server.py 3.34 KB
Newer Older
1
2
from flask import Flask, render_template, request, redirect, url_for, session
import psycopg2
Vladislav Rykov's avatar
Vladislav Rykov committed
3
4
import bcrypt

5
6
7
8
9
10
11
12
13
14
15
16
17
18

app = Flask(__name__, template_folder='templates/')

def new_user(name, password):
    suc = (True, 'User added')
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
        INSERT INTO
            users
        VALUES
            (%s, %s)
        """
Vladislav Rykov's avatar
Vladislav Rykov committed
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
        cur.execute(query, (name, bcrypt.hashpw(password, bcrypt.gensalt())))
        conn.commit()
        print('User added')
    except (Exception, psycopg2.DatabaseError) as error:
        print('Error adding a user: ', error)
        suc = (False, error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return suc

def chk_user(name, password):
    suc = (True, 'Success')
    try:
        conn = psycopg2.connect('dbname=gateway')
        cur  = conn.cursor()
        query = """
Vladislav Rykov's avatar
Vladislav Rykov committed
38
        SELECT * FROM
Vladislav Rykov's avatar
Vladislav Rykov committed
39
            users
Vladislav Rykov's avatar
Vladislav Rykov committed
40
41
        WHERE 
            name = %s
Vladislav Rykov's avatar
Vladislav Rykov committed
42
        """
Vladislav Rykov's avatar
Vladislav Rykov committed
43
44
45
46
47
48
49
50
        cur.execute(query, (name,))
        user = cur.fetchall()[0]
        
        if user[1].encode('utf-8') == bcrypt.hashpw(password, user[1].encode('utf-8')):
            session['name'] = user[0]
            print('User logged in')
        else:
            suc = (False, 'Password or username do not match')
51
    except (Exception, psycopg2.DatabaseError) as error:
Vladislav Rykov's avatar
Vladislav Rykov committed
52
        print('Error querying a user: ', error)
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
        suc = (False, error)
    finally:
        if (conn):
            cur.close()
            conn.close()
        
    return suc


@app.route('/')
def index():
    return render_template('index.html')

@app.route('/signup', methods=['GET', 'POST'])
def signup():
    if request.method == 'GET':
        return render_template('signup.html')
    else: 
        username = request.form['username']
Vladislav Rykov's avatar
Vladislav Rykov committed
72
        password = request.form['password'].encode('utf-8')
73
74
75
76
77
78
79
80

        if (username == '' or password == ''):
            feedback = 'Username or password fields cannot be empty'
            return render_template('signup.html', feedback=feedback)
        else:
            res, msg = new_user(username, password)
            if (not res):
                return render_template('signup.html', feedback=msg)
Vladislav Rykov's avatar
Vladislav Rykov committed
81
82
            else:
                session['name'] = username
83
        
Vladislav Rykov's avatar
Vladislav Rykov committed
84
                return redirect(url_for('index'))
85

Vladislav Rykov's avatar
Vladislav Rykov committed
86
@app.route('/login', methods=['GET', 'POST'])
Vladislav Rykov's avatar
Vladislav Rykov committed
87
def login():
Vladislav Rykov's avatar
Vladislav Rykov committed
88
89
90
91
    if request.method == 'GET':
        return render_template('login.html')
    else: 
        username = request.form['username']
Vladislav Rykov's avatar
Vladislav Rykov committed
92
        password = request.form['password'].encode('utf-8')
Vladislav Rykov's avatar
Vladislav Rykov committed
93
94
95
96
97
98
99

        if (username == '' or password == ''):
            feedback = 'Username or password fields cannot be empty'
            return render_template('login.html', feedback=feedback)
        else:
            res, msg = chk_user(username, password)
            if (not res):
Vladislav Rykov's avatar
Vladislav Rykov committed
100
101
102
                return render_template('login.html', feedback=msg)
            else:
                session['name'] = username
Vladislav Rykov's avatar
Vladislav Rykov committed
103
        
Vladislav Rykov's avatar
Vladislav Rykov committed
104
105
106
107
108
109
110
                return redirect(url_for('index'))


@app.route('/logout')
def logout():
    session.clear()
    return redirect(url_for('index'))
Vladislav Rykov's avatar
Vladislav Rykov committed
111
112


113
114
115
116
117
118
119
@app.route('/apps')
def apps():
    return '<h1>Manage your apps, ' + app.conf['username'] + '</h1>'

if __name__ == '__main__':
    app.secret_key = 'sdjfklsjf^$654sd^#sPH'
    app.run(debug = True, host='0.0.0.0')