Big Idea 1

1. Backend Debugging (Postman)

  • I used postman in order to send get, post, put, and delete requests to the backend and by passing certain bodies to check whether the API was working properly or not.

2. Frontend Debugging (Control)

  • I used the console on the frontend in order to use the Frontend features like the update rates and see whether the request to the backend in order to execute the request to the API was working properly or not.

3. Testing(Proper Data)

  • I created authentic and real-looking users and ratings to supplement m feature with actual test data, and not just “hello” or “123”

4. All Postman Requests

Get

Put

Post

Update

Using Postman to send requests to the backend allowed me to test the API endpoint and make sure they were functioning properly, and helping me find any issues early on. By checking the frontend console, I was also able to track errors, log the errors and other outputs, and monitor the responses in real-time, making debugging much easier. Together, these tools helped streamline the development process by providing the outputs and show me what is going on in both the backend and frontend.

Big Idea 2

1. Database Management with SQLite:

“rates” Table Columns, and data management/organization

  • This is my Rate table in the database, which stores a unique rating_id in the first column which is different for each rating.

  • It stores the actual value or “rating” which are integers from 1-10 in one column.

  • It stores the user_id associated with the user that created that rating, and when joined with the user.py api, the username can be found which is associated with each rating.

  • There is also a column for post_id, and each attraction that there is a rating for will have its own post_id, so al the eiffel tower ratings will be in post_id 1, the louvre ratings will be in post_id 2, etc…

__tablename__ = 'rates'

id = db.Column(db.Integer, primary_key=True)
value = db.Column(db.Integer, nullable=False)  # Rating value (1-10)
user_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False)
post_id = db.Column(db.Integer, db.ForeignKey('posts.id'), nullable=False)

def __init__(self, value, user_id, post_id):
    self.value = value
    self.user_id = user_id
    self.post_id = post_id

The Code

In my “rate” api’s model file I have defined the different columns, and where each value that is entered should go on the table, as well as what type of data should be in each.

  • For instance, all of my data is stored as integers

2. Data Upload and Storage

Retrieving Data from the Request

def post(self):
    # Retrieve data from the request
    current_user = g.current_user
    data = request.get_json()
    post_id = data.get('post_id')
    rating_value = data.get('rating')

Data(Rating) Validation


# Validate the input
if post_id is None or rating_value is None:
    return jsonify({"message": "post_id and rating are required"}), 400

try:
    rating_value = int(rating_value)
except ValueError:
    return jsonify({"message": "Rating must be an integer"}), 400

if not (1 <= rating_value <= 10):
    return jsonify({"message": "Rating must be between 1 and 10"}), 400

Adding the data to the table

# Create a new rating entry
rating = Rate(user_id=current_user.id, post_id=post_id, value=rating_value)
db.session.add(rating)
db.session.commit()

return jsonify({"message": "Rating submitted successfully"})

  • Takes in data from the request

  • Then, validates whether the rating and other data is valid, and ready to add to the table

  • Adds the data to the table, formatting it into columns with

    • user_id
    • post_id
    • value(rating)

Thus, the rating is successfully added to the table, and linked with the post_id(“eiffel tower”, “louvre”, etc.), and also linke with the specific user_id(user who added the rating).

3. Data Security

if rating.Rate.user_id == current_user.id or current_user.role == 'Admin':
    # Ensure the rating belongs to the current user
    rating = Rate.query.filter_by(id=rating_id).first()
    if rating:
        db.session.delete(rating)
        db.session.commit()
        return jsonify({"message": "Rating deleted successfully"})
    else:
        return jsonify({"message": "Rating not found"}), 404

Users: Admin vs User

This is a code segment from the delete request in my rate API, and it helps create security for the data on the website.

  • Only Admin users can delete messages from all user
  • Normal Users can only delete their own messages

The same ideas apply to the put(update) method because the update and delete methods are the only ones which modify the existing data, and this can cause data security concerns, because if a nromal user was allowed to delete all the ratings all of the data could be gone, but here only restricted admin users can.

However, anyone can post or get, allowing all users to create ratings and view the current ratings.

@token_required()

Token Required

All users who are trying to access the data, or create a rating, view ratings, update their ratings, and delte their ratings must be logged in, and the token required feature allows for that, and prevents users not logged in from accessing the data.

4. Data Retrieval and Display

Get Request

Retrieve data from the frontend

post_id = request.args.get('post_id')

Validate the data

if not post_id:
    return jsonify({"message": "post_id is required"}), 400

Queries


ratings = db.session.query(Rate, User).join(User, Rate.user_id == User.id).filter(Rate.post_id == post_id).all()
ratings_list = [{"rating_id": r.Rate.id, "username": r.User._name, "rating": r.Rate.value} for r in ratings]

return jsonify(ratings_list

THe code queries through the “rates” table, and returns all of the rating_ids, usernames, and the actual rating values associated with each rating.

Frontend Code

const response = await fetch(`${pythonURI}/api/rate?post_id=${POST_ID}`, fetchOptions);
const data = await response.json();

The code recieves the data associaed with a particular post_id in the backend in the form of a json, which it can then use to display on the frontend.

Displays on Frontend

Big idea 4

The main focus of big idea 4 is toward the internet, ip addresses, protocols, and for us, deployment

AWS

AWS is Amazon Web Services, and all of the groups in our class use the same AWS server to deploy our projects onto.

DNS

DNS stands for domain name service and what it does for us is that it maps a certain domain name to an IP address so the domain that we are using for the deployed project is intertravel.stu.nighthawkcodingsociety.com, and it maps this to the ip address of 3.129.109.200.

HTTP

We use HTTP method in order to send requests to API endpoints to take advantage of our background through POST, GET, PUT, and DELETE requests allowing the user to create ratings on my website and interact using these other features.