql.connector.Error as err:
+            # Log the error or handle it as necessary
+            app.logger.error(f"Error: {err}")
+            return jsonify({"error": "Database error occurred"}), 500
+        except Exception as e:
+            # Handle unexpected errors
+            app.logger.error(f"Unexpected error: {e}")
+            return jsonify({"error": "Internal server error"}), 500  # Check if password exists
 
-        response.update({
-          "name": user[0],
-          "attendance": user[1],
-          "has_car": bool(user[2])
-        })
-      return jsonify(response), 200 
+    @app.route('/users/createPassword', methods=['POST'])
+    def create_password():
+        data = request.json
+        user_name = data.get('userName')
+        password = data.get('password')
 
-  @app.route('/user', methods=['GET'])
-  def get_user():
-      if not request.is_json:
-          return jsonify({'error': 'Request must contain JSON data'}), 400
+        # Check if the user already exists
+        query = "SELECT * FROM users WHERE Name=%s"
+        result = database.query(query, params=(user_name,))
+        
+        if result:
+            return jsonify(success=False, message='Пользователь уже создан'), 400
 
-      data = request.get_json()
+        query = "INSERT INTO users (Name, Password) VALUES (%s, %s)"
+        
+        try:
+            database.query(query, params=(user_name, password))
 
-      if not data.get('name'):
-          return jsonify({'error': 'Request must contain name field'}), 400
-      
-      query = f'SELECT * from users WHERE name = %s'
-      output = database.query(query_str=query, params=(data['name'],))
-      if not output:
-          return jsonify({"message": "No user by that name exist"}), 404
-      user = output[0]
-      if len(user) != 3:
-          return jsonify({'error': 'User data is corrupted'}), 500
+            # Generate a session token
+            token = os.urandom(16).hex()
+            session_query = "INSERT INTO sessions (Token, Name) VALUES (%s, %s)"
+            database.query(session_query, params=(token,user_name))
+            
+            return jsonify(success=True, token=token), 201  # Return success with token
+        except Exception as e:
+            return jsonify(success=False, message='Ошибка при создании пароля: ' + str(e)), 500
 
-      response = {
-          "name": user[0],
-          "attendance": user[1],
-          "has_car": bool(user[2]) 
-      }
-      return jsonify(response), 200
-      
-  @app.route('/user', methods=['POST'])
-  def add_user():
-      if not request.is_json:
-          return jsonify({'error': 'Request must contain JSON data'}), 400
 
-      data = request.get_json()
-      if not data.get('name') or not data.get('attendance') or data.get('has_car') is None:
-          return jsonify({'error': 'JSON must contain user fields'}), 400
-      
-      query = 'SELECT * from users WHERE name = %s'
-      output = database.query(query_str=query, params=(data['name'],)) 
-      if output:
-          return jsonify({'error': 'A person already exists'}), 409
-      
-      query = 'INSERT into users (Name, Attendance, HasCar) VALUES (%s, %s, %s)'
-      output = database.query(query_str=query, params=(data['name'],data['attendance'],data['has_car']))
+    @app.route('/login', methods=['POST'])
+    def login():
+        data = request.json
+        user_name = data.get('userName')
+        password = data.get('password')
 
-      database.commit()
-      return jsonify({"message": "user added", "user": data}), 200
-      
-  @app.route('/user', methods=['UPDATE'])
-  def update_user():
-      if not request.is_json:
-          return jsonify({'error': 'Request must contain JSON data'}), 400
+        query = "SELECT * FROM users WHERE Name=%s AND Password=%s"
+        result = database.query(query, params=(user_name, password))
 
-      data = request.get_json()
-      if not data.get('name') or not data.get('attendance') or data.get('has_car') is None:
-          return jsonify({'error': 'JSON must contain user fields'}), 400
-      
-      query = 'SELECT * from users WHERE name = %s'
-      output = database.query(query_str=query, params=(data['name'],)) 
-      if not output:
-          return jsonify({'error': 'Such user does not exist. Add it first'}), 409
-      
-      query = 'UPDATE user SET Name = %s, Attendance = %s, HasCar = %s'
-      output = database.query(query_str=query, params=(data['name'],data['attendance'],data['has_car']))
+        if result:
+            token = os.urandom(16).hex()  # Example token generation
+            session_query = "INSERT INTO sessions (Token, Name) VALUES (%s, %s)"
+            database.query(session_query, params=(token, user_name))
+            return jsonify(success=True, token=token), 200
 
-      database.commit()
-      return jsonify({"message": "user modified", "user": data}), 200
+        return jsonify(success=False), 401
 
-  @app.route('/user', methods=['DELETE'])
-  def delete_user():
-      if not request.is_json:
-          return jsonify({'error': 'Request must contain JSON data'}), 400
-
-      data = request.get_json()
-      if not data.get('name'):
-          return jsonify({'error': 'JSON must contain persons name to delete'}), 400
-
-      query = 'SELECT * from users WHERE name = %s'
-      output = database.query(query_str=query, params=(data['name'],)) 
-      if not output:
-          return jsonify({'error': 'Such person does not exist'}), 409
-      
-      query = 'DELETE FROM users WHERE Name = %s'
-      output = database.query(query_str=query, params=(data['name'],))
-      database.commit()
-      return jsonify({"message": "user deleted"}), 200 
+    @app.route('/login/validateToken', methods=['POST'])
+    def validate_token():
+        data = request.json
+        token = data.get('token')
+        user_name = data.get('userName')
+        query = "SELECT * FROM sessions WHERE Token=%s AND Name=%s"
+        try:
+            result = database.query(query, params=(token, user_name))
+            return jsonify(tokenValid=bool(result)), 200
+        except Exception as e:
+            return jsonify(success=False, message=str(e)), 500