from flask import Blueprint, request, jsonify from datetime import datetime, timezone from util.logger import logger from util.db_pool import get_connection from auth.token import verify_token notes_blueprint = Blueprint('notes_tool', __name__) @notes_blueprint.route('/api/notes', methods=['GET']) def get_notes(): user = verify_token() if not user: return jsonify({"message": "Nicht autorisiert"}), 401 try: conn = get_connection() try: cursor = conn.cursor(dictionary=True) cursor.execute( "SELECT id, title, content, language, created_at, updated_at " "FROM notes WHERE user_id = %s ORDER BY updated_at DESC", (user['id'],) ) notes = cursor.fetchall() cursor.close() finally: conn.close() for n in notes: if n.get('created_at'): n['created_at'] = n['created_at'].isoformat() if n.get('updated_at'): n['updated_at'] = n['updated_at'].isoformat() return jsonify(notes) except Exception as e: logger.error(f"Fehler notes GET: {e}") return jsonify({"message": "Fehler beim Laden"}), 500 @notes_blueprint.route('/api/notes', methods=['POST']) def create_note(): user = verify_token() if not user: return jsonify({"message": "Nicht autorisiert"}), 401 try: data = request.get_json(silent=True) or {} title = data.get("title", "Neue Notiz").strip() or "Neue Notiz" content = data.get("content", "") language = data.get("language", "text") conn = get_connection() try: cursor = conn.cursor() cursor.execute( "INSERT INTO notes (user_id, title, content, language) VALUES (%s, %s, %s, %s)", (user['id'], title, content, language) ) conn.commit() note_id = cursor.lastrowid cursor.close() finally: conn.close() logger.info(f"Notiz erstellt von {user['username']}: id={note_id}") return jsonify({"id": note_id, "title": title, "content": content, "language": language}) except Exception as e: logger.error(f"Fehler notes POST: {e}") return jsonify({"message": "Fehler beim Erstellen"}), 500 @notes_blueprint.route('/api/notes/', methods=['PUT']) def update_note(note_id): user = verify_token() if not user: return jsonify({"message": "Nicht autorisiert"}), 401 try: data = request.get_json(silent=True) or {} title = data.get("title", "").strip() or "Neue Notiz" content = data.get("content", "") language = data.get("language", "text") # mysql-connector expects a naive datetime for DATETIME columns; # strip tzinfo after converting to UTC to avoid driver warnings. now = datetime.now(timezone.utc).replace(tzinfo=None) conn = get_connection() try: cursor = conn.cursor() cursor.execute( "UPDATE notes SET title=%s, content=%s, language=%s, updated_at=%s " "WHERE id=%s AND user_id=%s", (title, content, language, now, note_id, user['id']) ) conn.commit() affected = cursor.rowcount cursor.close() finally: conn.close() if affected == 0: return jsonify({"message": "Notiz nicht gefunden"}), 404 return jsonify({"ok": True}) except Exception as e: logger.error(f"Fehler notes PUT: {e}") return jsonify({"message": "Fehler beim Speichern"}), 500 @notes_blueprint.route('/api/notes/', methods=['DELETE']) def delete_note(note_id): user = verify_token() if not user: return jsonify({"message": "Nicht autorisiert"}), 401 try: conn = get_connection() try: cursor = conn.cursor() cursor.execute( "DELETE FROM notes WHERE id=%s AND user_id=%s", (note_id, user['id']) ) conn.commit() affected = cursor.rowcount cursor.close() finally: conn.close() if affected == 0: return jsonify({"message": "Notiz nicht gefunden"}), 404 return jsonify({"ok": True}) except Exception as e: logger.error(f"Fehler notes DELETE: {e}") return jsonify({"message": "Fehler beim Löschen"}), 500