📊 Python Flask game that consolidates data from Nasdaq, allowing the user to practice buying and selling stocks.

Overview

forthebadge made-with-python

Build Status Coverage Status License: MIT Gitmoji

Web Trader

Web Trader is a trading website that consolidates data from Nasdaq, allowing the user to search up the ticker symbol and price of any stock. I employed HTML and CSS to format all the pages and used Python for the back end development. All of the user information, transactions, holdings, and balances are stored in a SQLite3 database. Not only can users search up stocks, they can buy and sell using their own funds. The goal is to end up with a large profit.

Setup

  • Clone (or download) the repository:
git clone [email protected]:Paulinakhew/web_trader.git
  • Download all the necessary packages:
  • MacOS Users
$ pip3 install -r requirements.txt
  • Linux Users
$ pip install -r requirements.txt
  • Create the sqlite3 database:
$ python3 schema.py
  • Seed the database:
$ python3 seed.py
  • Install pre-commit hook:
pre-commit install
  • Run the app locally:
$ python3 controller.py

Example Photos

This is the login menu where you can login or create a new user account. Login menu

This is the main menu that opens after you log in. Main menu

The dashboard is where you can see all of your previous transactions as well as current holdings. Dashboard

This page lets the user lookup ticker symbols and the last prices of stocks. Lookup and Quote Menu

The buy and sell menu lets the user input the ticker symbol and quantity of the stock that they want to purchase/sell. Buy and Sell Menu

SQLite3 Database

The database is created using SQLite3. There are five tables in total, each serving a different purpose. For example, the transactions table is used to store the date, number of shares, and ticker symbols of all the users' purchases. This is the code for the transactions table:

CREATE TABLE transactions(
    pk INTEGER PRIMARY KEY AUTOINCREMENT,
    ticker_symbol TEXT,
    num_shares FLOAT,
    owner_username INTEGER,
    last_price FLOAT,
    date TEXT,
    FOREIGN KEY(owner_username) REFERENCES user(username)
);

API

I used the flask_restful extension to create an api. The endpoints are as follows:

'/users'
'/transactions'
'/transactions/
   
    '
'/holdings/
    
     '

    
   

Testing

I use GitHub actions and Pytest to test the project. You can see the tests here. I also have the API Key for the Intrinio API set up as a Secret. Secrets are environment variables that are encrypted and only exposed to selected actions. Anyone with collaborator access to this repository can use these secrets in a workflow.

Security

Instead of storing passwords as plaintext, I stored the salt and the hash of the password. When users try to log in, the hashed password is compared to the hash in the database.

pwdhash = hashlib.pbkdf2_hmac(
    'sha512',
    password.encode('utf-8'),
    salt.encode('ascii'),
    100000
)

New Features

Feel free to create a GitHub issue for this repository if you have any new ideas!

Comments
  • ⬆️ Bump py from 1.9.0 to 1.10.0

    ⬆️ Bump py from 1.9.0 to 1.10.0

    Bumps py from 1.9.0 to 1.10.0.

    Changelog

    Sourced from py's changelog.

    1.10.0 (2020-12-12)

    • Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)
    • Update vendored apipkg: 1.4 => 1.5
    • Update vendored iniconfig: 1.0.0 => 1.1.1
    Commits
    • e5ff378 Update CHANGELOG for 1.10.0
    • 94cf44f Update vendored libs
    • 5e8ded5 testing: comment out an assert which fails on Python 3.9 for now
    • afdffcc Rename HOWTORELEASE.rst to RELEASING.rst
    • 2de53a6 Merge pull request #266 from nicoddemus/gh-actions
    • fa1b32e Merge pull request #264 from hugovk/patch-2
    • 887d6b8 Skip test_samefile_symlink on pypy3 on Windows
    • e94e670 Fix test_comments() in test_source
    • fef9a32 Adapt test
    • 4a694b0 Add GitHub Actions badge to README
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 1
  • App doesn't actually log the user out upon exit

    App doesn't actually log the user out upon exit

    Screen Shot 2019-03-15 at 9 40 19 PM

    • I queried the database after I finished a session as paulinakhew and it still had my account under the current_user even after I signed out
    • [x] Create a function that functions similarly to seed.py that resets the current user to the original
    • this issue is related to #14 since I need to make sure that the current user is always the seed user
    bug :bug: enhancement :sparkles: easy 😌 ui/ux :lipstick: 
    opened by Paulinakhew 1
  • User should not be able to make another account with duplicate usernames

    User should not be able to make another account with duplicate usernames

    • if the user tries this, the user fails the unique constraint in the database Screen Shot 2019-03-15 at 9 35 13 PM
    • find out a way to fix this so that the app catches it
    • [ ] Add an alert and redirect to the create user page
    • probably needs try and except statements to work
    bug :bug: enhancement :sparkles: easy 😌 ui/ux :lipstick: 
    opened by Paulinakhew 1
  • Image on Menu page not loading

    Image on Menu page not loading

    Hi Paulina!

    I tried out this app, and had an issue when rendering the menu page: screen shot 2018-09-26 at 9 06 20 pm

    I got a 403 error attempting to fetch this image. It looks like it is hosted on a third party storage platform, and doesn't have public read permissions set.

    opened by karlwithak 1
  • ⬆️ Bump certifi from 2020.12.5 to 2022.12.7

    ⬆️ Bump certifi from 2020.12.5 to 2022.12.7

    Bumps certifi from 2020.12.5 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • ⬆️ Bump jinja2 from 2.11.2 to 2.11.3

    ⬆️ Bump jinja2 from 2.11.2 to 2.11.3

    Bumps jinja2 from 2.11.2 to 2.11.3.

    Release notes

    Sourced from jinja2's releases.

    2.11.3

    This contains a fix for a speed issue with the urlize filter. urlize is likely to be called on untrusted user input. For certain inputs some of the regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became slightly stricter. The various speedups apply to urlize in general, not just the specific input cases.

    Changelog

    Sourced from jinja2's changelog.

    Version 2.11.3

    Released 2021-01-31

    • Improve the speed of the urlize filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. :pr:1343
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Add pre-commit

    Add pre-commit

    From this website pre-commit should look like this:

    repos:
      - repo: local
        hooks:
          - id: isort
            name: isort
            stages: [commit]
            language: system
            entry: pipenv run isort
            types: [python]
    
          - id: black
            name: black
            stages: [commit]
            language: system
            entry: pipenv run black
            types: [python]
    
          - id: flake8
            name: flake8
            stages: [commit]
            language: system
            entry: pipenv run flake8
            types: [python]
            exclude: setup.py
    
          - id: mypy
            name: mypy
            stages: [commit]
            language: system
            entry: pipenv run mypy
            types: [python]
            pass_filenames: false
    
          - id: pytest
            name: pytest
            stages: [commit]
            language: system
            entry: pipenv run pytest
            types: [python]
    
          - id: pytest-cov
            name: pytest
            stages: [push]
            language: system
            entry: pipenv run pytest --cov --cov-fail-under=100
            types: [python]
            pass_filenames: false
    
    opened by Paulinakhew 0
  • Implement a transactions class that replaces the return_list

    Implement a transactions class that replaces the return_list

    The return list currently looks like this

        return_list = (
            last_price,
            brokerage_fee,
            current_balance,
            trade_volume,
            agg_balance,
            username,
            ticker_symbol,
            current_number_shares
        )
    
    enhancement :sparkles: hard 😰 high priority 🚨 
    opened by Paulinakhew 0
  • Implement password hashing

    Implement password hashing

    Passwords should not be stored in the database in case it is hacked. Instead, I have stored salt and key that is compared to the user's hashed password

    enhancement :sparkles: ui/ux :lipstick: 
    opened by Paulinakhew 0
Owner
Paulina Khew
Third year Systems Design Engineering student at the University of Waterloo. Developer intern at Shopify on the Docs and API Libraries team.
Paulina Khew
Recommendations from Cramer: On the show Mad-Money (CNBC) Jim Cramer picks stocks which he recommends to buy. We will use this data to build a portfolio

Backtesting the "Cramer Effect" & Recommendations from Cramer Recommendations from Cramer: On the show Mad-Money (CNBC) Jim Cramer picks stocks which

Gábor Vecsei 12 Aug 30, 2022
A tax calculator for stocks and dividends activities.

Revolut Stocks calculator for Bulgarian National Revenue Agency Information Processing and calculating the required information about stock possession

Doino Gretchenliev 200 Oct 25, 2022
PostQF is a user-friendly Postfix queue data filter which operates on data produced by postqueue -j.

PostQF Copyright © 2022 Ralph Seichter PostQF is a user-friendly Postfix queue data filter which operates on data produced by postqueue -j. See the ma

Ralph Seichter 11 Nov 24, 2022
Amundsen is a metadata driven application for improving the productivity of data analysts, data scientists and engineers when interacting with data.

Amundsen is a metadata driven application for improving the productivity of data analysts, data scientists and engineers when interacting with data.

Amundsen 3.7k Jan 3, 2023
Elementary is an open-source data reliability framework for modern data teams. The first module of the framework is data lineage.

Data lineage made simple, reliable, and automated. Effortlessly track the flow of data, understand dependencies and analyze impact. Features Visualiza

null 898 Jan 9, 2023
Weather analysis with Python, SQLite, SQLAlchemy, and Flask

Surf's Up Weather analysis with Python, SQLite, SQLAlchemy, and Flask Overview The purpose of this analysis was to examine weather trends (precipitati

Art Tucker 1 Sep 5, 2021
🧪 Panel-Chemistry - exploratory data analysis and build powerful data and viz tools within the domain of Chemistry using Python and HoloViz Panel.

???? ??. The purpose of the panel-chemistry project is to make it really easy for you to do DATA ANALYSIS and build powerful DATA AND VIZ APPLICATIONS within the domain of Chemistry using using Python and HoloViz Panel.

Marc Skov Madsen 97 Dec 8, 2022
Created covid data pipeline using PySpark and MySQL that collected data stream from API and do some processing and store it into MYSQL database.

Created covid data pipeline using PySpark and MySQL that collected data stream from API and do some processing and store it into MYSQL database.

null 2 Nov 20, 2021
Python data processing, analysis, visualization, and data operations

Python This is a Python data processing, analysis, visualization and data operations of the source code warehouse, book ISBN: 9787115527592 Descriptio

FangWei 1 Jan 16, 2022
PrimaryBid - Transform application Lifecycle Data and Design and ETL pipeline architecture for ingesting data from multiple sources to redshift

Transform application Lifecycle Data and Design and ETL pipeline architecture for ingesting data from multiple sources to redshift This project is composed of two parts: Part1 and Part2

Emmanuel Boateng Sifah 1 Jan 19, 2022
Tuplex is a parallel big data processing framework that runs data science pipelines written in Python at the speed of compiled code

Tuplex is a parallel big data processing framework that runs data science pipelines written in Python at the speed of compiled code. Tuplex has similar Python APIs to Apache Spark or Dask, but rather than invoking the Python interpreter, Tuplex generates optimized LLVM bytecode for the given pipeline and input data set.

Tuplex 791 Jan 4, 2023
Catalogue data - A Python Scripts to prepare catalogue data

catalogue_data Scripts to prepare catalogue data. Setup Clone this repo. Install

BigScience Workshop 3 Mar 3, 2022
fds is a tool for Data Scientists made by DAGsHub to version control data and code at once.

Fast Data Science, AKA fds, is a CLI for Data Scientists to version control data and code at once, by conveniently wrapping git and dvc

DAGsHub 359 Dec 22, 2022
Demonstrate the breadth and depth of your data science skills by earning all of the Databricks Data Scientist credentials

Data Scientist Learning Plan Demonstrate the breadth and depth of your data science skills by earning all of the Databricks Data Scientist credentials

Trung-Duy Nguyen 27 Nov 1, 2022
A data parser for the internal syncing data format used by Fog of World.

A data parser for the internal syncing data format used by Fog of World. The parser is not designed to be a well-coded library with good performance, it is more like a demo for showing the data structure.

Zed(Zijun) Chen 40 Dec 12, 2022
Fancy data functions that will make your life as a data scientist easier.

WhiteBox Utilities Toolkit: Tools to make your life easier Fancy data functions that will make your life as a data scientist easier. Installing To ins

WhiteBox 3 Oct 3, 2022
A Big Data ETL project in PySpark on the historical NYC Taxi Rides data

Processing NYC Taxi Data using PySpark ETL pipeline Description This is an project to extract, transform, and load large amount of data from NYC Taxi

Unnikrishnan 2 Dec 12, 2021
Utilize data analytics skills to solve real-world business problems using Humana’s big data

Humana-Mays-2021-HealthCare-Analytics-Case-Competition- The goal of the project is to utilize data analytics skills to solve real-world business probl

Yongxian (Caroline) Lun 1 Dec 27, 2021