cygnal/server/routes.py

#!/usr/bin/env python
# coding: utf-8
"""
Routes definitions
"""
import arrow
import json
import os

import bottle

from server.models import Report
from server.tools import UTC_now
from server import jsonapi


class AuthenticationError(Exception):
    pass


def check_auth():
    """
    Check authentication.

    :return: Abort and return a HTTP 403 page if authentication is not ok.
    """
    if not os.getenv('API_TOKEN'):
        return

    auth = bottle.request.headers.get('Authorization', None)
    if not auth:
        raise AuthenticationError()
    parts = auth.split()
    if parts[0].lower() != 'bearer' or parts[1] != os.getenv('API_TOKEN'):
        raise AuthenticationError()

    return


def get_reports(only_active=False):
    """
    Get reports for the reports getting routes.

    .. note::

        Filtering can be done through the ``filter`` GET param, according
        to JSON API spec (http://jsonapi.org/recommendations/#filtering).

    .. note::

        By default no pagination is done. Pagination can be forced using
        ``page[size]`` to specify a number of items per page and
        ``page[number]`` to specify which page to return. Pages are numbered
        starting from 0.

    .. note::

        Sorting can be handled through the ``sort`` GET param, according to
        JSON API spec (http://jsonapi.org/format/#fetching-sorting).

    :return: The available reports objects in a JSON ``data`` dict.
    """
    # Handle CORS
    if bottle.request.method == 'OPTIONS':
        return {}

    # Handle filtering, pagination and sorting
    try:
        filters, page_number, page_size, sorting = jsonapi.JsonApiParseQuery(
            bottle.request.query,
            Report,
            default_sorting='id'
        )
    except ValueError as exc:
        return jsonapi.JsonApiError(400, "Invalid parameters: " + str(exc))

    # Query
    query = Report.select()
    if filters:
        query = query.where(*filters)
    if only_active:
        query = query.where(
            (Report.expiration_datetime == None) |
            (Report.expiration_datetime > UTC_now())
        )
    query = query.order_by(*sorting)
    if page_number and page_size:
        query = query.paginate(page_number, page_size)

    return {
        "data": [
            r.to_json()
            for r in query
        ]
    }


@bottle.route('/api/v1/reports', ["GET", "OPTIONS"])
def get_all_reports():
    """
    API v1 GET reports route. Get all reports.

    Example::

        > GET /api/v1/reports

        {
            "data": [
                {
                    "attributes": {
                        "expiration_datetime": null,
                        "downvotes": 0,
                        "datetime": "2018-06-27T16:44:12+00:00",
                        "is_open": true,
                        "lat": 48.842005,
                        "upvotes": 1,
                        "lng": 2.386278,
                        "type": "interrupt",
                        …
                    },
                    "type": "reports",
                    "id": 1
                },
                …
            ]
        }

    .. note::

        Filtering can be done through the ``filter`` GET param, according
        to JSON API spec (http://jsonapi.org/recommendations/#filtering).

    .. note::

        By default no pagination is done. Pagination can be forced using
        ``page[size]`` to specify a number of items per page and
        ``page[number]`` to specify which page to return. Pages are numbered
        starting from 0.

    .. note::

        Sorting can be handled through the ``sort`` GET param, according to
        JSON API spec (http://jsonapi.org/format/#fetching-sorting).

    :return: The available reports objects in a JSON ``data`` dict.
    """
    return get_reports(only_active=False)


@bottle.route('/api/v1/reports/active', ["GET", "OPTIONS"])
def get_active_reports():
    """
    API v1 GET reports route. Only get active reports (those with
    ``expiration_datetime`` in the future).

    Example::

        > GET /api/v1/reports/active

        {
            "data": [
                {
                    "attributes": {
                        "expiration_datetime": null,
                        "downvotes": 0,
                        "datetime": "2018-06-27T16:44:12+00:00",
                        "is_open": true,
                        "lat": 48.842005,
                        "upvotes": 1,
                        "lng": 2.386278,
                        "type": "interrupt",
                        …
                    },
                    "type": "reports",
                    "id": 1
                },
                …
            ]
        }

    .. note::

        Filtering can be done through the ``filter`` GET param, according
        to JSON API spec (http://jsonapi.org/recommendations/#filtering).

    .. note::

        By default no pagination is done. Pagination can be forced using
        ``page[size]`` to specify a number of items per page and
        ``page[number]`` to specify which page to return. Pages are numbered
        starting from 0.

    .. note::

        Sorting can be handled through the ``sort`` GET param, according to
        JSON API spec (http://jsonapi.org/format/#fetching-sorting).

    :return: The available reports objects in a JSON ``data`` dict.
    """
    return get_reports(only_active=True)


@bottle.route('/api/v1/reports', ["POST", "OPTIONS"])
def post_report():
    """
    API v1 POST reports route.

    Example::

        > POST /api/v1/reports
        > {
        >     "type": "pothole",
        >     "lat": 48.84219652060494,
        >     "lng": 2.385234797066081
        > }

        {
            "data": {
                "attributes": {
                    "expiration_datetime": null,
                    "downvotes": 0,
                    "datetime": "2018-10-17T13:42:35+00:00",
                    "first_report_datetime": "2018-10-17T13:42:35+00:00",
                    "lat": 48.84219652060494,
                    "upvotes": 0,
                    "lng": 2.385234797066081,
                    "type": "pothole",
                    "is_open": true,
                    …
                },
                "type": "reports",
                "id": 1161
            }
        }

    :return: The newly created report object in a JSON ``data`` dict.
    """
    # Handle CORS
    if bottle.request.method == 'OPTIONS':
        return {}

    # Check authentication
    try:
        check_auth()
    except AuthenticationError:
        return jsonapi.JsonApiError(403, "Invalid authentication.")

    try:
        payload = json.load(bottle.request.body)
    except ValueError as exc:
        return jsonapi.JsonApiError(400, "Invalid JSON payload: " + str(exc))

    try:
        r = Report(
            type=payload['type'],
            lat=payload['lat'],
            lng=payload['lng']
        )
        # Handle expiration
        if r.type in ['accident', 'gcum']:
            r.expiration_datetime = (
                arrow.get(UTC_now()).shift(hours=+1).naive
            )
        r.save()
    except KeyError as exc:
        return jsonapi.JsonApiError(400, "Invalid report payload: " + str(exc))

    return {
        "data": r.to_json()
    }


@bottle.route('/api/v1/reports/:id/upvote', ["POST", "OPTIONS"])
def upvote_report(id):
    """
    API v1 POST upvote route.

    Example::

        > POST /api/v1/reports/1/upvote

        {
            "data": {
                "attributes": {
                    "expiration_datetime": null,
                    "downvotes": 0,
                    "datetime": "2018-10-17T13:42:35+00:00",
                    "first_report_datetime": "2018-10-17T13:42:35+00:00",
                    "lat": 48.84219652060494,
                    "upvotes": 1,
                    "lng": 2.385234797066081,
                    "type": "pothole",
                    "is_open": true,
                    …
                },
                "type": "reports",
                "id": 1161
            }
        }

    :return: The updated report object in a JSON ``data`` dict.
    """
    # Handle CORS
    if bottle.request.method == 'OPTIONS':
        return {}

    # Check authentication
    try:
        check_auth()
    except AuthenticationError:
        return jsonapi.JsonApiError(403, "Invalid authentication.")

    r = Report.get(Report.id == id)
    if not r:
        return jsonapi.JsonApiError(404, "Invalid report id.")
    # Increase upvotes
    r.upvotes += 1
    # Update report datetime
    r.datetime = UTC_now()
    # Update expiration datetime
    if r.type in ['accident', 'gcum']:
        r.expiration_datetime = (
            arrow.get(UTC_now()).shift(hours=+1).naive
        )
    r.save()

    return {
        "data": r.to_json()
    }


@bottle.route('/api/v1/reports/:id/downvote', ["POST", "OPTIONS"])
def downvote_report(id):
    """
    API v1 POST downvote route.

    Example::

        > POST /api/v1/reports/1/downvote

        {
            "data": {
                "attributes": {
                    "expiration_datetime": null,
                    "downvotes": 1,
                    "datetime": "2018-10-17T13:42:35+00:00",
                    "first_report_datetime": "2018-10-17T13:42:35+00:00",
                    "lat": 48.84219652060494,
                    "upvotes": 0,
                    "lng": 2.385234797066081,
                    "type": "pothole",
                    "is_open": true,
                    …
                },
                "type": "reports",
                "id": 1161
            }
        }

    :return: The updated report object in a JSON ``data`` dict.
    """
    # Handle CORS
    if bottle.request.method == 'OPTIONS':
        return {}

    # Check authentication
    try:
        check_auth()
    except AuthenticationError:
        return jsonapi.JsonApiError(403, "Invalid authentication.")

    r = Report.get(Report.id == id)
    if not r:
        return jsonapi.JsonApiError(404, "Invalid report id.")
    r.downvotes += 1
    r.save()

    return {
        "data": r.to_json()
    }


@bottle.route('/api/v1/stats', ["GET", "OPTIONS"])
def get_stats():
    """
    API v1 GET stats about this instance.

    Example::

        > GET /api/v1/stats

        {
            "data": {
                "nb_active_reports": 606,
                "nb_reports": 1162,
                "last_added_report_datetime": "2018-10-17T13:44:16+00:00",
                …
            }
        }

    :return: The available stats about the instance in a JSON ``data`` dict.
    """
    # Handle CORS
    if bottle.request.method == 'OPTIONS':
        return {}

    nb_reports = Report.select().count()
    nb_active_reports = Report.select().where(
        (Report.expiration_datetime == None) |
        (Report.expiration_datetime > UTC_now())
    ).count()
    last_added_report_datetime = Report.select().order_by(
        Report.datetime.desc()
    ).get().datetime

    return {
        "data": {
            "nb_reports": nb_reports,
            "nb_active_reports": nb_active_reports,
            "last_added_report_datetime": last_added_report_datetime
        }
    }
Continue server side code 2018-06-25 17:12:17 +02:00			`#!/usr/bin/env python`
			`# coding: utf-8`
			`"""`
			`Routes definitions`
			`"""`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`import arrow`
Continue server side code 2018-06-25 17:12:17 +02:00			`import json`
Use a token to protect POST API queries 2018-07-18 15:30:30 +02:00			`import os`
Continue server side code 2018-06-25 17:12:17 +02:00
			`import bottle`

			`from server.models import Report`
Rework upvotes Upvotes now reset the `datetime` field of the report, making it appear as if it was newly reported. They also extend the lifetime for accidents and GCUM. This introduces database migrations as well. Closes https://framagit.org/phyks/cyclassist/issues/41. 2018-09-12 13:51:53 +02:00			`from server.tools import UTC_now`
Continue server side code 2018-06-25 17:12:17 +02:00			`from server import jsonapi`


Use a token to protect POST API queries 2018-07-18 15:30:30 +02:00			`class AuthenticationError(Exception):`
			`pass`


			`def check_auth():`
			`"""`
			`Check authentication.`

			`:return: Abort and return a HTTP 403 page if authentication is not ok.`
			`"""`
			`if not os.getenv('API_TOKEN'):`
			`return`

			`auth = bottle.request.headers.get('Authorization', None)`
			`if not auth:`
			`raise AuthenticationError()`
			`parts = auth.split()`
			`if parts[0].lower() != 'bearer' or parts[1] != os.getenv('API_TOKEN'):`
			`raise AuthenticationError()`

			`return`


Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`def get_reports(only_active=False):`
Continue server side code 2018-06-25 17:12:17 +02:00			`"""`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`Get reports for the reports getting routes.`
Continue server side code 2018-06-25 17:12:17 +02:00
			`.. note::`

			Filtering can be done through the ``filter`` GET param, according
			`to JSON API spec (http://jsonapi.org/recommendations/#filtering).`

			`.. note::`

			`By default no pagination is done. Pagination can be forced using`
			``page[size]`` to specify a number of items per page and
			``page[number]`` to specify which page to return. Pages are numbered
			`starting from 0.`

			`.. note::`

			Sorting can be handled through the ``sort`` GET param, according to
			`JSON API spec (http://jsonapi.org/format/#fetching-sorting).`

			:return: The available reports objects in a JSON ``data`` dict.
			`"""`
			`# Handle CORS`
			`if bottle.request.method == 'OPTIONS':`
			`return {}`

			`# Handle filtering, pagination and sorting`
			`try:`
			`filters, page_number, page_size, sorting = jsonapi.JsonApiParseQuery(`
			`bottle.request.query,`
			`Report,`
			`default_sorting='id'`
			`)`
			`except ValueError as exc:`
			`return jsonapi.JsonApiError(400, "Invalid parameters: " + str(exc))`

			`# Query`
			`query = Report.select()`
			`if filters:`
			`query = query.where(*filters)`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`if only_active:`
			`query = query.where(`
			`(Report.expiration_datetime == None) \|`
Rework upvotes Upvotes now reset the `datetime` field of the report, making it appear as if it was newly reported. They also extend the lifetime for accidents and GCUM. This introduces database migrations as well. Closes https://framagit.org/phyks/cyclassist/issues/41. 2018-09-12 13:51:53 +02:00			`(Report.expiration_datetime > UTC_now())`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`)`
Continue server side code 2018-06-25 17:12:17 +02:00			`query = query.order_by(*sorting)`
			`if page_number and page_size:`
			`query = query.paginate(page_number, page_size)`

			`return {`
			`"data": [`
			`r.to_json()`
			`for r in query`
			`]`
			`}`


Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`@bottle.route('/api/v1/reports', ["GET", "OPTIONS"])`
			`def get_all_reports():`
			`"""`
			`API v1 GET reports route. Get all reports.`

			`Example::`

Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`> GET /api/v1/reports`

			`{`
			`"data": [`
			`{`
			`"attributes": {`
			`"expiration_datetime": null,`
			`"downvotes": 0,`
			`"datetime": "2018-06-27T16:44:12+00:00",`
			`"is_open": true,`
			`"lat": 48.842005,`
			`"upvotes": 1,`
			`"lng": 2.386278,`
			`"type": "interrupt",`
			`…`
			`},`
			`"type": "reports",`
			`"id": 1`
			`},`
			`…`
			`]`
			`}`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00
			`.. note::`

			Filtering can be done through the ``filter`` GET param, according
			`to JSON API spec (http://jsonapi.org/recommendations/#filtering).`

			`.. note::`

			`By default no pagination is done. Pagination can be forced using`
			``page[size]`` to specify a number of items per page and
			``page[number]`` to specify which page to return. Pages are numbered
			`starting from 0.`

			`.. note::`

			Sorting can be handled through the ``sort`` GET param, according to
			`JSON API spec (http://jsonapi.org/format/#fetching-sorting).`

			:return: The available reports objects in a JSON ``data`` dict.
			`"""`
			`return get_reports(only_active=False)`


			`@bottle.route('/api/v1/reports/active', ["GET", "OPTIONS"])`
			`def get_active_reports():`
			`"""`
			`API v1 GET reports route. Only get active reports (those with`
			``expiration_datetime`` in the future).

			`Example::`

Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`> GET /api/v1/reports/active`

			`{`
			`"data": [`
			`{`
			`"attributes": {`
			`"expiration_datetime": null,`
			`"downvotes": 0,`
			`"datetime": "2018-06-27T16:44:12+00:00",`
			`"is_open": true,`
			`"lat": 48.842005,`
			`"upvotes": 1,`
			`"lng": 2.386278,`
			`"type": "interrupt",`
			`…`
			`},`
			`"type": "reports",`
			`"id": 1`
			`},`
			`…`
			`]`
			`}`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00
			`.. note::`

			Filtering can be done through the ``filter`` GET param, according
			`to JSON API spec (http://jsonapi.org/recommendations/#filtering).`

			`.. note::`

			`By default no pagination is done. Pagination can be forced using`
			``page[size]`` to specify a number of items per page and
			``page[number]`` to specify which page to return. Pages are numbered
			`starting from 0.`

			`.. note::`

			Sorting can be handled through the ``sort`` GET param, according to
			`JSON API spec (http://jsonapi.org/format/#fetching-sorting).`

			:return: The available reports objects in a JSON ``data`` dict.
			`"""`
			`return get_reports(only_active=True)`


Continue server side code 2018-06-25 17:12:17 +02:00			`@bottle.route('/api/v1/reports', ["POST", "OPTIONS"])`
			`def post_report():`
			`"""`
			`API v1 POST reports route.`

			`Example::`

Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`> POST /api/v1/reports`
			`> {`
			`> "type": "pothole",`
			`> "lat": 48.84219652060494,`
			`> "lng": 2.385234797066081`
			`> }`

Continue server side code 2018-06-25 17:12:17 +02:00			`{`
Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`"data": {`
			`"attributes": {`
			`"expiration_datetime": null,`
			`"downvotes": 0,`
			`"datetime": "2018-10-17T13:42:35+00:00",`
			`"first_report_datetime": "2018-10-17T13:42:35+00:00",`
			`"lat": 48.84219652060494,`
			`"upvotes": 0,`
			`"lng": 2.385234797066081,`
			`"type": "pothole",`
			`"is_open": true,`
			`…`
			`},`
			`"type": "reports",`
			`"id": 1161`
			`}`
Continue server side code 2018-06-25 17:12:17 +02:00			`}`
Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00
			:return: The newly created report object in a JSON ``data`` dict.
Continue server side code 2018-06-25 17:12:17 +02:00			`"""`
			`# Handle CORS`
			`if bottle.request.method == 'OPTIONS':`
			`return {}`

Use a token to protect POST API queries 2018-07-18 15:30:30 +02:00			`# Check authentication`
			`try:`
			`check_auth()`
			`except AuthenticationError:`
			`return jsonapi.JsonApiError(403, "Invalid authentication.")`

Continue server side code 2018-06-25 17:12:17 +02:00			`try:`
			`payload = json.load(bottle.request.body)`
			`except ValueError as exc:`
			`return jsonapi.JsonApiError(400, "Invalid JSON payload: " + str(exc))`

			`try:`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`r = Report(`
Continue server side code 2018-06-25 17:12:17 +02:00			`type=payload['type'],`
			`lat=payload['lat'],`
			`lng=payload['lng']`
			`)`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`# Handle expiration`
			`if r.type in ['accident', 'gcum']:`
			`r.expiration_datetime = (`
Rework upvotes Upvotes now reset the `datetime` field of the report, making it appear as if it was newly reported. They also extend the lifetime for accidents and GCUM. This introduces database migrations as well. Closes https://framagit.org/phyks/cyclassist/issues/41. 2018-09-12 13:51:53 +02:00			`arrow.get(UTC_now()).shift(hours=+1).naive`
Better handling of expiration of GCUM and accidents report types. 2018-07-10 15:55:45 +02:00			`)`
			`r.save()`
Continue server side code 2018-06-25 17:12:17 +02:00			`except KeyError as exc:`
			`return jsonapi.JsonApiError(400, "Invalid report payload: " + str(exc))`

			`return {`
Show the reports as soon as they are added in the db 2018-06-26 11:39:43 +02:00			`"data": r.to_json()`
Continue server side code 2018-06-25 17:12:17 +02:00			`}`
Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00

			`@bottle.route('/api/v1/reports/:id/upvote', ["POST", "OPTIONS"])`
			`def upvote_report(id):`
			`"""`
			`API v1 POST upvote route.`

			`Example::`

Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`> POST /api/v1/reports/1/upvote`

			`{`
			`"data": {`
			`"attributes": {`
			`"expiration_datetime": null,`
			`"downvotes": 0,`
			`"datetime": "2018-10-17T13:42:35+00:00",`
			`"first_report_datetime": "2018-10-17T13:42:35+00:00",`
			`"lat": 48.84219652060494,`
			`"upvotes": 1,`
			`"lng": 2.385234797066081,`
			`"type": "pothole",`
			`"is_open": true,`
			`…`
			`},`
			`"type": "reports",`
			`"id": 1161`
			`}`
			`}`

			:return: The updated report object in a JSON ``data`` dict.
Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00			`"""`
			`# Handle CORS`
			`if bottle.request.method == 'OPTIONS':`
			`return {}`

Use a token to protect POST API queries 2018-07-18 15:30:30 +02:00			`# Check authentication`
			`try:`
			`check_auth()`
			`except AuthenticationError:`
			`return jsonapi.JsonApiError(403, "Invalid authentication.")`

Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00			`r = Report.get(Report.id == id)`
			`if not r:`
			`return jsonapi.JsonApiError(404, "Invalid report id.")`
Rework upvotes Upvotes now reset the `datetime` field of the report, making it appear as if it was newly reported. They also extend the lifetime for accidents and GCUM. This introduces database migrations as well. Closes https://framagit.org/phyks/cyclassist/issues/41. 2018-09-12 13:51:53 +02:00			`# Increase upvotes`
Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00			`r.upvotes += 1`
Rework upvotes Upvotes now reset the `datetime` field of the report, making it appear as if it was newly reported. They also extend the lifetime for accidents and GCUM. This introduces database migrations as well. Closes https://framagit.org/phyks/cyclassist/issues/41. 2018-09-12 13:51:53 +02:00			`# Update report datetime`
			`r.datetime = UTC_now()`
			`# Update expiration datetime`
			`if r.type in ['accident', 'gcum']:`
			`r.expiration_datetime = (`
			`arrow.get(UTC_now()).shift(hours=+1).naive`
			`)`
Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00			`r.save()`

			`return {`
			`"data": r.to_json()`
			`}`


			`@bottle.route('/api/v1/reports/:id/downvote', ["POST", "OPTIONS"])`
			`def downvote_report(id):`
			`"""`
			`API v1 POST downvote route.`

			`Example::`

Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`> POST /api/v1/reports/1/downvote`

			`{`
			`"data": {`
			`"attributes": {`
			`"expiration_datetime": null,`
			`"downvotes": 1,`
			`"datetime": "2018-10-17T13:42:35+00:00",`
			`"first_report_datetime": "2018-10-17T13:42:35+00:00",`
			`"lat": 48.84219652060494,`
			`"upvotes": 0,`
			`"lng": 2.385234797066081,`
			`"type": "pothole",`
			`"is_open": true,`
			`…`
			`},`
			`"type": "reports",`
			`"id": 1161`
			`}`
			`}`

			:return: The updated report object in a JSON ``data`` dict.
Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00			`"""`
			`# Handle CORS`
			`if bottle.request.method == 'OPTIONS':`
			`return {}`

Use a token to protect POST API queries 2018-07-18 15:30:30 +02:00			`# Check authentication`
			`try:`
			`check_auth()`
			`except AuthenticationError:`
			`return jsonapi.JsonApiError(403, "Invalid authentication.")`

Clicking on a report now shows more infos and let users dismiss it You should update your database by running ``` ALTER TABLE report ADD COLUMN (upvotes INTEGER NOT NULL, downvotes INTEGER NOT NULL) ``` Fix issue #8. 2018-07-05 22:40:24 +02:00			`r = Report.get(Report.id == id)`
			`if not r:`
			`return jsonapi.JsonApiError(404, "Invalid report id.")`
			`r.downvotes += 1`
			`r.save()`

			`return {`
			`"data": r.to_json()`
			`}`
Add statistics about the instance under the About section. 2018-07-31 17:04:06 +02:00

			`@bottle.route('/api/v1/stats', ["GET", "OPTIONS"])`
			`def get_stats():`
			`"""`
			`API v1 GET stats about this instance.`

			`Example::`

Improve documentation. Fix #45. 2018-10-16 15:42:55 +02:00			`> GET /api/v1/stats`

			`{`
			`"data": {`
			`"nb_active_reports": 606,`
			`"nb_reports": 1162,`
			`"last_added_report_datetime": "2018-10-17T13:44:16+00:00",`
			`…`
			`}`
			`}`

			:return: The available stats about the instance in a JSON ``data`` dict.
Add statistics about the instance under the About section. 2018-07-31 17:04:06 +02:00			`"""`
			`# Handle CORS`
			`if bottle.request.method == 'OPTIONS':`
			`return {}`

			`nb_reports = Report.select().count()`
			`nb_active_reports = Report.select().where(`
			`(Report.expiration_datetime == None) \|`
Rework upvotes Upvotes now reset the `datetime` field of the report, making it appear as if it was newly reported. They also extend the lifetime for accidents and GCUM. This introduces database migrations as well. Closes https://framagit.org/phyks/cyclassist/issues/41. 2018-09-12 13:51:53 +02:00			`(Report.expiration_datetime > UTC_now())`
Add statistics about the instance under the About section. 2018-07-31 17:04:06 +02:00			`).count()`
			`last_added_report_datetime = Report.select().order_by(`
			`Report.datetime.desc()`
			`).get().datetime`

			`return {`
			`"data": {`
			`"nb_reports": nb_reports,`
			`"nb_active_reports": nb_active_reports,`
			`"last_added_report_datetime": last_added_report_datetime`
			`}`
			`}`