def login():
""" login route, allows registered users to login """
form = LoginForm(request.form)
if form.validate_on_submit():
# setting session.permanent = True paradoxically tells flask that the session
# should be invalidated after the PERMANENT_SESSION_LIFETIME (2 mins in this case)
# has expired
session.permanent = True
# handy-dandy convenience function from Flask-Login to log in the user and add them
# to the session
login_user(form.user)
# Tell flask-principal that the identity has changed
identity_changed.send(
current_app._get_current_object(), identity=Identity(form.user.id)
)
# update user's log in time
hist = AuthHistory(login=datetime.now())
form.user.auth_histories.append(hist)
db.session.add(hist)
db.session.commit()
flash("success, you are logged in.", "success")
flash("success", "result")
# return redirect(url_for("index"))
else:
flash_errors(form, category="result")
flash("Error", "result")
return render_template("auth/login.html", form=form)
def auth_history():
"""route for admins to see the login and logout history of other users"""
hist_list = []
user_exists = False
user_id = None
form = AuthHistoryForm(request.form)
if form.validate_on_submit():
user_id = form.userid.data
user_obj = User.query.filter_by(username=user_id).first()
user_exists = user_obj is not None
if user_exists:
hist_list = user_obj.auth_histories
else:
flash_errors(form)
return render_template(
"history/auth_history.html",
form=form,
hist_list=hist_list,
user_exists=user_exists,
user_id=user_id,
)
def register():
""" registration route, allows new users to sign up """
form = RegisterForm(request.form)
# .validate_on_submit() is a Flask-WTF convenience function to check that the
# request is a POST and that the form data is valid
if form.validate_on_submit():
new_user = User(username=form.username.data, two_factor=form.two_factor.data,)
new_user.set_password(form.password.data)
db.session.add(new_user)
db.session.commit()
flash("success, Thank you for registering, you can now log in.", "success")
# return redirect(url_for("auth.login"))
else:
flash_errors(form, category="result")
return render_template("auth/register.html", form=form)
def home():
"""Home page."""
form = LoginForm(request.form)
current_app.logger.info("Hello from the home page!")
# Handle logging in
if request.method == "POST":
if form.validate_on_submit():
login_user(form.user)
flash("Successfully logged in.", "success")
redirect_url = request.args.get("next") or url_for(
"user.profile.account")
return redirect(redirect_url)
else:
flash_errors(form)
return render_template("home.html", form=form)
def register():
"""Register new user."""
form = RegisterForm(request.form)
if form.validate_on_submit():
User.create(
username=form.username.data,
email=form.email.data,
password=form.password.data,
active=True,
)
flash("Thank you for registering. You can now log in.", "success")
return redirect(url_for("homepage.index.home"))
else:
flash_errors(form)
return render_template("register.html", form=form)
def spell():
""" route for authenticated users to input text for spell-checking """
form = SpellForm(request.form)
result = ""
text = ""
if form.validate_on_submit():
text = form.inputtext.data
# since the spell_check binary requires input text to be written to file
# we keep a input.txt file that we can clear the contents and write the
# new text to be checked for each submission
with open(r"./app/input.txt", "r+") as f:
f.truncate(0)
f.write(text)
# subprocess allows us to run the binary spell_check file from our submodule
result = subprocess.check_output([
# location of the spell_check binary
r"./app/lib/a.out",
# r"./app/lib/spell_check",
# location of the input.txt file that we just wrote the input to
r"./app/input.txt",
# location of the dictionary file to check the text against
r"./app/lib/wordlist.txt",
])
# decode the returned text so that we can read it nicely
result = result.decode("utf-8").strip()
# clear after use so as to not leave clues around about what people are
# searching for
with open(r"./app/input.txt", "r+") as f:
f.truncate(0)
# persist the user's question
q = Question(text=text, result=result, user_id=current_user.id)
db.session.add(q)
db.session.commit()
flash("success", "success")
else:
flash_errors(form, category="result")
return render_template("spell/index.html",
form=form,
orig_text=text,
result=result)
def history():
""" route for authenticated users to review their question history """
q_list = []
user_exists = False
user_id = None
is_admin = False
if admin_perm.can():
is_admin = True
user_id = current_user.id
user_exists = True
q_list = User.query.get(current_user.id).questions
else:
user_exists = True
user_id = current_user.id
q_list = User.query.get(user_id).questions
form = HistoryForm(request.form)
if form.validate_on_submit():
user_id = form.userquery.data
user_obj = User.query.filter_by(username=user_id).first()
user_exists = user_obj is not None
if user_exists:
history_perm = SeeHistoryPermission(user_obj.id)
if not history_perm.can():
abort(403)
q_list = user_obj.questions
elif is_admin:
flash_errors(form)
return render_template(
"history/history.html",
form=form,
q_list=q_list,
user_exists=user_exists,
user_id=user_id,
is_admin=is_admin,
)