server.py

from flask import Flask, render_template, request, redirect, url_for, session
import psycopg2
import bcrypt
import misc


APP_KEY_LEN = 8


server = Flask(__name__, template_folder='templates/')



def new_user(name, password):
    suc = (True, 'User added')
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        INSERT INTO
            users
        VALUES
            (%s, %s)
        """
        cur.execute(query, (name, bcrypt.hashpw(password, bcrypt.gensalt())))
        conn.commit()
        print('User added')
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error adding a user: ', error)
        suc = (False, error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return suc



def chk_user(name, password):
    suc = (True, 'Success')
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        SELECT * FROM
            users
        WHERE 
            name = %s
        """
        cur.execute(query, (name,))
        user = cur.fetchall()[0]
        
        if user[1].encode('utf-8') == bcrypt.hashpw(password, user[1].encode('utf-8')):
            session['name'] = user[0]
            print('User logged in')
        else:
            suc = (False, 'Password or username do not match')
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error querying a user: ', error)
        suc = (False, error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return suc



def get_apps(username):
    res = []
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        SELECT * FROM
            applications
        WHERE 
            username = %s
        """
        cur.execute(query, (username,))
        res = cur.fetchall()
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error querying applications: ', error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return res



def get_app(appkey):
    res = []
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        SELECT * FROM
            applications
        WHERE 
            app_key = %s
        """
        cur.execute(query, (appkey,))
        res = cur.fetchall()
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error querying applications: ', error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return res




def new_app(name, desc):
    suc = (True, 'App created')
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        INSERT INTO
            applications
        VALUES
            (%s, %s, %s, %s)
        """
        cur.execute(query, (name, misc.rand_str(APP_KEY_LEN), session['name'], desc))
        conn.commit()
        print('App created')
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error creating app: ', error)
        suc = (False, error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return suc



def new_app_devs(appkey):
    suc = (True, 'app_devs created')
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        CREATE TABLE dev_%s (
            name VARCHAR(30) NOT NULL,
            dev_id NUMERIC(3) PRIMARY KEY,
            app_key VARCHAR(80),
            description VARCHAR(200)
            FOREIGN KEY (app_key) REFERENCES applications(app_key)
        );
        """
        cur.execute(query, (appkey,))
        conn.commit()
        print('Dev table created')
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error creating app: ', error)
        suc = (False, error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return suc





def get_devs(appkey):
    res = []
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        SELECT * FROM
            devs-%s
        """
        cur.execute(query, (appkey,))
        res = cur.fetchall()
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error querying applications: ', error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return res





@server.route('/')
def index():
    if len(session['name']) > 0:
        apps = get_apps(session['name'].encode('utf-8'))
        print(apps)
        return render_template('index.html', apps=apps)

    return render_template('index.html')



@server.route('/signup', methods=['GET', 'POST'])
def signup():
    if request.method == 'GET':
        return render_template('signup.html')
    else: 
        username = request.form['username']
        password = request.form['password'].encode('utf-8')

        if (username == '' or password == ''):
            feedback = 'Username or password fields cannot be empty'
            return render_template('signup.html', feedback=feedback)
        else:
            res, msg = new_user(username, password)
            if (not res):
                return render_template('signup.html', feedback=msg)
            else:
                session['name'] = username
        
                return redirect(url_for('index'))



@server.route('/login', methods=['GET', 'POST'])
def login():
    if request.method == 'GET':
        return render_template('login.html')
    else: 
        username = request.form['username']
        password = request.form['password'].encode('utf-8')

        if (username == '' or password == ''):
            feedback = 'Username or password fields cannot be empty'
            return render_template('login.html', feedback=feedback)
        else:
            res, msg = chk_user(username, password)
            if (not res):
                return render_template('login.html', feedback=msg)
            else:
                session['name'] = username
        
                return redirect(url_for('index'))



@server.route('/logout')
def logout():
    session.clear()
    return redirect(url_for('index'))



@server.route('/new-app')
def new_application():
    return render_template('new-app.html')



@server.route('/app', methods=['GET', 'POST'])
def app():
    if request.method == 'GET':
        app = get_app(request.form['appkey'])
        devs = get_devs(app[1])
        
        return render_template('app.html', app=app, devs=devs)
    else:
        if request.form['appname'] == '':
            error = 'Application name cannot be empty.'
            return render_template('new-app.html', feedback=error)
        else:
            res = new_app(request.form['appname'], request.form['appdesc'])
            rer = new_app_devs(request.form['appname'])
            if not res[0] or not rer[0]:
                return render_template('new-app.html', feedback=res[1]+'|'+rer[1])
            else:
                return redirect(url_for('index'))


if __name__ == '__main__':
    server.secret_key = 'sdjfklsjf^$654sd^#sPH'
    server.run(debug = True, host='0.0.0.0')