Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Well done!
      You have completed Flask REST API!
      
    
You have completed Flask REST API!
Preview
    
      
  Now that the User model is done, it's time to create the User resource and tie the User and Review models together.
Don't want to trash your database to add a new field? Check out the Peewee docs about migrations.
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
                      All right, so
                      0:00
                    
                    
                      I actually wanted to show you a lot of
building this user resource on camera.
                      0:01
                    
                    
                      You can definitely check out what's in
the existing workspace, it's a new one so
                      0:05
                    
                    
                      I need to launch it over again.
                      0:09
                    
                    
                      And you can also of course check
out what you did yourself.
                      0:11
                    
                    
                      But I want to show a couple of things
that you might not have thought of.
                      0:14
                    
                    
                      One of the first things we need
to do is we have these users.
                      0:17
                    
                    
                      The reason I wanna have users, is so that
I can authenticate them, I can make sure
                      0:21
                    
                    
                      that they are who they say they are,
but also so I can tie them to a review.
                      0:24
                    
                    
                      So let's add a new thing down here,
                      0:31
                    
                    
                      which is a ForeignKeyField
that goes back up to user, and
                      0:35
                    
                    
                      that has a related name of, again,
let's just call it review_set.
                      0:39
                    
                    
                      And so then we also need to create User
before we create Course and Review.
                      0:44
                    
                    
                      All right, so there's our models,
so we can save that.
                      0:51
                    
                    
                      When we run this we're
gonna have a problem
                      0:55
                    
                    
                      because a review already exists and
we're adding a new field.
                      0:58
                    
                    
                      So we need to create a migration.
                      1:01
                    
                    
                      I'm actually just going to trash
the thing and it'll be recreated.
                      1:02
                    
                    
                      The other thing we need to
talk about is the user's API.
                      1:07
                    
                    
                      So i'll show you what I have for
right now, it's pretty simple.
                      1:11
                    
                    
                      I have my user fields, I'm only gonna
show one field which is the username.
                      1:14
                    
                    
                      I don't want to show anything else, I
don't want to show ID, nothing like that.
                      1:18
                    
                    
                      And I have a few arguments, user name and
email and I don't have a post yet.
                      1:22
                    
                    
                      And then I registered it,
of course, with app.py.
                      1:28
                    
                    
                      And I used the URL prefix, because, like I
said, I think I like that a little better.
                      1:30
                    
                    
                      Cuz it's really easy, here, to go, no,
                      1:34
                    
                    
                      this is actually version two,
instead of version one.
                      1:36
                    
                    
                      So let's talk about this
users.py thing here.
                      1:39
                    
                    
                      I’m actually not done with
the argument part of the thing.
                      1:43
                    
                    
                      If you think about when you sign up for
a website, usually you have to put in your
                      1:45
                    
                    
                      password twice and
I want that to happen for our API as well.
                      1:49
                    
                    
                      Sorry, that's not of type URL.
                      1:55
                    
                    
                      So, how do we do that?
                      1:58
                    
                    
                      So we can do that pretty easily,
reqparse.add_argument and
                      2:00
                    
                    
                      we're gonna add in password,
required=True.
                      2:06
                    
                    
                      help=no password provided.
                      2:12
                    
                    
                      And location is of course still form and
                      2:16
                    
                    
                      json, so, that's like it was before.
                      2:19
                    
                    
                      I'm gonna add a new one here and
I'm gonna call this password,
                      2:24
                    
                    
                      we could call it password two,
password verification.
                      2:29
                    
                    
                      I actually think I wanna call
it verify_password and I'll say,
                      2:32
                    
                    
                      no password verification provided and
it's in those same locations.
                      2:36
                    
                    
                      All right, cool, and
then we call the super.
                      2:42
                    
                    
                      So now, let's talk about post.
                      2:45
                    
                    
                      So for post, I want to do args
= self.reqparse.parse_args,
                      2:51
                    
                    
                      that's still so hard to say out loud.
                      2:58
                    
                    
                      And so what we want to do
is we wanna do if args.get
                      3:02
                    
                    
                      password is equal to
args.get verify_password.
                      3:06
                    
                    
                      Although this right here should fail if
they didn't provide both of those things,
                      3:12
                    
                    
                      but still it's nice to be
a little bit defensive.
                      3:16
                    
                    
                      And then user = models.User.create user,
                      3:20
                    
                    
                      pass in the args, right?
                      3:25
                    
                    
                      And if you remember our create user thing,
                      3:28
                    
                    
                      right here, this handles all
the stuff we want it to do.
                      3:31
                    
                    
                      Okay, that's cool we've got that user.
                      3:35
                    
                    
                      And we can return marshal, user,
                      3:39
                    
                    
                      user_fields, and
it's a 201 cuz you created a record.
                      3:42
                    
                    
                      Location url_for resources.users.user,
id=user.id.
                      3:47
                    
                    
                      Actually, that doesn't make a lot of sense
                      3:52
                    
                    
                      cuz we're not gonna have
an individual user,
                      3:58
                    
                    
                      so let's just return 201.
                      4:03
                    
                    
                      We don't need to send back the location,
so just send back the user 201.
                      4:07
                    
                    
                      That's the only time
you ever get that user.
                      4:11
                    
                    
                      All right, otherwise,
we want to return and
                      4:13
                    
                    
                      we're gonna use make_response json.dumps.
                      4:17
                    
                    
                      And we're gonna pass back
a field called error.
                      4:21
                    
                    
                      The error is gonna be password and
password verification do not match.
                      4:24
                    
                    
                      And then we're gonna send
that back with a status code
                      4:32
                    
                    
                      of 400 because that's a mistake.
                      4:35
                    
                    
                      You're missing stuff,
don't be missing stuff.
                      4:39
                    
                    
                      So now we need to import make_response and
we need to import json.
                      4:43
                    
                    
                      And I know there's some things here
that I'm not using, I'll go through and
                      4:49
                    
                    
                      clean that up later on I guess.
                      4:54
                    
                    
                      All right, so that stuff's all done,
so that's cool.
                      4:57
                    
                    
                      And now we don't have any
way of knowing which user is
                      5:02
                    
                    
                      creating the review for right now, because
we don't have any sort of authentication.
                      5:07
                    
                    
                      But I just wanted to show
how this thing works.
                      5:13
                    
                    
                      So let's go ahead and run this again.
                      5:16
                    
                    
                      Python app.py, and I misspelled unique.
                      5:18
                    
                    
                      So if you ever have a day where you feel
like you're just not typing good enough to
                      5:27
                    
                    
                      be a programmer, no such thing.
                      5:31
                    
                    
                      All right, so now if I was to get courses,
there shouldn't be any courses.
                      5:36
                    
                    
                      Right, courses are empty.
                      5:40
                    
                    
                      So I'm going to send a post to the users,
                      5:42
                    
                    
                      and mainly this is just
a test that everything works.
                      5:48
                    
                    
                      But let's do this form URL encoded thing,
                      5:50
                    
                    
                      cuz I don't think I've
shown you all this yet.
                      5:55
                    
                    
                      So username will be kennethlove,
password will be password.
                      5:57
                    
                    
                      Password_verify, was that we called it?
                      6:02
                    
                    
                      No we called it verify_password,
will also be password, and
                      6:06
                    
                    
                      email will be kenneth@teamtreehouse.com.
                      6:11
                    
                    
                      And if I send that.
                      6:16
                    
                    
                      Cannot be understood,
the server could not understand.
                      6:20
                    
                    
                      Maybe it's that content type header.
                      6:28
                    
                    
                      There we go, so sending a header saying
that my content type of application JSON
                      6:34
                    
                    
                      and then there wasn't
any application JSON.
                      6:39
                    
                    
                      So cool, we get back to our user
with a username of kennethlove.
                      6:42
                    
                    
                      So we're good, things were created and
we have that user coming back.
                      6:45
                    
                    
                      All right, so in just a minute,
once we have authentication
                      6:49
                    
                    
                      then we can log users in and
track who's doing what.
                      6:53
                    
              
        You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up