Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import sqlite3
- from flask import Flask, flash, redirect, render_template, request, session, url_for
- from flask_session import Session
- from passlib.apps import custom_app_context as pwd_context
- from tempfile import gettempdir
- from sqlalchemy import create_engine, MetaData, Table
- from helpers import *
- # configure application
- app = Flask(__name__)
- # set up SQLAlchemy
- # app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///signme.db'
- # db = SQLAlchemy(app)
- engine = create_engine('sqlite:///signme.db', convert_unicode=True)
- metadata = MetaData(bind=engine)
- # ensure responses aren't cached
- if app.config["DEBUG"]:
- @app.after_request
- def after_request(response):
- response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
- response.headers["Expires"] = 0
- response.headers["Pragma"] = "no-cache"
- return response
- # configure session to use filesystem (instead of signed cookies)
- app.config["SESSION_FILE_DIR"] = gettempdir()
- app.config["SESSION_PERMANENT"] = False
- app.config["SESSION_TYPE"] = "filesystem"
- Session(app)
- # connect to database
- # conn = sqlite3.connect('signme.db', check_same_thread=False)
- # db = conn.cursor()
- @app.route("/")
- @login_required
- def home():
- # select row from users table corresponding to the user
- user = engine.execute("SELECT * FROM user WHERE id = :id", id=session["user_id"])
- # select events from events table corresponding to the user
- # myevents = db.execute("SELECT title FROM events WHERE host = :host", host=session["user_id"])
- # select events from registrants table corresponding to the user
- #registeredevents = db.execute("SELECT title from ")
- return render_template("home.html")
- @app.route("/newevent", methods=["GET", "POST"])
- @login_required
- def newevent():
- # if user reached route via POST
- if request.method == "POST":
- # update events table
- db.execute("INSERT INTO events (title, host) VALUES (:title, :host)", title=request.form.get("title"),
- host=session["user_id"])
- # else if user reached route via GET
- #else:
- return render_template("newevent.html")
- @app.route("/login", methods=["GET", "POST"])
- def login():
- """Log user in."""
- # forget any user_id
- session.clear()
- # if user reached route via POST (as by submitting a form via POST)
- if request.method == "POST":
- # ensure username was submitted
- if not request.form.get("username"):
- return render_template("error.html", message = "Must provide username")
- # ensure password was submitted
- elif not request.form.get("password"):
- return render_template("error.html", message = "Must provide password")
- # query database for username
- rows = db.execute("SELECT * FROM users WHERE email = :email", email=request.form.get("email"))
- # ensure username exists and password is correct
- if len(rows) != 1 or not pwd_context.verify(request.form.get("password"), rows[0]["hash"]):
- return render_template("error.html", message = "Invalid username and/or password")
- # remember which user has logged in
- session["user_id"] = rows[0]["id"]
- # redirect user to home page
- return redirect(url_for("home"))
- # else if user reached route via GET (as by clicking a link or via redirect)
- else:
- return render_template("login.html")
- @app.route("/logout")
- def logout():
- """Log user out."""
- # forget any user_id
- session.clear()
- # redirect user to login form
- return redirect(url_for("login"))
- @app.route("/register", methods=["GET", "POST"])
- def register():
- """Register user."""
- # if user reached route via POST
- if request.method == "POST":
- # hash password
- hash=pwd_context.encrypt(request.form.get("password"))
- # enter new user into users
- user = db.execute("INSERT INTO users (email, password) VALUES (:email, :password)", username=request.form.get("email"),
- password=hash)
- # remember the user who has just registered
- session["user_id"] = user
- # redirect user to home page
- return redirect(url_for("home"))
- # else if user reached route via GET
- else:
- return render_template("register.html")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement