📊 Python Flask game that consolidates data from Nasdaq, allowing the user to practice buying and selling stocks.

Last update: Aug 30, 2022

Overview

Web Trader

Web Trader is a trading website that consolidates data from Nasdaq, allowing the user to search up the ticker symbol and price of any stock. I employed HTML and CSS to format all the pages and used Python for the back end development. All of the user information, transactions, holdings, and balances are stored in a SQLite3 database. Not only can users search up stocks, they can buy and sell using their own funds. The goal is to end up with a large profit.

Setup

Clone (or download) the repository:

git clone [email protected]:Paulinakhew/web_trader.git

Download all the necessary packages:

MacOS Users

$ pip3 install -r requirements.txt

Linux Users

$ pip install -r requirements.txt

Create the sqlite3 database:

$ python3 schema.py

Seed the database:

$ python3 seed.py

Install pre-commit hook:

pre-commit install

Run the app locally:

$ python3 controller.py

Paste http://127.0.0.1:5000 into your web browser and have fun! 🤩

Example Photos

This is the login menu where you can login or create a new user account.

This is the main menu that opens after you log in.

The dashboard is where you can see all of your previous transactions as well as current holdings.

This page lets the user lookup ticker symbols and the last prices of stocks.

The buy and sell menu lets the user input the ticker symbol and quantity of the stock that they want to purchase/sell.

SQLite3 Database

The database is created using SQLite3. There are five tables in total, each serving a different purpose. For example, the transactions table is used to store the date, number of shares, and ticker symbols of all the users' purchases. This is the code for the transactions table:

CREATE TABLE transactions(
    pk INTEGER PRIMARY KEY AUTOINCREMENT,
    ticker_symbol TEXT,
    num_shares FLOAT,
    owner_username INTEGER,
    last_price FLOAT,
    date TEXT,
    FOREIGN KEY(owner_username) REFERENCES user(username)
);

API

I used the flask_restful extension to create an api. The endpoints are as follows:

'/users'
'/transactions'
'/transactions/
   
    '
'/holdings/
    
     '

Testing

I use GitHub actions and Pytest to test the project. You can see the tests here. I also have the API Key for the Intrinio API set up as a Secret. Secrets are environment variables that are encrypted and only exposed to selected actions. Anyone with collaborator access to this repository can use these secrets in a workflow.

Security

Instead of storing passwords as plaintext, I stored the salt and the hash of the password. When users try to log in, the hashed password is compared to the hash in the database.

pwdhash = hashlib.pbkdf2_hmac(
    'sha512',
    password.encode('utf-8'),
    salt.encode('ascii'),
    100000
)

New Features ✨

Feel free to create a GitHub issue for this repository if you have any new ideas!

Comments

⬆️ Bump py from 1.9.0 to 1.10.0
Bumps py from 1.9.0 to 1.10.0.

Changelog

Sourced from py's changelog.

1.10.0 (2020-12-12)

Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)

Update vendored apipkg: 1.4 => 1.5

Update vendored iniconfig: 1.0.0 => 1.1.1

Commits

e5ff378 Update CHANGELOG for 1.10.0

94cf44f Update vendored libs

5e8ded5 testing: comment out an assert which fails on Python 3.9 for now

afdffcc Rename HOWTORELEASE.rst to RELEASING.rst

2de53a6 Merge pull request #266 from nicoddemus/gh-actions

fa1b32e Merge pull request #264 from hugovk/patch-2

887d6b8 Skip test_samefile_symlink on pypy3 on Windows

e94e670 Fix test_comments() in test_source

fef9a32 Adapt test

4a694b0 Add GitHub Actions badge to README

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies python
opened by dependabot[bot] 1
App doesn't actually log the user out upon exit
I queried the database after I finished a session as paulinakhew and it still had my account under the current_user even after I signed out

[x] Create a function that functions similarly to seed.py that resets the current user to the original

this issue is related to #14 since I need to make sure that the current user is always the seed user

bug :bug: enhancement :sparkles: easy 😌 ui/ux :lipstick:
opened by Paulinakhew 1
User should not be able to make another account with duplicate usernames
if the user tries this, the user fails the unique constraint in the database

find out a way to fix this so that the app catches it

[ ] Add an alert and redirect to the create user page

probably needs try and except statements to work

bug :bug: enhancement :sparkles: easy 😌 ui/ux :lipstick:
opened by Paulinakhew 1
Image on Menu page not loading

Hi Paulina!

I tried out this app, and had an issue when rendering the menu page:

I got a 403 error attempting to fetch this image. It looks like it is hosted on a third party storage platform, and doesn't have public read permissions set.

opened by karlwithak 1
⬆️ Bump certifi from 2020.12.5 to 2022.12.7
Bumps certifi from 2020.12.5 to 2022.12.7.

Commits

9e9e840 2022.12.07

b81bdb2 2022.09.24

939a28f 2022.09.14

aca828a 2022.06.15.2

de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...

b8eb5e9 2022.06.15.1

47fb7ab Fix deprecation warning on Python 3.11 (#199)

b0b48e0 fixes #198 -- update link in license

9d514b4 2022.06.15

4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies python
opened by dependabot[bot] 0
⬆️ Bump jinja2 from 2.11.2 to 2.11.3
Bumps jinja2 from 2.11.2 to 2.11.3.

Release notes

Sourced from jinja2's releases.

2.11.3

This contains a fix for a speed issue with the urlize filter. urlize is likely to be called on untrusted user input. For certain inputs some of the regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became slightly stricter. The various speedups apply to urlize in general, not just the specific input cases.

PyPI: https://pypi.org/project/Jinja2/2.11.3/

Changes: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3

Changelog

Sourced from jinja2's changelog.

Version 2.11.3

Released 2021-01-31

Improve the speed of the urlize filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. :pr:1343

Commits

cf21539 release version 2.11.3

15ef8f0 Merge pull request #1343 from pallets/urlize-speedup

ef658dc speed up urlize matching

eeca0fe Merge pull request #1207 from mhansen/patch-1

2dd7691 Merge pull request #1209 from mhansen/patch-3

4892940 do_dictsort: update example ready to copy/paste

7db7d33 api.rst: bugfix in docs, import PackageLoader

9ec465b fix changelog header

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies python
opened by dependabot[bot] 0

Add pre-commit

From this website pre-commit should look like this:

repos:
  - repo: local
    hooks:
      - id: isort
        name: isort
        stages: [commit]
        language: system
        entry: pipenv run isort
        types: [python]

      - id: black
        name: black
        stages: [commit]
        language: system
        entry: pipenv run black
        types: [python]

      - id: flake8
        name: flake8
        stages: [commit]
        language: system
        entry: pipenv run flake8
        types: [python]
        exclude: setup.py

      - id: mypy
        name: mypy
        stages: [commit]
        language: system
        entry: pipenv run mypy
        types: [python]
        pass_filenames: false

      - id: pytest
        name: pytest
        stages: [commit]
        language: system
        entry: pipenv run pytest
        types: [python]

      - id: pytest-cov
        name: pytest
        stages: [push]
        language: system
        entry: pipenv run pytest --cov --cov-fail-under=100
        types: [python]
        pass_filenames: false

opened by Paulinakhew 0

Implement a transactions class that replaces the return_list

The return list currently looks like this

    return_list = (
        last_price,
        brokerage_fee,
        current_balance,
        trade_volume,
        agg_balance,
        username,
        ticker_symbol,
        current_number_shares
    )

enhancement :sparkles: hard 😰 high priority 🚨

opened by Paulinakhew 0

Implement password hashing

Passwords should not be stored in the database in case it is hacked. Instead, I have stored salt and key that is compared to the user's hashed password
enhancement :sparkles: ui/ux :lipstick:

opened by Paulinakhew 0

Owner

Paulina Khew

Third year Systems Design Engineering student at the University of Waterloo. Developer intern at Shopify on the Docs and API Libraries team.

GitHub

Recommendations from Cramer: On the show Mad-Money (CNBC) Jim Cramer picks stocks which he recommends to buy. We will use this data to build a portfolio

Backtesting the "Cramer Effect" & Recommendations from Cramer Recommendations from Cramer: On the show Mad-Money (CNBC) Jim Cramer picks stocks which

12 Aug 30, 2022

A tax calculator for stocks and dividends activities.

Revolut Stocks calculator for Bulgarian National Revenue Agency Information Processing and calculating the required information about stock possession

200 Oct 25, 2022

PostQF is a user-friendly Postfix queue data filter which operates on data produced by postqueue -j.

11 Nov 24, 2022

Amundsen is a metadata driven application for improving the productivity of data analysts, data scientists and engineers when interacting with data.

3.7k Jan 3, 2023

Elementary is an open-source data reliability framework for modern data teams. The first module of the framework is data lineage.

Data lineage made simple, reliable, and automated. Effortlessly track the flow of data, understand dependencies and analyze impact. Features Visualiza

898 Jan 9, 2023

Weather analysis with Python, SQLite, SQLAlchemy, and Flask

Surf's Up Weather analysis with Python, SQLite, SQLAlchemy, and Flask Overview The purpose of this analysis was to examine weather trends (precipitati

1 Sep 5, 2021

🧪 Panel-Chemistry - exploratory data analysis and build powerful data and viz tools within the domain of Chemistry using Python and HoloViz Panel.

???? ??. The purpose of the panel-chemistry project is to make it really easy for you to do DATA ANALYSIS and build powerful DATA AND VIZ APPLICATIONS within the domain of Chemistry using using Python and HoloViz Panel.

97 Dec 8, 2022

Created covid data pipeline using PySpark and MySQL that collected data stream from API and do some processing and store it into MYSQL database.

2 Nov 20, 2021

Python data processing, analysis, visualization, and data operations

Python This is a Python data processing, analysis, visualization and data operations of the source code warehouse, book ISBN: 9787115527592 Descriptio

1 Jan 16, 2022

PrimaryBid - Transform application Lifecycle Data and Design and ETL pipeline architecture for ingesting data from multiple sources to redshift

Transform application Lifecycle Data and Design and ETL pipeline architecture for ingesting data from multiple sources to redshift This project is composed of two parts: Part1 and Part2

1 Jan 19, 2022

Tuplex is a parallel big data processing framework that runs data science pipelines written in Python at the speed of compiled code

Tuplex is a parallel big data processing framework that runs data science pipelines written in Python at the speed of compiled code. Tuplex has similar Python APIs to Apache Spark or Dask, but rather than invoking the Python interpreter, Tuplex generates optimized LLVM bytecode for the given pipeline and input data set.

791 Jan 4, 2023

Catalogue data - A Python Scripts to prepare catalogue data

catalogue_data Scripts to prepare catalogue data. Setup Clone this repo. Install

3 Mar 3, 2022

fds is a tool for Data Scientists made by DAGsHub to version control data and code at once.

Fast Data Science, AKA fds, is a CLI for Data Scientists to version control data and code at once, by conveniently wrapping git and dvc

359 Dec 22, 2022

Demonstrate the breadth and depth of your data science skills by earning all of the Databricks Data Scientist credentials

Data Scientist Learning Plan Demonstrate the breadth and depth of your data science skills by earning all of the Databricks Data Scientist credentials

27 Nov 1, 2022