Follow instructions to install the latest version of python for your platform in the python docs
We recommend working within a virtual environment whenever using Python for projects. This keeps your dependencies for each project separate and organaized. Instructions for setting up a virual enviornment for your platform can be found in the python docs
Once you have your virtual environment setup and running, install dependencies by naviging to the /backend
directory and running:
pip install -r requirements.txt
This will install all of the required packages we selected within the requirements.txt
file.
-
Flask is a lightweight backend microservices framework. Flask is required to handle requests and responses.
-
SQLAlchemy and Flask-SQLAlchemy are libraries to handle the lightweight sqlite database. Since we want you to focus on auth, we handle the heavy lift for you in
./src/database/models.py
. We recommend skimming this code first so you know how to interface with the Drink model. -
jose JavaScript Object Signing and Encryption for JWTs. Useful for encoding, decoding, and verifying JWTS.
From within the ./src
directory first ensure you are working using your created virtual environment.
Each time you open a new terminal session, run:
export FLASK_APP=api.py;
To run the server, execute:
flask run --reload
The --reload
flag will detect file changes and restart the server automatically.
- Create a new Auth0 Account
- Select a unique tenant domain
- Create a new, single page web application
- Create a new API
- in API Settings:
- Enable RBAC
- Enable Add Permissions in the Access Token
- in API Settings:
- Create new API permissions:
get:drinks-detail
post:drinks
patch:drinks
delete:drinks
- Create new roles for:
- Barista
- can
get:drinks-detail
- can
- Manager
- can perform all actions
- Barista
- Test your endpoints with Postman.
- Register 2 users - assign the Barista role to one and Manager role to the other.
- Sign into each account and make note of the JWT.
- Import the postman collection
./starter_code/backend/udacity-fsnd-udaspicelatte.postman_collection.json
- Right-clicking the collection folder for barista and manager, navigate to the authorization tab, and including the JWT in the token field (you should have noted these JWTs).
- Run the collection and correct any errors.
- Export the collection overwriting the one we've included so that we have your proper JWTs during review!
There are @TODO
comments throughout the ./backend/src
. We recommend tackling the files in order and from top to bottom:
./src/auth/auth.py
./src/api.py
.