Mvc framework

[AlikZi]

No description provided.

[dmitrymrn]

Pretty solid refactoring!
The next steps would be to logic from the routes to services and get rid of the repetitive code.

[dmitrymrn]

It's better to move this to the config file.

[dmitrymrn]

Nit: lots of extra newlines in general, also there should be only one new line at the end of each Python file (PEP8).

[dmitrymrn]

Usually, all imports are grouped at the top of the file and alphabetized.
https://www.python.org/dev/peps/pep-0008/#imports

[dmitrymrn]

There should be a single DB connector. You already have it in the __init__ file above, so you could just use it here.

[dmitrymrn]

Same here - create a single DB connector class and instantiate it whenever you need it.

[dmitrymrn]

I would suggest creating a config service so you could do something like this:

Suggested change

	open('client_secrets.json', 'r').read())['web']['client_id']
	config_service = ConfigService()
	CLIENT_ID = config_service.get_setting('web_client_id')

ConfigService would just load and parse JSON on init and store it in a class variable.

[dmitrymrn]

Nice!

[dmitrymrn]

This is a repetitive pattern, create a new method is_user_aiuthorized() and call it instead from all routes that require authorization.

[dmitrymrn]

This is a very good start!
The next step would be to decouple logic from the routes and create services. For example, you could create services subdirectory and categories.py in it. This file would contain CategoryService with a set of methods, which you could call from your routes. For ex:

services/categories.py:

from project.db import DBConnector # this does not exist, you have to create it
from project.models import Category

class CategoryService():

    def __init__(self):
        self.session = DBConnector().get_session()

    def get_all_categories(self):
        return self.session.query(Category).order_by(Category.name).all()

    def get_category_by_id(self, category_id):
        return self.session.query(Category).filter_by(id=cat_id).one()

categories/routes.py

Once you do this for categories, products, and authentication, showCategories could look like this:

import AuthService, CategoryService, ProductService

auth_service = AuthService()
category_service = CategoryService()
product_service = ProductService()

@categories.route('/')
@categories.route('/categories/')
def showCategories():
    """App route function for main page to show all categories."""
    return render_template(
        'index.html',
        categories=category_service.get_all_categories(),
        isLogin=auth_service.is_user_authorized(),
        latestProducts=product_service.get_latest_products(limit=8)
    )

[dmitrymrn]

Very nice job! You're almost there. I left several notes on further improvements.

Also, check this https://www.python.org/dev/peps/pep-0020/ out and then https://miguelgfierro.com/blog/2018/python-pro-tips-understanding-explicit-is-better-than-implicit/

[dmitrymrn]

Very nice and clean! 🔥

[dmitrymrn]

The only thing I'd recommend to change is the file name. addproducts.py reads like a service to handle product addition. In fact, you're creating some sample data. How about mock_catalog_data.py? I'd also suggest creating setup subdirectory and moving all project installation/mocking files there.

[dmitrymrn]

Nit: nowadays, it's a good habit to use .format() instead of % for string formatting. For ex:

Suggested change

	% access_token)
	url = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={}'.format(
	access_token,
	)```

[dmitrymrn]

I love the comments!

[dmitrymrn]

This pattern is repeated over 10 times in this file. When you see something like this, it's always a good candidate for refactoring and DRYing your code.
Additionally, it's better (according to code conventions) to use constants for repeated and/or static values. Response statuses are a good example.
In this particular case, you could do something like this:

HTTP_STATUS_CODE_OK = 200
HTTP_STATUS_CODE_UNAUTHORIZED = 401
HTTP_STATUS_CODE_ERROR = 500

def make_json_response(data, status):
    response = make_response(data, status)
    response.headers['Content-Type'] = 'application/json'
    return response

and then

@auth.route('/googleConnect', methods=['POST'])
def googleConnect():
    """Connect via Google Account and fetch User info."""
    # Validate state token
    if request.args.get('state') != login_session['state']:
        return make_json_response('Invalid state parameter.', HTTP_STATUS_CODE_UNAUTHORIZED)

P.S. as far as I remember, you don't need to do json.dumps for simple data types like strings or ints.

[dmitrymrn]

Same here: assign 8 to a constant, for ex DEFAULT_CATEGORY_PRODUCT_NUMBER and use the constant.

[dmitrymrn]

You did a good job moving most of DB calls to services! However, there should be no two ways to get objects of a certain type. You either always use a service (preferred) or use queries against models directly (better to avoid). For ex (you already have this method in your service):

Suggested change

	productToDelete = session.query(Product).filter_by(id=prod_id).one()
	productToDelete = product_service.get_product_by_id(prod_id)

Also, it's a good habit to spell out words in full in variable names. I.e. product_id instead of prod_id, category_name instead of cat_name, etc.

[dmitrymrn]

This can be a part of the AuthService, as well as creating a new user (above). I.e.:

Suggested change

	user = session.query(User).filter_by(email=login_session['email']).one()
	user = user_service.get_user_by_email(login_session['email'])

[dmitrymrn]

Same here:

Suggested change

	categoryToEdit = session.query(Category).filter_by(id=cat_id).one()
	categoryToEdit = category_service.get_category_by_id(category_id)

[dmitrymrn]

Same with method names:

Suggested change

	.get_products_by_cat_id(cat_id)),
	.get_products_by_category_id(category_id)),