from flask import Flask, request, redirect, url_for, session, g, flash, render_template # from flask_oauth import OAuth import requests import urllib from werkzeug.exceptions import BadRequest from QBOService import create_customer, get_companyInfo from utils import excel, context, OAuth2Helper import config # configuration SECRET_KEY = 'dev key' DEBUG = True # setup flask app = Flask(__name__) app.debug = DEBUG app.secret_key = SECRET_KEY @app.route('/') def index(): """Index route""" global customer_list customer_list = excel.load_excel() return render_template( 'index.html', customer_dict=customer_list, title="QB Customer Leads", ) @app.route('/', methods=['POST']) def update_table(): """Update Excel file after customer is added in QBO""" customer_id = request.form['id'] request_context = context.RequestContext(session['realm_id'], session['access_token'], session['refresh_token']) for customer in customer_list: if customer['Id'] == customer_id: # Create customer object response = create_customer(customer, request_context) # If customer added successfully, remove them from html and excel file if (response.status_code == 200): font_color = 'green' new_customer_list = excel.remove_lead(customer_list, customer_id) flash('Customer successfully added!') return render_template( 'index.html', customer_dict=new_customer_list, title='QB Customer Leads', text_color=font_color ) else: font_color = 'red' flash('Something went wrong: ' + response.text) return redirect(url_for('index')) @app.route('/company-info') def company_info(): """Gets CompanyInfo of the connected QBO account""" request_context = context.RequestContext(session['realm_id'], session['access_token'], session['refresh_token']) response = get_companyInfo(request_context) if (response.status_code == 200): return render_template( 'index.html', customer_dict=customer_list, company_info='Company Name: ' + response.json()['CompanyInfo']['CompanyName'], title='QB Customer Leads', ) else: return render_template( 'index.html', customer_dict=customer_list, company_info=response.text, title='QB Customer Leads', ) @app.route('/auth') def auth(): """Initiates the Authorization flow after getting the right config value""" params = { 'scope': 'com.intuit.quickbooks.accounting', 'redirect_uri': config.REDIRECT_URI, 'response_type': 'code', 'client_id': config.CLIENT_ID, 'state': csrf_token() } url = OAuth2Helper.get_discovery_doc()['authorization_endpoint'] + '?' + urllib.parse.urlencode(params) return redirect(url) @app.route('/reset-session') def reset_session(): """Resets session""" session.pop('qbo_token', None) session['is_authorized'] = False return redirect(request.referrer or url_for('index')) @app.route('/callback') def callback(): """Handles callback only for OAuth2""" #session['realmid'] = str(request.args.get('realmId')) state = str(request.args.get('state')) error = str(request.args.get('error')) if error == 'access_denied': return redirect(index) if state is None: return BadRequest() elif state != csrf_token(): # validate against CSRF attacks return BadRequest('unauthorized') auth_code = str(request.args.get('code')) if auth_code is None: return BadRequest() bearer = OAuth2Helper.get_bearer_token(auth_code) realmId = str(request.args.get('realmId')) # update session here session['is_authorized'] = True session['realm_id'] = realmId session['access_token'] = bearer['access_token'] session['refresh_token'] = bearer['refresh_token'] return redirect(url_for('index')) def csrf_token(): token = session.get('csrfToken', None) if token is None: token = OAuth2Helper.secret_key() session['csrfToken'] = token return token if __name__ == '__main__': app.run()