Paulinakhew / web_trader

πŸ“Š Python Flask game that consolidates data from Nasdaq, allowing the user to practice buying and selling stocks.
MIT License
27 stars 19 forks source link
api bootstrap css finance flask-restful html nasdaq password-hash profit python sqlite3 sqlite3-database stock stock-market trading transaction web-trader

forthebadge made-with-python

Build Status Coverage Status License: MIT

Gitmoji

Web Trader

Web Trader is a trading website that consolidates data from Nasdaq, allowing the user to search up the ticker symbol and price of any stock. I employed HTML and CSS to format all the pages and used Python for the back end development. All of the user information, transactions, holdings, and balances are stored in a SQLite3 database. Not only can users search up stocks, they can buy and sell using their own funds. The goal is to end up with a large profit.

Setup

Example Photos

This is the login menu where you can login or create a new user account. Login menu

This is the main menu that opens after you log in. Main menu

The dashboard is where you can see all of your previous transactions as well as current holdings. Dashboard

This page lets the user lookup ticker symbols and the last prices of stocks. Lookup and Quote Menu

The buy and sell menu lets the user input the ticker symbol and quantity of the stock that they want to purchase/sell. Buy and Sell Menu

SQLite3 Database

The database is created using SQLite3. There are five tables in total, each serving a different purpose. For example, the transactions table is used to store the date, number of shares, and ticker symbols of all the users' purchases. This is the code for the transactions table:

CREATE TABLE transactions(
    pk INTEGER PRIMARY KEY AUTOINCREMENT,
    ticker_symbol TEXT,
    num_shares FLOAT,
    owner_username INTEGER,
    last_price FLOAT,
    date TEXT,
    FOREIGN KEY(owner_username) REFERENCES user(username)
);

API

I used the flask_restful extension to create an api. The endpoints are as follows:

'/users'
'/transactions'
'/transactions/<username>'
'/holdings/<username>'

Testing

I use GitHub actions and Pytest to test the project. You can see the tests here. I also have the API Key for the Intrinio API set up as a Secret. Secrets are environment variables that are encrypted and only exposed to selected actions. Anyone with collaborator access to this repository can use these secrets in a workflow.

Security

Instead of storing passwords as plaintext, I stored the salt and the hash of the password. When users try to log in, the hashed password is compared to the hash in the database.

pwdhash = hashlib.pbkdf2_hmac(
    'sha512',
    password.encode('utf-8'),
    salt.encode('ascii'),
    100000
)

New Features :sparkles:

Feel free to create a GitHub issue for this repository if you have any new ideas!