import flaskfrom flask import Flask, Response, request, render_template, redir

1. import flask
2. from flask import Flask, Response, request, render_template, redirect, url_for
3. from flaskext.mysql import MySQL
4. import flask.ext.login as flask_login
5. import time
6. #for image uploading
7. from werkzeug import secure_filename
8. import os, base64
9.  
10. mysql = MySQL()
11. app = Flask(__name__)
12. app.secret_key = 'super secret string' # Change this!
13.  
14. #These will need to be changed according to your creditionals
15. app.config['MYSQL_DATABASE_USER'] = 'root'
16. app.config['MYSQL_DATABASE_PASSWORD'] = 'password'
17. app.config['MYSQL_DATABASE_DB'] = "photoshare"
18. app.config['MYSQL_DATABASE_HOST'] = '127.0.0.1'
19. mysql.init_app(app)
20.  
21. #begin code used for login
22. login_manager = flask_login.LoginManager()
23. login_manager.init_app(app)
24.  
25. conn = mysql.connect()
26. cursor = conn.cursor()
27. cursor.execute("SELECT email from Users")
28. users = cursor.fetchall()
29.  
30. def getUserList():
31. cursor = conn.cursor()
32. cursor.execute("SELECT email from Users")
33. return cursor.fetchall()
34.  
35. class User(flask_login.UserMixin):
36. pass
37.  
38. @login_manager.user_loader
39. def user_loader(email):
40. users = getUserList()
41. if not(email) or email not in str(users):
42. return
43. user = User()
44. user.id = email
45. return user
46.  
47. @login_manager.request_loader
48. def request_loader(request):
49. users = getUserList()
50. email = request.form.get('email')
51. if not(email) or email not in str(users):
52. return
53. user = User()
54. user.id = email
55. cursor = mysql.connect().cursor()
56. cursor.execute("SELECT password FROM Users WHERE email = '{0}'".format(email))
57. data = cursor.fetchall()
58. pwd = str(data[0][0] )
59. user.is_authenticated = request.form['password'] == pwd
60. return user
61.  
62. '''
63. A new page looks like this:
64. @app.route('new_page_name')
65. def new_page_function():
66. return new_page_html
67. '''
68.  
69. @app.route('/login', methods=['GET', 'POST'])
70. def login():
71. if flask.request.method == 'GET':
72. return '''
73. <form action='login' method='POST'>
74. <input type='text' name='email' id='email' placeholder='email'></input>
75. <input type='password' name='password' id='password' placeholder='password'></input>
76. <input type='submit' name='submit'></input>
77. </form></br>
78. <a href='/'>Home</a>
79. '''
80. #The request method is POST (page is recieving data)
81. email = flask.request.form['email']
82. cursor = conn.cursor()
83. #check if email is registered
84. if cursor.execute("SELECT password FROM Users WHERE email = '{0}'".format(email)):
85. data = cursor.fetchall()
86. pwd = str(data[0][0] )
87. if flask.request.form['password'] == pwd:
88. user = User()
89. user.id = email
90. flask_login.login_user(user) #okay login in user
91. return flask.redirect(flask.url_for('protected')) #protected is a function defined in this file
92.  
93. #information did not match
94. return "<a href='/login'>Try again</a>\
95. </br><a href='/register'>or make an account</a>"
96.  
97. @app.route('/logout')
98. def logout():
99. flask_login.logout_user()
100. return render_template('hello.html', message='Logged out', users=findTopUsers())
101.  
102. @login_manager.unauthorized_handler
103. def unauthorized_handler():
104. return render_template('unauth.html')
105.  
106. #you can specify specific methods (GET/POST) in function header instead of inside the functions as seen earlier
107. @app.route("/register", methods=['GET'])
108. def register():
109. return render_template('register.html', supress='True')
110.  
111. @app.route("/register", methods=['POST'])
112. def register_user():
113. try:
114. email=request.form.get('email')
115. password=request.form.get('password')
116. first_name=request.form.get('first_name')
117. last_name=request.form.get('last_name')
118. if request.form.get("hometown"):
119. hometown = request.form.get("hometown")
120. else:
121. hometown = "NULL"
122. if request.form.get("gender"):
123. gender = request.form.get("gender")
124. else:
125. gender = None
126. dob=request.form.get("dob")
127. except:
128. print "couldn't find all tokens" #this prints to shell, end users will not see this (all print statements go to shell)
129. return flask.redirect(flask.url_for('register'))
130. cursor = conn.cursor()
131. test = isEmailUnique(email)
132. if test:
133. if gender:
134. cursor.execute("INSERT INTO Users (first_name, last_name, dob, email, password, hometown, gender) VALUES ('{0}', '{1}', '{2}', '{3}', '{4}', '{5}', '{6}')".format(first_name, last_name, dob, email, password, hometown, gender))
135. else:
136. cursor.execute("INSERT INTO Users (first_name, last_name, dob, email, password, hometown) VALUES ('{0}', '{1}', '{2}', '{3}', '{4}', '{5}')".format(first_name, last_name, dob, email, password, hometown))
137.  
138. conn.commit()
139. #log user in
140. user = User()
141. user.id = email
142. flask_login.login_user(user)
143. return render_template('profile.html', name=first_name, message='Account Created!')
144. else:
145. print "couldn't find all tokens"
146. return render_template("register.html", suppress=False)
147.  
148. def getUserIdFromEmail(email):
149. cursor = conn.cursor()
150. if cursor.execute("SELECT user_id FROM Users WHERE email = '{0}'".format(email)):
151. return cursor.fetchone()[0]
152. else:
153. return None
154.  
155. def isEmailUnique(email):
156. #use this to check if a email has already been registered
157. cursor = conn.cursor()
158. if cursor.execute("SELECT email FROM Users WHERE email = '{0}'".format(email)):
159. #this means there are greater than zero entries with that email
160. return False
161. else:
162. return True
163. #end login code