in this problem your task is going to be to design a web application that allows users to manage a portfolio of stocks in order to do so you'll need to implement a variety of different features first you'll need to make sure that every user can register for an account once they register for an account a user should have the ability to look up a stock quote buy a stock if they want to see an index page that shows them all of the stocks the current user has bought then the user should be able to sell any of the stocks that they currently owne and see a history of all of their transactions and finally once you've implemented all of these features you'll Implement a personal touch of your very own to add to this web application but before we dive into the features that you're going to implement let's start by taking a look at the distribution code that we'll provide to you as a starting point for this problem the distribution code for this problem comes in a number of different parts we'll give you a few python files app. py and helpers dopy in addition to a sqlite database called finance. DB in addition we'll also give you a folder filled with templates and we'll walk through each of these parts of the distribution code one file at a time let's start with app.
py which is where you'll write most of your python code for this web application app. py defines a flask web application and also defines a variable called DB which will allow you to connect to a sqlite database in particular you can use the function db. execute to execute a SQL statement on your sqlite database later in app.
py you'll also see definitions for each of the routes inside of your web application Each of which will start with the syntax aa. route these routes can take a variety of different request methods most notably get for getting the contents of a page and post generally used if you're submitting data to a particular route there are some routes that have already been implemented for you such as log in and log out and let's now take an opportunity to look at one of these routes the login route just to get a sense for how routes in flask this web framework actually work so here is the login route and it begins with this syntax app. route with SL login being the route that users can use to access this part of your web application this particular route accepts two different methods get and post and it's associated with this function called login because the login route accepts two request methods get and post and we need to make different decisions based on that request method one of the first things we'll need to do is check what the request method is if the request method is post that means the user has just submitted the login form and if the user has just submitted the login form then we'll need to access whatever data the user typed into that form in order to do that we can use this syntax here request.
form. getet username to get whatever the current username is that the user typed in into that form and if the user didn't provide a username well then we should render an apology an error message to the user to let them know that they need to provide a username likewise just as we make sure that the user has typed in a username we also need to make sure that the user has typed in a password and if the user didn't type in a password then we should render an apology as well after that once we're sure that the user has typed in both a username and a password we need to now look them up inside of our final . db database to make sure that this is a valid username and password combination so we'll use db.
execute to run a select query on our existing database and do a select to try and find the user whose username is equal to whatever it is the user typed in into the form we won't know what the username is until the user actually types in their username and clicks the button to submit the form and so here we're using a question mark where the question mark is acting as a placeholder for whatever the user typed into the for which again we can access via this syntax request. for. gut whenever we run the db.
execute function on a select query running on our database what we'll get back is a list of all of the rows that matched our select query so the next thing we should do is check to make sure that what we got back is exactly one row representing that particular user and we should check to make sure that their password was correct if either of those isn't true if the user is not in the database or they typed in their password wrong well then we should return an error back to the user using that apology function to let the user know that this was an invalid username and password combination and if we made it through all of that that means the user has typed in a username and a password and we verified that this is a valid username password combination and if that's the case then the next thing we should do is actually log the user in how do we do that we'll recall that we can use the session variable to keep track of information about the current user so we'll store inside of session bracket user ID the current users's ID that we got from the database and after we've signed the user in we'll go ahead and redirect the user back to the homepage so that they can now go ahead and look up stocks buy stocks or sell stocks if they would like to and finally at the very end of the function we need to take care of the other request method all of that code we just took a look at was if the request method was post the user actually submitted the login form but if instead the request method is get that means the user just clicked on a button to access the login form and in order to do that what we'll do is return a template back to the user rendering the login form so the user can go ahead and type in their username and password in addition to app. py we also provide you with helpers dopy which is a python file that contains some useful functions that you might take advantage of as you're building the various features of this web application we'll give you a function called apology that displays an error message to the user login required can be used above any of your functions to require that a user log in before they're able to access a given route for example you might want to make sure that a user is logged in before they're able to buy or sell stocks the lookup function meanwhile uses a stocks API to get the current stock quote for a particular stock symbol you can look up a stock by its symbol and figure out what the current quote for that stock is and finally we give you a function called USD that takes a number and formats it as US dollars with a dollar sign some number of dollars and some number of cents next in the distribution code is finance. DB and this is the sqlite database that is going to store all of the application data for your web application so far in finance.
DB we'll give you a users table and inside of this users table you'll find columns for keeping track of each user's ID their username a hash of their password and how much cach that user has but you'll likely need to add new tables into this database to finish implementing all of the features of the web application and you can do that using the create table syntax in SQL finally in this distribution code we also give you a folder of templates that contains HTML templates that can be rendered to the user depending on what part of the web application they're trying to access there's a file inside of your templates folder called layout. HTML that defines the general HTML structure for all of your pages and then the rest of your HTML Pages can use the syntax to extend layout. HTML to use that existing layout and add to it a title for the page and the main body content of each of your other HTML Pages now that we've taken a look at the distribution code that we'll provide to you for this problem let's now turn our attention to each of the different features that you'll need to implement to make this web application fully functional the first thing you'll need to do is make sure that each user has the ability to register for your finance application in order to do that your register route should accept two different request methods get and post if the user tries to access the register route using the get request method then you should just display a form to the user so that they can register for a new account once the user submits that form accessing your register route via the post request method what you should do is check for possible errors and if there are no errors then you can insert the new user into the user's table and log the user in after that so let's start with that registration form how will you display a registration form to the user well in order to do that you'll likely need to create a new template that contains the HTML for that registration form and recall that you can find all of your templates inside of that templates folder in your Finance directory you can use the login.
HTML template that we've already provided to you as inspiration for what this new template might look like and remember the HTML form that you create should contain input fields that allow the user to choose a username choose a password and then verify that they typed in their password correctly once the user types in information into that registration form and submits it to your web application your python code is going to need to access whatever it is the user typed in to that registration form in order to do that you can use some syntax like this if you have an input field inside of your HTML code with an attribute that says name equals password for example well then inside of your flask application inside of your python code you can use this syntax here request. form. getet and then the name of that input field in this case password and that will allow you to access whatever it is the user typed into the form and then submitted via the post request method you can do that for the password for the confirmation and for the user's username as well inside of your route you'll also want to check for possible errors what might go wrong when the user is trying to register for a new account well if any field is left blank if the user didn't type in a username didn't provide a password or didn't confirm their password you should return an apology letting the user know that each of those fields was required if the two passwords don't match with each other you should also let the user know that as well and finally if the username is already taken by some other user already inside of your database you should apologize to the user and let them know about that as well once you've confirmed that there are no errors with what the user provided to you you'll want to add the user to the user's table of your database but you should keep Security in mind as you do so in particular remember the databases should never Store Plain text passwords instead you should first generate a hash of the user's password using the generate password hash function provided to you and then store the hash of the password inside of the database instead of the plain text password itself once you've generated a hash of the password then you can add all of this information into the database by using db.
execute in order to run an insert statement to add a new row into the user table and remember again you can use the question mark symbol to stand in as a place holder for a value that you might not know yet at the time that you're writing this code once the user has been added into the user's table then you can log the user in setting session bracket user ID equal to the new ID for whatever user you've just added to the database once the user has been able to register for an account next you'll want to allow the user to look up stock quotes in your quote route you should also accept two request methods get and post if a user tries to access your quote route via get you should display a form that lets the user request a stock that they would like to look up and when the form is submitted via post then your application should look up that stock symbol by calling the lookup function and display the results back to the user how does the lookup function work we'll recall that lookup is a function that we have defined for you inside of helpers dop and it takes a stock symbol and returns a stock quote if lookup was able to successfully look up the stock quote then the function is going to return a dictionary back to you with fields to represent the name of the stock the symbol for that stock and what the Stock's current price is but it's also possible that the lookup will not be successful if for example the user tries to type in a stock symbol that doesn't exist in that case you should return an apology to the user letting them know that that particular stock symbol doesn't exist but if the lookup is successful what you'll want to do is display an HTML page to the user that contains information about the stock the name of the stock and what the current price of that stock is in order to do so you'll need to pass in values into your HTML templates and how might you do that well in your python code you can use the render template function to render an HTML template but you can also provide variables into this template that's known as a ginger template for example in this code here I'm rendering hello. html but giving this template access to a variable called name which in this case is equal to Brian and then inside of my Ginger template I can use double curly braces around the variable name in this case name in order to display whatever was passed in from the render template function here inside of my HTML likewise you could do something like this as well in order to display the current price of whatever stock the user has just looked up in addition to allowing users to look up stock quote we also want to allow users to buy a new stock in order to do that your Buy Route will also accept two request methods get and post where when the user gets this page they should be shown a form that allows the user to buy a stock and when the user submits that form you should purchase the stock as long as the user can actually afford it your HTML form should allow the user to type in what stock symbol they would like to buy in addition to how many shares they would like to buy once the user submits the form you'll want to check it for valid input for example a user shouldn't be allowed to buy a negative number of shares and you'll also want to make sure that the stock symbol is actually valid but before you can add this data into your database you'll likely need to create one or more new tables to keep track of this new information right now the finance. DB database we provide to you includes a table for keeping track of users and how much cash they have but doesn't include any tables for keeping track of what stock box each of those users actually owns so you'll first want to give some thought as to what new tables you'll want to add to this database and what fields that table or tables will have you can use the create table statement to add a new table to the database and you'll want to be sure to use appropriate SQL types as you do so there are multiple correct ways to implement this so decide for yourself what kind of database design makes the most sense to you and is most logical for this particular web application once you're happy with the tables inside of your database you'll want to add this new stock purchase to the user's portfolio first remember that you'll need to make sure the user has enough cash to afford the stock if the user can't afford the number of shares of the stock that they're trying to purchase you should return an apology to the user letting them know that they don't have enough cash for this purchase but assuming the user does have enough cash for the purchase you should run whatever SQL statement you need on your database to purchase that stock and also be sure to update that user's cache to reflect the purchase that they've just made once you've implemented this feature users should be able to log into your web application and buy new stocks but once users have bought those new stocks it would be nice if there was a place where users could view all of the stocks they've already bought and that's what you'll do in this next feature the index page of your web application should display an HTML table with all of the information about all of the stocks that the current user own owns how many shares of each stock the user owns the current price of each of those stocks as well as the total value for each of those Holdings for example if the user has multiple of a certain stock their total value for that stock will be higher you should also display the user's current cash balance on this page as well as their grand total of the combination of the value of all of their stocks and whatever cash they happen to have on hand as you create this HTML table you realize that there's some HTML that you're going to repeat for example you might have one row for one stock and a very similar Row for another stock and again and again for each of the stocks that the user currently owns in order to render this as HTML it might be nice to have some kind of a loop where you're looping over all of the stocks adding one row of the table for each of the stocks the user currently owns and it turns out we can use Loops like this inside of a ginger template in this example we return render template hello.
