Unit 2.4A
Database and SQLAlchemy
In this blog we will explore using programs with data, focused on Databases. We will use SQLite Database to learn more about using Programs with Data. Use Debugging through these examples to examine Objects created in Code.
-
College Board talks about ideas like
- Program Usage. "iterative and interactive way when processing information"
- Managing Data. "classifying data are part of the process in using programs", "data files in a Table"
- Insight "insight and knowledge can be obtained from ... digitally represented information"
- Filter systems. 'tools for finding information and recognizing patterns"
- Application. "the preserve has two databases", "an employee wants to count the number of book"
-
PBL, Databases, Iterative/OOP
- Iterative. Refers to a sequence of instructions or code being repeated until a specific end result is achieved
- OOP. A computer programming model that organizes software design around data, or objects, rather than functions and logic
- SQL. Structured Query Language, abbreviated as SQL, is a language used in programming, managing, and structuring data
Imports and Flask Objects
Defines and key object creations
- Comment on where you have observed these working? Provide a defintion of purpose.
-
Flask app object We used this in trimester 2 when creating a web API. Routes and blueprints were added to the Flask app object to handle HTTP requests.
-
SQLAlchemy db object The SQLAlchemy DB object is an interface to add, fetch, and edit database rows stored in the SQLite format.
"""
These imports define the key objects
"""
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
"""
These object and definitions are used throughout the Jupyter Notebook.
"""
# Setup of key Flask object (app)
app = Flask(__name__)
# Setup SQLAlchemy object and properties for the database (db)
database = 'sqlite:///sqlite.db' # path and filename of database
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SQLALCHEMY_DATABASE_URI'] = database
app.config['SECRET_KEY'] = 'SECRET_KEY'
db = SQLAlchemy()
# This belongs in place where it runs once per project
db.init_app(app)
Model Definition
Define columns, initialization, and CRUD methods for users table in sqlite.db
- Comment on these items in the class, purpose and defintion.
- class User
Defines the user class with an
id,name,uid,password, anddobfields. Each of the fields have their own columns in the SQLite database and have their own getters and setters that reference the private variables. - db.Model inheritance Inherits all database manipulation methods to insert records into database. Also inherits class variables from parent class.
- init method Defines behavior of constructor which sets a default password and date of birth when the object is constructed.
-
@property,@<column>.setterAccess private class variables within class to provide encapsulation. Also has custom setter behavior. - create, read, update, delete methods INSERTs, SELECTs, performs other SQL operations to manipulate rows in the database. Interacts directly at the SQLite database file.
- class User
Defines the user class with an
""" database dependencies to support sqlite examples """
import datetime
from datetime import datetime
import json
from sqlalchemy.exc import IntegrityError
from werkzeug.security import generate_password_hash, check_password_hash
''' Tutorial: https://www.sqlalchemy.org/library.html#tutorials, try to get into a Python shell and follow along '''
# Define the User class to manage actions in the 'users' table
# -- Object Relational Mapping (ORM) is the key concept of SQLAlchemy
# -- a.) db.Model is like an inner layer of the onion in ORM
# -- b.) User represents data we want to store, something that is built on db.Model
# -- c.) SQLAlchemy ORM is layer on top of SQLAlchemy Core, then SQLAlchemy engine, SQL
class User(db.Model):
__tablename__ = 'users' # table name is plural, class name is singular
# Define the User schema with "vars" from object
id = db.Column(db.Integer, primary_key=True)
_name = db.Column(db.String(255), unique=False, nullable=False)
_uid = db.Column(db.String(255), unique=True, nullable=False)
_password = db.Column(db.String(255), unique=False, nullable=False)
_dob = db.Column(db.Date)
# constructor of a User object, initializes the instance variables within object (self)
def __init__(self, name, uid, password="123qwerty", dob=datetime.today()):
self._name = name # variables with self prefix become part of the object,
self._uid = uid
self.set_password(password)
if isinstance(dob, str): # not a date type
dob = date=datetime.today()
self._dob = dob
# a name getter method, extracts name from object
@property
def name(self):
return self._name
# a setter function, allows name to be updated after initial object creation
@name.setter
def name(self, name):
self._name = name
# a getter method, extracts uid from object
@property
def uid(self):
return self._uid
# a setter function, allows uid to be updated after initial object creation
@uid.setter
def uid(self, uid):
self._uid = uid
# check if uid parameter matches user id in object, return boolean
def is_uid(self, uid):
return self._uid == uid
@property
def password(self):
return self._password[0:10] + "..." # because of security only show 1st characters
# update password, this is conventional method used for setter
def set_password(self, password):
"""Create a hashed password."""
self._password = generate_password_hash(password, method='sha256')
# check password parameter against stored/encrypted password
def is_password(self, password):
"""Check against hashed password."""
result = check_password_hash(self._password, password)
return result
# dob property is returned as string, a string represents date outside object
@property
def dob(self):
dob_string = self._dob.strftime('%m-%d-%Y')
return dob_string
# dob setter, verifies date type before it is set or default to today
@dob.setter
def dob(self, dob):
if isinstance(dob, str): # not a date type
dob = date=datetime.today()
self._dob = dob
# age is calculated field, age is returned according to date of birth
@property
def age(self):
today = datetime.today()
return today.year - self._dob.year - ((today.month, today.day) < (self._dob.month, self._dob.day))
# output content using str(object) is in human readable form
# output content using json dumps, this is ready for API response
def __str__(self):
return json.dumps(self.read())
# CRUD create/add a new record to the table
# returns self or None on error
def create(self):
try:
# creates a person object from User(db.Model) class, passes initializers
db.session.add(self) # add prepares to persist person object to Users table
db.session.commit() # SqlAlchemy "unit of work pattern" requires a manual commit
return self
except IntegrityError:
db.session.remove()
return None
# CRUD read converts self to dictionary
# returns dictionary
def read(self):
return {
"id": self.id,
"name": self.name,
"uid": self.uid,
"dob": self.dob,
"age": self.age,
}
# CRUD update: updates user name, password, phone
# returns self
def update(self, name="", uid="", password=""):
"""only updates values with length"""
if len(name) > 0:
self.name = name
if len(uid) > 0:
self.uid = uid
if len(password) > 0:
self.set_password(password)
db.session.add(self) # performs update when id exists
db.session.commit()
return self
# CRUD delete: remove self
# None
def delete(self):
db.session.delete(self)
db.session.commit()
return None
Initial Data
Uses SQLALchemy db.create_all() to initialize rows into sqlite.db
- Comment on how these work?
- Create All Tables from db Object
Loops through all the user options and inserted them one-by-one using an INSERT statement. The db object is referenced when the
create()method is called. - User Object Constructors Each constructor has parameters for their name, uid, password, and date of birth. These are set as properties of the object in its constructor.
- Try / Except The try/except construction is used to catch any database errors that arise from inserting records. Some of these are duplicate or ill-typed data.
- Create All Tables from db Object
Loops through all the user options and inserted them one-by-one using an INSERT statement. The db object is referenced when the
"""Database Creation and Testing """
# Builds working data for testing
def initUsers():
with app.app_context():
"""Create database and tables"""
db.create_all()
"""Tester data for table"""
u1 = User(name='Thomas Edison', uid='toby', password='123toby', dob=datetime(1847, 2, 11))
u2 = User(name='Nikola Tesla', uid='niko', password='123niko')
u3 = User(name='Alexander Graham Bell', uid='lex', password='123lex')
u4 = User(name='Eli Whitney', uid='whit', password='123whit')
u5 = User(name='Indiana Jones', uid='indi', dob=datetime(1920, 10, 21))
u6 = User(name='Marion Ravenwood', uid='raven', dob=datetime(1921, 10, 21))
users = [u1, u2, u3, u4, u5, u6]
"""Builds sample user/note(s) data"""
for user in users:
try:
'''add user to table'''
object = user.create()
print(f"Created new uid {object.uid}")
except: # error raised if object nit created
'''fails with bad or duplicate data'''
print(f"Records exist uid {user.uid}, or error.")
initUsers()
Check for given Credentials in users table in sqlite.db
Use of ORM Query object and custom methods to identify user to credentials uid and password
- Comment on purpose of following
- User.query.filter_by Filter all rows with a specific UID and return the first one. The ID is a unique column so there should only be one row returned by the query.
- user.password Return the user's password from the database in a hashed format.
def find_by_uid(uid):
with app.app_context():
user = User.query.filter_by(_uid=uid).first()
return user # returns user object
# Check credentials by finding user and verify password
def check_credentials(uid, password):
# query email and return user record
user = find_by_uid(uid)
if user == None:
return False
if (user.is_password(password)):
return True
return False
#check_credentials("indi", "123qwerty")
Create a new User in table in Sqlite.db
Uses SQLALchemy and custom user.create() method to add row.
-
Comment on purpose of following
-
user.find_by_uid() and try/except
Find by the UID of the user. Returns the row containing the user data.
-
user = User(...)
Call to constructor of the User class creating a new user and storing it in the
uservariable. The parametersname,uid, andpasswordare returned. -
user.dob and try/except
Sets the current date of birth based on the input. The input is parsed using the
datetimelibrary. -
user.create() and try/except
Creates the user in the database and saves it by serializing data into the SQLite format.
-
def create():
# optimize user time to see if uid exists
uid = input("Enter your user id:")
user = find_by_uid(uid)
try:
print("Found\n", user.read())
return
except:
pass # keep going
# request value that ensure creating valid object
name = input("Enter your name:")
password = input("Enter your password")
# Initialize User object before date
user = User(name=name,
uid=uid,
password=password
)
# create user.dob, fail with today as dob
dob = input("Enter your date of birth 'YYYY-MM-DD'")
try:
user.dob = datetime.strptime(dob, '%Y-%m-%d').date()
except ValueError:
user.dob = datetime.today()
print(f"Invalid date {dob} require YYYY-mm-dd, date defaulted to {user.dob}")
# write object to database
with app.app_context():
try:
object = user.create()
print("Created\n", object.read())
except: # error raised if object not created
print("Unknown error uid {uid}")
create()
Reading users table in sqlite.db
Uses SQLALchemy query.all method to read data
- Comment on purpose of following
- User.query.all
Return all users in the
usersdatabase. - json_ready assignment, google List Comprehension
Calls the
readmethod on all the users in the list and creates a new list with the JSON format of all users in the database.
- User.query.all
Return all users in the
# SQLAlchemy extracts all users from database, turns each user into JSON
def read():
with app.app_context():
table = User.query.all()
json_ready = [user.read() for user in table] # "List Comprehensions", for each user add user.read() to list
return json_ready
read()
from sqlalchemy import Column, Integer, String, Boolean
from .. import db
import random
class Todo(db.Model):
__tablename__ = "todos"
id = Column(Integer, primary_key=True)
_text = Column(String(255), nullable=False)
_completed = Column(Boolean, nullable=False)
def __init__(self, text, completed=False):
self._text = text
self._completed = completed
def __repr__(self):
return "<Todo(id='%s', text='%s', completed='%s')>" % (
self.id,
self.text,
self.completed,
)
@property
def text(self):
return self._text
@text.setter
def text(self, value):
self._text = value
@property
def completed(self):
return self._completed
@completed.setter
def completed(self, value):
self._completed = value
def to_dict(self):
return {"id": self.id, "text": self.text, "completed": self.completed}
def random_bool():
return bool(random.getrandbits(1))
def todos_table_empty():
return len(db.session.query(Todo).all()) == 0
def init_todos():
if not todos_table_empty():
return
menial_tasks = [
"Wash the dishes",
"Walk the dog",
"Take out the trash",
"Mop the floor",
"Do the laundry",
]
todos = [Todo(task, completed=random_bool()) for task in menial_tasks]
for todo in todos:
try:
db.session.add(todo)
db.session.commit()
except Exception as e:
print("error while creating todos: " + str(e))
db.session.rollback()
from flask import Blueprint, request
from flask_restful import Api, Resource, reqparse
from .. import db
from ..model.todos import Todo
todo_bp = Blueprint("todos", __name__)
todo_api = Api(todo_bp)
class TodoAPI(Resource):
def get(self):
id = request.args.get("id")
todo = db.session.query(Todo).get(id)
if todo:
return todo.to_dict()
return {"message": "todo not found"}, 404
def post(self):
parser = reqparse.RequestParser()
parser.add_argument("text", required=True, type=str)
args = parser.parse_args()
todo = Todo(args["text"])
try:
db.session.add(todo)
db.session.commit()
return todo.to_dict(), 201
except Exception as e:
db.session.rollback()
return {"message": f"server error: {e}"}, 500
# CRUD update functionality
def put(self):
parser = reqparse.RequestParser()
parser.add_argument("id", required=True, type=int)
args = parser.parse_args()
try:
todo = db.session.query(Todo).get(args["id"])
if todo:
todo.completed = not todo.completed
db.session.commit()
return todo.to_dict()
else:
return {"message": "todo not found"}, 404
except Exception as e:
db.session.rollback()
return {"message": f"server error: {e}"}, 500
# CRUD delete functionality
def delete(self):
parser = reqparse.RequestParser()
parser.add_argument("id", required=True, type=int)
args = parser.parse_args()
try:
todo = db.session.query(Todo).get(args["id"])
if todo:
db.session.delete(todo)
db.session.commit()
return todo.to_dict()
else:
return {"message": "todo not found"}, 404
except Exception as e:
db.session.rollback()
return {"message": f"server error: {e}"}, 500
class TodoListAPI(Resource):
def get(self):
try:
todos = db.session.query(Todo).all()
return [todo.to_dict() for todo in todos]
except Exception as e:
db.session.rollback()
return {"message": f"server error: {e}"}, 500
def delete(self):
try:
db.session.query(Todo).delete()
db.session.commit()
return []
except Exception as e:
db.session.rollback()
return {"message": f"server error: {e}"}, 500
todo_api.add_resource(TodoAPI, "/todo")
todo_api.add_resource(TodoListAPI, "/todoList")