From 0e1c5d10fb83d6517d7dd866466fb350c3d2495f Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Thu, 15 Apr 2021 00:01:18 +0000
Subject: [PATCH 1/3] Whitelist all hosts when debugging

---
 server/server/settings.py | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/server/server/settings.py b/server/server/settings.py
index f9e9d00..3cd02b1 100644
--- a/server/server/settings.py
+++ b/server/server/settings.py
@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/3.1/ref/settings/
 """
 
 from pathlib import Path
+import os
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
@@ -23,9 +24,20 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 SECRET_KEY = 'ayr0nbsni^%h!xbeplx_v#b^cuj^adjg2*z7t@+ht7c=7*1u$e'
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG_ENV = os.environ.get('DEBUG', False)
+DEBUG = DEBUG_ENV or False
 
-ALLOWED_HOSTS = ['server']
+PRODUCTION_HOST = 'example.com'
+
+# production hosts
+ALLOWED_HOSTS = [
+    'api.' + PRODUCTION_HOST,
+]
+
+if DEBUG:
+    ALLOWED_HOSTS += [
+        '*',
+    ]
 
 
 # Application definition

From f514af6f5fa6b2f31222ac7ab2daa8e38ecf83db Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Thu, 15 Apr 2021 00:02:10 +0000
Subject: [PATCH 2/3] Add API routes for all models

---
 server/server/api/serializers.py | 20 ++++++++++++++++++++
 server/server/api/views.py       | 17 ++++++++++++++++-
 server/server/urls.py            |  3 +++
 3 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/server/server/api/serializers.py b/server/server/api/serializers.py
index e6d7f61..187fb57 100644
--- a/server/server/api/serializers.py
+++ b/server/server/api/serializers.py
@@ -1,7 +1,27 @@
 from django.contrib.auth.models import User, Group
 from rest_framework import serializers
+from server.api import models
 
 class UserSerializer(serializers.ModelSerializer):
     class Meta:
         model = User
         fields = ['username', 'email', 'groups']
+
+class TransactionSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = models.Transaction
+        fields = '__all__'
+
+class StackSerializer(serializers.ModelSerializer):
+    transactions = TransactionSerializer(many=True, read_only=True)
+
+    class Meta:
+        model = models.Stack
+        fields = '__all__'
+
+class AccountSerializer(serializers.ModelSerializer):
+    stacks = StackSerializer(many=True, read_only=True)
+
+    class Meta:
+        model = models.Account
+        fields = '__all__'
diff --git a/server/server/api/views.py b/server/server/api/views.py
index 524cfa2..b64dca7 100644
--- a/server/server/api/views.py
+++ b/server/server/api/views.py
@@ -1,9 +1,24 @@
 from django.contrib.auth.models import User, Group
 from rest_framework import viewsets
 from rest_framework import permissions
-from server.api import serializers
+from server.api import serializers, models
 
 class UserViewSet(viewsets.ModelViewSet):
     queryset = User.objects.all().order_by('-date_joined')
     serializer_class = serializers.UserSerializer
     permission_classes = [permissions.IsAuthenticated]
+
+class AccountViewSet(viewsets.ModelViewSet):
+    queryset = models.Account.objects.all()
+    serializer_class = serializers.AccountSerializer
+    permission_classes = [permissions.IsAuthenticated]
+
+class StackViewSet(viewsets.ModelViewSet):
+    queryset = models.Stack.objects.all()
+    serializer_class = serializers.StackSerializer
+    permission_classes = [permissions.IsAuthenticated]
+
+class TransactionViewSet(viewsets.ModelViewSet):
+    queryset = models.Transaction.objects.all()
+    serializer_class = serializers.TransactionSerializer
+    permission_classes = [permissions.IsAuthenticated]
diff --git a/server/server/urls.py b/server/server/urls.py
index f4f2c34..764d4b5 100644
--- a/server/server/urls.py
+++ b/server/server/urls.py
@@ -6,6 +6,9 @@ from .api import views
 
 router = routers.DefaultRouter()
 router.register(r'users', views.UserViewSet)
+router.register(r'accounts', views.AccountViewSet)
+router.register(r'stacks', views.StackViewSet)
+router.register(r'transactions', views.TransactionViewSet)
 
 urlpatterns = [
     path('', include(router.urls)),

From fa993289b1cb6540fef32ee7801e3a8c343e2e12 Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Thu, 15 Apr 2021 00:07:12 +0000
Subject: [PATCH 3/3] Add creation time to Transaction model

---
 server/database-docs.md     | 1 +
 server/server/api/models.py | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/server/database-docs.md b/server/database-docs.md
index 9a7e610..839d70d 100644
--- a/server/database-docs.md
+++ b/server/database-docs.md
@@ -60,5 +60,6 @@ type Transaction = {
   stack_id: string
   amount: integer // cents
   details: string
+  created_at: UTC datetime ie: 2021-04-15T00:06:21.852620Z
 }
 ```
diff --git a/server/server/api/models.py b/server/server/api/models.py
index f8138e6..079757d 100644
--- a/server/server/api/models.py
+++ b/server/server/api/models.py
@@ -1,5 +1,6 @@
 from django.db import models
 from django.contrib.auth.models import User
+from django.utils import timezone
 
 import uuid
 
@@ -28,3 +29,4 @@ class Transaction(models.Model):
     id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
     details = models.TextField()
     amount = models.DecimalField(max_digits=12, decimal_places=2)
+    created_at = models.DateTimeField(default=timezone.now)