done with ui and server (#19)

ShoppingApp/shopping-app-server/app/api/namespaces/auth_ns.py

@@ -12,6 +12,7 @@
     'email': fields.String(required=True, description='Email address'),
     'password': fields.String(required=True, description='Password'),
     'role': fields.String(required=False, description='User role', default='user'),  # Added a default value for 'role
+    'session_id': fields.String(required=False, description='Session ID'),  # Added 'session_id' field
     'admin_token': fields.String(required=False, description='Admin token'),  # Added 'admin_token' field
 })
 

ShoppingApp/shopping-app-server/app/api/namespaces/checkout_ns.py

@@ -1,22 +1,26 @@
 from flask_restx import Namespace, Resource, fields, marshal_with
 from app.services.checkout_service import process_checkout
-from flask import session
+from flask import request, session
+from utils.helper import requires_roles
 
 # Define the namespace
 checkout_ns = Namespace('checkout', description='Checkout related operations.')
 
 # Model for checkout data
 checkout_model = checkout_ns.model('Checkout', {
     'payment_method': fields.String(required=True, example="PayPal", description='Payment method'),
-    'payment_details': fields.Raw(required=True, example={"email": "your paypay email"}, description='Payment details such as card number, PayPal email, etc.'),
+    'payment_details': fields.Raw(required=True, example={"email": "your paypal email"}, description='Payment details such as card number, PayPal email, etc.'),
 })
 
 @checkout_ns.route('/')
 class Checkout(Resource):
     @checkout_ns.expect(checkout_model)
+    @requires_roles('user')
     def post(self):
         """Process the checkout"""
         session_id = session.get('session_id')
+        if not session_id:
+            session_id = request.args.get('sessionid', None)
         data = checkout_ns.payload
         result = process_checkout(session_id, data['payment_method'], data['payment_details'])
         if result.get('success'):

ShoppingApp/shopping-app-server/app/data/data_store.py

@@ -13,15 +13,39 @@
 users_db = []
 
 # Categories
+# Boots, Coats, Jackets, and Caps are added to the categories_db
 categories_db = [
-    Category(id=1, name='Electronics'),
-    Category(id=2, name='Books'),
+    Category(id = 1, name = "Boots"),
+    Category(id = 2, name = "Coats"),
+    Category(id = 3, name = "Jackets"),
+    Category(id = 4, name = "Caps"),
 ]
 
 # Products
+# Add more products to the products_db using these -  Boots, Coats, Jackets, and Cap
+# Let's 20 items of total 5 products each with a price of 100.0
+
 products_db = [
-    Product(id=1, name='Laptop', category_id=1, price=1200.99),
-    Product(id=2, name='Science Fiction Book', category_id=2, price=15.99),
+    Product(id=1, name='Timberland Boots', price=1200.99, category_id=1),
+    Product(id=2, name='North Face Coat', price=1500.99, category_id=2),
+    Product(id=3, name='Leather Jacket', price=1000.99, category_id=3),
+    Product(id=4, name='Baseball Cap', price=15.99, category_id=4),
+    Product(id=5, name='Beanie', price=10.99, category_id=4),
+    Product(id=6, name='Bucket Hat', price=20.99, category_id=4),
+    Product(id=7, name='Cowboy Boots', price=1500.99, category_id=1),
+    Product(id=8, name='Rain Coat', price=1200.99, category_id=2),
+    Product(id=9, name='Bomber Jacket', price=1000.99, category_id=3),
+    Product(id=10, name='Hiking Boots', price=2000.99, category_id=1),
+    Product(id=11, name='Winter Coat', price=1800.99, category_id=2),
+    Product(id=12, name='Denim Jacket', price=900.99, category_id=3),
+    Product(id=13, name='Snapback Cap', price=25.99, category_id=4),
+    Product(id=14, name='Visor', price=12.99, category_id=4),
+    Product(id=15, name='Fedora Hat', price=30.99, category_id=4),
+    Product(id=16, name='Chelsea Boots', price=1400.99, category_id=1),
+    Product(id=17, name='Trench Coat', price=1100.99, category_id=2),
+    Product(id=18, name='Parka Jacket', price=950.99, category_id=3),
+    Product(id=19, name='Trucker Cap', price=18.99, category_id=4),
+    Product(id=20, name='Bucket Hat', price=22.99, category_id=4),
 ]
 
 # Adjusted Carts with an explicit `items` argument

ShoppingApp/shopping-app-server/app/session/session_manager.py

@@ -0,0 +1,16 @@
+class SessionManager:
+    def __init__(self):
+        self.sessions = {}
+
+    def create_session(self, username, session_id, role):
+        self.sessions[username] = {
+            'session_id': session_id,
+            'role': role
+        }
+
+    def get_session(self, username):
+        return self.sessions.get(username)
+
+    def delete_session(self, username):
+        if username in self.sessions:
+            del self.sessions[username]

ShoppingApp/shopping-app-server/utils/helper.py

@@ -7,6 +7,7 @@
 from app.data.data_store import products_db
 from utils.bypass_role_requirements import check_bypass_flag
 from dotenv import load_dotenv
+from app.data.data_store import users_db
 
 # Load environment variables from the .env file
 load_dotenv()
@@ -46,9 +47,21 @@ def requires_roles(*required_roles):
     def wrapper(fn):
         @wraps(fn)
         def decorated_view(*args, **kwargs):
+            session_id = request.args.get('sessionid', None)
+            print('Session ID: ', session_id)
+            # Get the user role from the user_db using the session_id
+            # If the session_id is not found, return an error
+            if session_id is None:
+                return {'error': 'Session ID required'}, 403
+            user = next((user for user in users_db if user.session_id == session_id), None)
+            if user is None:
+                return {'error': 'Session ID not found'}, 403
+            session['role'] = user.role
+            session['session_id'] = user.session_id
             print('Bypassing role requirements: ', check_bypass_flag())
             if check_bypass_flag():
                 return fn(*args, **kwargs)
+            print(session)
             if 'role' and 'session_id' not in session:
                 # Assuming unauthenticated users don't have a 'user_role' key in the session
                 return {'error': 'Authentication required'}, 401