mysqlatlassian-python-api

in mysql data base i have two tables named applications and sign_up, sign_up table has primary user_id and which is also Foreign key in applications


I want to perform the scenario user can only apply for job if user with user_id is register in sign_up table first, for the above query and route I try to apply for job both registered and uuregistered user but I get the same out put

[
  null,
  "User not authenticated or signed up"
]

I expect to if the user is registered in sign_up table and apply for job the specified html template should be rendered

I use this sql query function

def get_user_id_from_request():
    """
    Retrieve user_id from the sign_up table based on some identifier in the request.
    """
    username = request.headers.get("full_name")
    if username:
        with engine.connect() as conn:
            query = text("SELECT user_id FROM sign_up WHERE username = :username")
            result = conn.execute(query, {'username': username}).fetchone()
            if result:
                return result[0]  # Return the user_id if found
    return None

and this api-endpoints

"@app.route("/job/<id>/apply", methods=["post"])
def apply_job(id):
    """
    get the data from form and insert the data to the
    database table by using post method and displays and acknowledgment
    """

    data= request.form
    job = get_job_by_id(id)
    user_id = get_user_id_from_request()
    if insert_application(user_id, id, data):
        return render_template("app_submitted.html",application=data, job=job)
    else:
        return jsonify(user_id,"User not authenticated or signed up")"

Solution

  • finally after struggling for lots of time i fix it here is the way how i fix it using request.headers.get("full_name") is not a common practice to include sensitive information like a username in the headers of a request. Typically, usernames are collected through forms or provided as part of the authentication process. so we have to use the following method in place of the above method

    username = request.form.get("username")