Introduction

FlaskDataMateX is a Python Flask-based web application designed to manage customers, items, and transactions. This project provides RESTful endpoints for performing CRUD operations on customers, items, and transactions.

Features

• Manage Customers: Add, update, and delete customer records.
• Manage Items: Add, update, and delete item details.
• Manage Transactions: Record and modify transactions between customers and items.
• Simple, modular structure using Flask Blueprints for better scalability and code organization.
• MySQL database integration for data persistence.

Project Structure

• app.py: The main entry point for the application. Registers all blueprints (customers, items, transactions) and handles CORS configuration.
• customers.py: Defines routes and logic for managing customer-related operations.
• items.py: Contains endpoints for managing item details.
• transactions.py: Handles transaction operations like adding, updating, and deleting transaction records.
• config.py: Manages the database connection configuration.

Prerequisites

Before running the FlaskDataMateX project, ensure you have the following installed on your system:

1. Python 3.x: FlaskDataMateX requires Python 3 or higher.

   • You can download Python from the official website: https://www.python.org/downloads/

2. MySQL: The application uses MySQL as the database. Ensure that MySQL is installed and running.

3. Pip: Make sure pip is installed to manage Python packages.

   • If pip is not installed, you can install it using:

     python -m ensurepip --upgrade

4. MySQL Connector: The application uses MySQL Connector to connect to the database.

   • Install the MySQL Connector with the following command:

     pip install mysql-connector-python

5. Flask: Flask is required to run the web application.

   • You can install Flask using pip:

     pip install Flask

6. Flask-CORS: Flask-CORS is needed to handle Cross-Origin Resource Sharing (CORS) for frontend-backend communication.

   • Install Flask-CORS using pip:

     pip install Flask-CORS

7. MySQL Database Setup: Ensure you have a MySQL database set up and running, with a database named FlaskDataMateX as required by the app.

Once you have these prerequisites installed and configured, you're ready to proceed with setting up and running FlaskDataMateX.

Clone the repository:

  git clone https://github.com/sasmithx/FlaskDataMateX.git

JWT Authentication

FlaskDataMateX implements JSON Web Token (JWT) authentication to secure API endpoints and manage user sessions. JWT is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling you to verify the token's authenticity.

How JWT Works

1. User Login:

   • Users can log in by providing their credentials (username and password) to the /auth/login endpoint.
   • Upon successful authentication, the server generates a JWT token containing user information and an expiration time.

2. Token Generation:

   • The generated token is signed with a secret key using the HMAC SHA-256 algorithm. This ensures the token's integrity and authenticity.

3. Token Usage:

   • The token is returned to the user and should be included in the Authorization header for subsequent API requests that require authentication.
   • The format for including the token is:

     Authorization: Bearer <token>
     

4. Token Validation:

   • Each protected endpoint is decorated with a @token_required decorator that checks for the presence and validity of the token.
   • If the token is valid, the requested operation proceeds; if not, the server responds with an error message.

Implementing JWT in FlaskDataMateX

• Authentication Endpoints:

  • POST /auth/login: Accepts a JSON payload with username and password. Returns a JWT token if credentials are valid.

• Protected Endpoints:

  • To protect any endpoint, simply use the @token_required decorator. This ensures that only authenticated users can access these endpoints.

License

This project is licensed under the MIT License - see the MIT License file for details.

© 2024 Sasmith Manawadu