update to instructions on how to run database

barreraalexander · barreraalexander · commit 6f7d4fbb4467 · 2022-10-17T17:53:25.000-04:00
diff --git a/alembic/env.py b/alembic/env.py
@@ -11,8 +11,8 @@
 # access to the values within the .ini file in use.
 config = context.config
 config.set_main_option(
-    # "sqlalchemy.url", "sqlite:///./src/sql_app.db"
-    "sqlalchemy.url", "sqlite:///./src/sql_app.db"
+    "sqlalchemy.url", "sqlite:///./src/sql_app.db",
+    # f"mysql://{settings.database_username}:{settings.database_password}@{settings.database_port}/{settings.database_name}"
     )
 # Interpret the config file for Python logging.
 # This line sets up loggers basically.
diff --git a/docs/how-to-create-db.md b/docs/how-to-create-db.md
@@ -1,5 +1,6 @@
 # How to create initial DB
 
-@todo - SQLite
-
+The application can run 2 types of databases by simply changing your `DEBUGGING` environment variable.
 
+If you have followed instructions for a manual build in the `README.md` doc,
+then you will already have already created a `.env` file. Make sure that DEBUGGING is set 1 (which means True). When the application is run, an empty sqlite `sql_app.db` file will automatically be created in the `/src` folder. 
diff --git a/docs/how-to-manage-api-products.md b/docs/how-to-manage-api-products.md
@@ -1,11 +1,26 @@
 # How manage products via API
+- All of the products routes live in the same router. The url is prefixed with `/api/products`.
+
 
 How to:
+## Nonauthentication-Required Routes
+- All of the routes in this category are open to the public. 
+
+**Get ->**
+The route used to get one product is named `get_product.` This route expects to recieve a product id (integer) in the url.
+
+**Get All ->**
+The route used to update a product is named `get_products.` This route will return all products, and an empty list if there are none. 
+
+
+## Authenticaion-Required Routes
+- All of the routes in this category require for the user to be authenticated. For more information on user authentication, see the `/docs/how-to-secure-api` documentation.
+
+**Create ->** 
+The route used to create a product is named `create_product`. This route expects to recieve raw json. The exact data required and corresponding types allowed can be seen in `/src/schemas.py`, under the class ProductBase.
+
+**Update ->**
+The route used to update a product is named `update_product.` This route expects to recieve a product id (integer) in the url, as raw as json, specifying which column needs to be changed. The exact data required and corresponding types allowed can be seen in `/src/schemas.py`, under the class ProductBase.
 
-- visualize all products 
-- create (secure way)
-  - reserved for app registered users
-- update (secure way)
-  - reserved for app registered users
-- delete (secure way)
-  - reserved for app registered users
+**Delete ->**
+The route used to delete one product is named `get_product.` This route expects to recieve a product id (integer) in the url. 
diff --git a/docs/how-to-manage-api-sales.md b/docs/how-to-manage-api-sales.md
@@ -1,12 +1,26 @@
-# How manage Sales via API
+# How manage sales via API
+- All of the sales routes live in the same router. The url is prefixed with `/api/sales`.
 
 
 How to:
+## Nonauthentication-Required Routes
+- All of the routes in this category are open to the public. 
 
-- visualize all sales 
-- create (secure way)
-  - reserved for app registered users
-- update (secure way)
-  - reserved for app registered users
-- delete (secure way)
-  - reserved for app registered users
+**Get ->**
+The route used to get one sale is named `get_sale.` This route expects to recieve a sale id (integer) in the url.
+
+**Get All ->**
+The route used to update a sale is named `get_sales.` This route will return all sales, and an empty list if there are none. 
+
+
+## Authenticaion-Required Routes
+- All of the routes in this category require for the user to be authenticated. For more information on user authentication, see the `/docs/how-to-secure-api` documentation.
+
+**Create ->** 
+The route used to create a sale is named `create_sale`. This route expects to recieve raw json. The exact data required and corresponding types allowed can be seen in `/src/schemas.py`, under the class SaleBase.
+
+**Update ->**
+The route used to update a sale is named `update_sale.` This route expects to recieve a sale id (integer) in the url, as raw as json, specifying which column needs to be changed. The exact data required and corresponding types allowed can be seen in `/src/schemas.py`, under the class SaleBase.
+
+**Delete ->**
+The route used to delete one sale is named `get_sale.` This route expects to recieve a sale id (integer) in the url. 
diff --git a/docs/how-to-migrate-db.md b/docs/how-to-migrate-db.md
@@ -1,5 +1,5 @@
 # How to Migrate DB
 
-@todo
+The database migration tool we are using is `Alembic.`
 
 
diff --git a/docs/how-to-secure-api.md b/docs/how-to-secure-api.md
@@ -1,13 +1,13 @@
 # How the API is secured
 
-A secured API means:
+The application is secured using jwt, or `json web tokens`. Communicating to the api that you are authorized occurs in two ways, differing on whether you're manually making requests or trying to access pages that require authentication.
 
-- Get requests (get all, get item) can be used in public space
-- Mutating requests are reserved for users registered in the app
-  - create 
-  - update
-  - delete
+**Getting Authorized**
+Getting authorized is the basic process of recieving a jwt token and storing it in your browser. This is done when you successfully send the correct credentials to login route, `/api/auth/login`. This route is looking to recieve form data with two key/value pairs, "username", which holds the users email, and "password" which holds the user's password. 
+
+**Making Authorized Requests**
+The majority of the routes in this category are going to be prefixed with `/api`. You can tell specifically by looking at the route, it will have this argument ` current_user: int = Depends(oauth2.get_current_user)`, meaning that the route depends on an authorized user and won't function without one. Oauth2 is doing most of the heavy lifting in this case. It checks the request's Header for a particualr key/value pair. The key it is searching for is `Authorization`, and the value is the token type (bearer) and the actual token, `Bearer {my.jwt.token}`. This form of authorization applies to all create, update, and delete nodes. 
+
+**Navigating to Authorized Webpages**
+All of the routes in this category will have no prefix `/`, as they are user interface routes. All of the routes that require authorization will have the decorator function `@oauth2.auth_required`. This function take a look at the request's cookies, particularly with the key `Authorization`, which stores the users looking for jwt token. If a jwt token is not found or has expired, the user is forwarded to signin page. A cookie is used in this case because it persists across all requests.
 
-This logic applies to all API nodes:
-- products
-- sales
diff --git a/docs/how-to-use-mysql.md b/docs/how-to-use-mysql.md
@@ -1,5 +1,5 @@
 # How to create initial DB
 
-@todo - MySql
-
+Switching the application over from SQLITE to Mysql is as simple as changing the projects environment variable `DEBUGGING` to 0, which means false. The application will automatically look for a mysql server with the proper authentication. However, it's very important that you already have mysql installed and an empty schema.
 
+Furthermore, the Alembic configuration should be changed so that it is pointing to the correct url. The config for alembic is `/alembic/env.py`. 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`# How to Migrate DB`
`2`	`2`
`3`		`-@todo`
	`3`	+The database migration tool we are using is `Alembic.`
`4`	`4`
`5`	`5`