API tools faq
paste
Advertisement
Guest User

project

a guest
Nov 25th, 2016
206
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.41 KB | None | 0 0
raw download clone embed print report
  1. import sqlite3
  2. from flask import Flask, flash, redirect, render_template, request, session, url_for
  3. from flask_session import Session
  4. from passlib.apps import custom_app_context as pwd_context
  5. from tempfile import gettempdir
  6. from sqlalchemy import create_engine, MetaData, Table
  7.  
  8. from helpers import *
  9.  
  10. # configure application
  11. app = Flask(__name__)
  12.  
  13. # set up SQLAlchemy
  14. # app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///signme.db'
  15. # db = SQLAlchemy(app)
  16. engine = create_engine('sqlite:///signme.db', convert_unicode=True)
  17. metadata = MetaData(bind=engine)
  18.  
  19. # ensure responses aren't cached
  20. if app.config["DEBUG"]:
  21.     @app.after_request
  22.     def after_request(response):
  23.         response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
  24.         response.headers["Expires"] = 0
  25.         response.headers["Pragma"] = "no-cache"
  26.         return response
  27.  
  28. # configure session to use filesystem (instead of signed cookies)
  29. app.config["SESSION_FILE_DIR"] = gettempdir()
  30. app.config["SESSION_PERMANENT"] = False
  31. app.config["SESSION_TYPE"] = "filesystem"
  32. Session(app)
  33.  
  34. # connect to database
  35. # conn = sqlite3.connect('signme.db', check_same_thread=False)
  36. # db = conn.cursor()
  37.  
  38.  
  39. @app.route("/")
  40. @login_required
  41. def home():
  42.     # select row from users table corresponding to the user
  43.     user = engine.execute("SELECT * FROM user WHERE id = :id", id=session["user_id"])
  44.    
  45.     # select events from events table corresponding to the user
  46.     # myevents = db.execute("SELECT title FROM events WHERE host = :host", host=session["user_id"])
  47.    
  48.     # select events from registrants table corresponding to the user
  49.     #registeredevents = db.execute("SELECT title from ")
  50.    
  51.    
  52.     return render_template("home.html")
  53.  
  54. @app.route("/newevent", methods=["GET", "POST"])
  55. @login_required
  56. def newevent():
  57.    
  58.     # if user reached route via POST
  59.     if request.method == "POST":
  60.    
  61.         # update events table
  62.         db.execute("INSERT INTO events (title, host) VALUES (:title, :host)", title=request.form.get("title"),
  63.         host=session["user_id"])
  64.    
  65.     # else if user reached route via GET
  66.     #else:
  67.     return render_template("newevent.html")
  68.  
  69. @app.route("/login", methods=["GET", "POST"])
  70. def login():
  71.     """Log user in."""
  72.  
  73.     # forget any user_id
  74.     session.clear()
  75.  
  76.     # if user reached route via POST (as by submitting a form via POST)
  77.     if request.method == "POST":
  78.  
  79.         # ensure username was submitted
  80.         if not request.form.get("username"):
  81.             return render_template("error.html", message = "Must provide username")
  82.  
  83.         # ensure password was submitted
  84.         elif not request.form.get("password"):
  85.             return render_template("error.html", message = "Must provide password")
  86.  
  87.         # query database for username
  88.         rows = db.execute("SELECT * FROM users WHERE email = :email", email=request.form.get("email"))
  89.  
  90.         # ensure username exists and password is correct
  91.         if len(rows) != 1 or not pwd_context.verify(request.form.get("password"), rows[0]["hash"]):
  92.             return render_template("error.html", message = "Invalid username and/or password")
  93.  
  94.         # remember which user has logged in
  95.         session["user_id"] = rows[0]["id"]
  96.  
  97.         # redirect user to home page
  98.         return redirect(url_for("home"))
  99.  
  100.     # else if user reached route via GET (as by clicking a link or via redirect)
  101.     else:
  102.         return render_template("login.html")
  103.  
  104. @app.route("/logout")
  105. def logout():
  106.     """Log user out."""
  107.  
  108.     # forget any user_id
  109.     session.clear()
  110.  
  111.     # redirect user to login form
  112.     return redirect(url_for("login"))
  113.    
  114.  
  115. @app.route("/register", methods=["GET", "POST"])
  116. def register():
  117.     """Register user."""
  118.    
  119.     # if user reached route via POST
  120.     if request.method == "POST":
  121.        
  122.         # hash password
  123.         hash=pwd_context.encrypt(request.form.get("password"))
  124.        
  125.         # enter new user into users
  126.         user = db.execute("INSERT INTO users (email, password) VALUES (:email, :password)", username=request.form.get("email"),
  127.         password=hash)
  128.        
  129.         # remember the user who has just registered
  130.         session["user_id"] = user
  131.        
  132.         # redirect user to home page
  133.         return redirect(url_for("home"))
  134.        
  135.     # else if user reached route via GET
  136.     else:
  137.         return render_template("register.html")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!