def init_app(app):
db.init_app(app)
cache.init_app(app)
debug_toolbar.init_app(app)
app.template_folder = os.path.join(os.path.dirname(__file__), 'templates/')
migrate = Migrate(app, db)
# Import and register the different asset bundles
assets_env = Environment(app)
assets_env.load_path = [os.path.join(os.path.dirname(__file__), 'static')]
assets_env.directory = os.path.join(os.path.dirname(__file__), 'static')
assets_env.url = '/admin/static/'
# assets_env.register('js_all', js)
print("directory ", assets_env.directory, os.path.join(os.path.dirname(__file__), 'static/'))
assets_loader = PythonAssetsLoader(assets)
for name, bundle in list(assets_loader.load_bundles().items()):
assets_env.register(name, bundle)
# Setup user handling
from silverflask.models import User
user_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(user_adapter)
user_manager.init_app(app)
###
# SILVERFLASK
###
upload_path = os.path.join(app.instance_path, app.config["SILVERFLASK_UPLOAD_PATH"])
app.config["SILVERFLASK_ABSOLUTE_UPLOAD_PATH"] = upload_path
app.storage_backend = LocalFileStorageBackend(upload_path)
from silverflask.controllers.page_controller import SiteTreeController
app.register_blueprint(SiteTreeController.create_blueprint(app))
from silverflask.core.dev_controller import DevController
app.register_blueprint(DevController.create_blueprint(app))
from silverflask.controllers.cms_controller import CMSController, PagesCMSController, FilesCMSController, \
DataObjectCMSController
app.register_blueprint(CMSController.create_blueprint(app))
app.register_blueprint(DataObjectCMSController.create_blueprint(app))
app.register_blueprint(PagesCMSController.create_blueprint(app))
app.register_blueprint(FilesCMSController.create_blueprint(app))
from silverflask.controllers.security_controller import SecurityController
app.register_blueprint(SecurityController.create_blueprint(app))
from silverflask.core.theme import init_themes
init_themes(app)
from silverflask.controllers.main import setup_processors, init_blueprint
from silverflask.controllers.cms import bp as cms_bp
setup_processors(app)
main = init_blueprint(app)
app.register_blueprint(main)
app.register_blueprint(cms_bp, url_prefix='/admin')
# for rule in app.url_map.iter_rules():
# print(rule)
return app
def init_app(app, settings='settings/development.py'):
print "Loading config from %s" % settings
app.config.from_pyfile(settings)
from .. import views, models
db.init_app(app)
db.app = app
if not app.debug:
file_handler = FileHandler('server.log')
file_handler.setLevel(logging.INFO)
app.logger.addHandler(file_handler)
app.config['WTF_CSRF_ENABLED'] = False # Disable CSRF checks while testing
app.config['VERSION'] = __version__
# Setup Flask-Mail
mail = Mail(app)
from ..models import UserAuth, User
# from app.users.forms import MyRegisterForm
# from ..views import profile
db_adapter = SQLAlchemyAdapter(db, User, # Setup the SQLAlchemy DB Adapter
UserAuthClass=UserAuth) # using separated UserAuth/User data models
user_manager = UserManager(db_adapter, app # Init Flask-User and bind to app
)
user_manager.enable_username = False
user_manager.after_register_endpoint = 'after_register'
user_manager.password_validator = lambda x, y: True
assets = Environment(app)
css = Bundle("css/bootstrap.css",
"css/slider.css",
"css/fonts.css",
"css/prathambooks.css",
output='gen/all.css')
underscore = Bundle("lib/underscore/underscore.js",
output="gen/underscore.js")
app_js = Bundle("js/form.js",
"js/donor_form.js",
"js/start.js",
"js/admin.js",
"js/admin_graphs.js",
"js/discover.js",
"js/utils.js",
"js/tablesorter.js",
"lib/bootstrap/bootstrap.file-input.js",
"js/responsive-tabs.js",
output="gen/lib.js")
assets.register('css_site', css)
assets.register('app_js', app_js)
assets.register('underscore', underscore)
def create_app(object_name, env="prod"):
"""
An flask application factory, as explained here:
http://flask.pocoo.org/docs/patterns/appfactories/
Arguments:
object_name: the python path of the config object,
e.g. appname.settings.ProdConfig
env: The name of the current environment, e.g. prod or dev
"""
app = Flask(__name__)
app.config.from_object(object_name)
upload_path = os.path.join(app.instance_path, app.config["SILVERFLASK_UPLOAD_FOLDER"])
app.config["SILVERFLASK_ABSOLUTE_UPLOAD_PATH"] = upload_path
app.storage_backend = LocalFileStorageBackend(upload_path)
app.config['ENV'] = env
db.init_app(app)
logger.debug("DB Initialized")
# init the cache
cache.init_app(app)
debug_toolbar.init_app(app)
from silverflask.models import User
user_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(user_adapter, app)
user_manager.enable_login_without_confirm_email = True
# Import and register the different asset bundles
assets_env.init_app(app)
assets_loader = PythonAssetsLoader(assets)
for name, bundle in list(assets_loader.load_bundles().items()):
assets_env.register(name, bundle)
# register our blueprints
from silverflask.controllers.main import main
from silverflask.controllers.main import setup_processors
setup_processors(app)
from silverflask.controllers.cms import bp as cms_bp
app.register_blueprint(main)
app.register_blueprint(cms_bp, url_prefix='/admin')
with app.app_context():
db.create_all()
return app
def init_app(app, db, extra_config_settings={}):
"""
Initialize Flask applicaton
"""
# Initialize app config settings
# - settings.py is checked into Git.
# - local_settings.py is different for each deployment
# - extra_config_settings{} is specified by the automated test suite
app.config.from_object('app.config.settings') # Read config from 'app/settings.py' file
app.config.from_object('app.config.local_settings') # Overwrite with 'app/local_settings.py' file
app.config.update(extra_config_settings) # Overwrite with 'extra_config_settings' parameter
app.config['SITE'] = 'https://connect.stripe.com'
app.config['AUTHORIZE_URI'] = '/oauth/authorize'
app.config['TOKEN_URI'] = '/oauth/token'
app.config['CLIENT_ID'] = "ca_5BRgGmtDD4EblmIqw2S5tB2kJmVNFBy4"
app.config['log_email'] = os.environ("LOG_EMAIL")
if app.testing:
app.config['WTF_CSRF_ENABLED'] = True # Disable CSRF checks while testing
# Setup Flask-Mail
mail = Mail(app)
# Setup an error-logger to send emails to app.config.ADMINS
init_error_logger_with_email_handler(app)
# Setup Flask-User to handle user account related forms
from app.users.models import User, UserProfile
from app.users.forms import MyRegisterForm
db_adapter = SQLAlchemyAdapter(db, User, # Select database adapter
UserProfileClass=UserProfile) # with a custom UserProfile model
user_manager = UserManager(db_adapter, app, # Init Flask-User and bind to app
register_form=MyRegisterForm,
register_view_function=register1,
password_validator=custom_password_validator) # using a custom register form with UserProfile fields
user_manager.after_register_endpoint = 'stripe_checkout'
# Load all models.py files to register db.Models with SQLAlchemy
from app.users import models
# Load all views.py files to register @app.routes() with Flask
from app.pages import views
from app.users import views
# Automatically create all DB tables in app/app.sqlite file
db.create_all()
return app
def register_extensions(app):
db.init_app(app)
migrate.init_app(app, db)
seamless_auth.init_app(app)
ma.init_app(app)
csrf.init_app(app)
mail.init_app(app)
sg.init_app(app)
from flask_sslify import SSLify
# only trigger SSLify if the app is running on Heroku
if 'DYNO' in os.environ:
SSLify(app)
# setup flask-user
from typeseam.auth.models import User, UserInvitation
db_adapter = SQLAlchemyAdapter(
db, User, UserInvitationClass=UserInvitation)
user_manager = UserManager(db_adapter, app)
# use sendgrid for sending emails
from typeseam.auth.tasks import sendgrid_email
user_manager.send_email_function = sendgrid_email
def create_app(config=None):
"""
Application factory - this is used so that we can create a dev|test|prod application instance
based on parameter
:param config:
:return:
"""
app = Flask(__name__)
if not config:
config = 'development'
config = config_factory.get(config)
app.config.from_object(config)
# override config with env file cfg
app.config.update(os.environ)
# initialize extensions
from store.database import User
db_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adapter)
db.init_app(app)
migrate.init_app(app, db)
celery.init_app(app)
user_manager.init_app(app)
csrf.init_app(app)
# configure_uploads(app, (review_images, ))
# patch_request_class(app, Constants.MAX_FILE_SIZE)
# register blueprints
from webapp.client import client
app.register_blueprint(client)
from webapp.media import media
app.register_blueprint(media, url_prefix='/media')
return app
def setup(db, app):
# Define the User data model. Make sure to add flask.ext.user UserMixin!!
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
# User authentication information
username = db.Column(db.String(50), nullable=False, unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
reset_password_token = db.Column(db.String(100), nullable=False, server_default='')
# User email information
email = db.Column(db.String(255), nullable=False, unique=True)
confirmed_at = db.Column(db.DateTime())
# User information
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='0')
first_name = db.Column(db.String(100), nullable=False, server_default='')
last_name = db.Column(db.String(100), nullable=False, server_default='')
# Relationships
roles = db.relationship('Role', secondary='user_roles',
backref=db.backref('users', lazy='dynamic'))
# Define the Role data model
class Role(db.Model):
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles data model
class UserRoles(db.Model):
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(), db.ForeignKey('user.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(), db.ForeignKey('role.id', ondelete='CASCADE'))
# Reset all the database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adapter, app)
# Create 'user007' user with 'secret' and 'agent' roles
if not User.query.filter(User.username=='admin').first():
user_admin = User(username='******', email='*****@*****.**', active=True, password=user_manager.hash_password('admin'))
user_admin.roles.append(Role(name='admin'))
user_admin.roles.append(Role(name='secret'))
db.session.add(user_admin)
db.session.commit()
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
@babel.localeselector
def get_locale():
translations = [str(translation) for translation in babel.list_translations()]
# return request.accept_languages.best_match(translations)
# @babel.localeselector
#def get_locale():
# if request.args.get('lang'):
# session['lang'] = request.args.get('lang')
# return session.get('lang', 'tr')
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'), nullable=False, unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'), nullable=False, server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'), nullable=False, server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(), db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(), db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# The Home page is accessible to anyone
@app.route('/')
def index():
veriler=User.query.all()
return render_template("index.html",veriler=veriler)
@app.route('/üye')
def uye():
return render_template('/üye.html')
@app.route('/add',methods=["POST"])
def adduser():
email=request.form.get("e-mail")
sifre=request.form.get("sifre")
email_confirmed_at=datetime.datetime.utcnow()
newuser=User(email=email,password=sifre,email_confirmed_at=email_confirmed_at)
db.session.add(newuser)
db.session.commit()
return redirect(url_for("uye"))
return app
def create_app(test_config=None): # For automated tests
# Setup Flask and read config from ConfigClass defined above
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
# Load local_settings.py if file exists # For automated tests
try: app.config.from_object('local_settings')
except: pass
# Load optional test_config # For automated tests
if test_config:
app.config.update(test_config)
# Initialize Flask extensions
mail = Mail(app) # Initialize Flask-Mail
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
# Define User model. Make sure to add flask.ext.user UserMixin!!
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
user_profile_id = db.Column(db.Integer(), db.ForeignKey('user_profile.id', ondelete='CASCADE'))
# User authentication information
username = db.Column(db.String(50), nullable=False, unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
reset_password_token = db.Column(db.String(100), nullable=False, server_default='')
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='0')
# User email information
email = db.Column(db.String(255), nullable=False, unique=True)
confirmed_at = db.Column(db.DateTime())
# Relationships
user_profile = db.relationship('UserProfile', uselist=False, foreign_keys=[user_profile_id])
class UserProfile(db.Model):
id = db.Column(db.Integer, primary_key=True)
# User information
first_name = db.Column(db.String(50), nullable=False, default='')
last_name = db.Column(db.String(50), nullable=False, default='')
# Relationships
roles = db.relationship('Role', secondary='user_roles',
backref=db.backref('users', lazy='dynamic'))
# Define Role model
class Role(db.Model):
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define UserRoles model
class UserRoles(db.Model):
id = db.Column(db.Integer(), primary_key=True)
user_profile_id = db.Column(db.Integer(), db.ForeignKey('user_profile.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(), db.ForeignKey('role.id', ondelete='CASCADE'))
# Reset all the database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User, UserProfileClass=UserProfile)
user_manager = UserManager(db_adapter, app)
# Create 'user007' user with 'secret' and 'agent' roles
if not User.query.filter(User.username=='user007').first():
user_profile1 = UserProfile(first_name='James', last_name='Bond')
db.session.add(user_profile1)
user1 = User(user_profile=user_profile1, username='******',
email='*****@*****.**', password=user_manager.hash_password('Password1'),
active=True)
db.session.add(user1)
user_profile1.roles.append(Role(name='secret'))
user_profile1.roles.append(Role(name='agent'))
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Home page</h2>
<p>This page can be accessed by anyone.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
<p><a href={{ url_for('special_page') }}>Special page</a> (login with username 'user007' and password 'Password1')</p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def members_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Members page</h2>
<p>This page can only be accessed by authenticated users.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
<p><a href={{ url_for('special_page') }}>Special page</a> (login with username 'user007' and password 'Password1')</p>
{% endblock %}
""")
# The Special page requires a user with 'special' and 'sauce' roles or with 'special' and 'agent' roles.
@app.route('/special')
@roles_required('secret', ['sauce', 'agent']) # Use of @roles_required decorator
def special_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Special Page</h2>
<p>This page can only be accessed by user007.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
<p><a href={{ url_for('special_page') }}>Special page</a> (login with username 'user007' and password 'Password1')</p>
{% endblock %}
""")
return app
def create_app():
""" Flask application factory """
# Setup Flask app and app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask extensions
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
mail = Mail(app) # Initialize Flask-Mail
# Define the User data model. Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
# User authentication information
username = db.Column(db.String(50), nullable=False, unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
# User email information
email = db.Column(db.String(255), nullable=False, unique=True)
confirmed_at = db.Column(db.DateTime())
# User information
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='0')
first_name = db.Column(db.String(100),
nullable=False,
server_default='')
last_name = db.Column(db.String(100),
nullable=False,
server_default='')
# Create all database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
user_manager = UserManager(db_adapter, app) # Initialize Flask-User
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Home page</h2>
<p>This page can be accessed by anyone.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def members_page():
print('schray')
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Members page</h2>
<p>This page can only be accessed by authenticated users.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
{% endblock %}
""")
return app
app.config.from_object('config')
db = SQLAlchemy(app)
from app import views, models
# LoginManager parts
import os
from flask.ext.login import LoginManager
# Setup Flask-User
from flask_user import login_required, UserManager, UserMixin, SQLAlchemyAdapter
from app.models import User, Role, Abstract
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
user_manager = UserManager(db_adapter, app) # Initialize Flask-User
from datetime import date
today = date.today()
import random
n_users = 50
import names
from app import forms
for i in xrange(0, n_users):
print i
ns = [names.get_first_name(), names.get_last_name()]
u = User(email='*****@*****.**' % (ns[0], ns[1]),
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'),
nullable=False,
unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# Create '*****@*****.**' user with no roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
db.session.add(user)
db.session.commit()
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='Agent'))
db.session.add(user)
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Home page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def member_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Members page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The Admin page requires an 'Admin' role.
@app.route('/admin')
@roles_required('Admin') # Use of @roles_required decorator
def admin_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Admin Page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
return app
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
db = SQLAlchemy(app)
class Kullanici(db.Model):
__tablename__ = 'Kullanici'
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(80), unique=True)
sifre = db.Column(db.String(80))
rolId = db.Column(db.Integer, db.ForeignKey('rol.rolId', ondelete='CASCADE'))
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='1')
def __init__(self, email, sifre):
self.email = email
self.sifre = sifre
self.rolId = 0
class Roller(db.Model):
__tablename__ = 'rol'
rolId = db.Column(db.Integer, primary_key=True)
rolisim = db.Column(db.String(80))
class urunler(db.Model):
__tablename__ = 'urunler'
urun_id = db.Column(db.Integer, primary_key=True)
kategori_id = db.Column(db.Integer(), db.ForeignKey('kategori.kategoriId', ondelete='CASCADE'))
urunresmi = db.Column(db.String(80))
urunFiyati = db.Column(db.Integer)
markaId = db.Column(db.Integer(), db.ForeignKey('markalar.markaId', ondelete='CASCADE'))
def __init__(self, kategori_id, urun_ozellikleri, urun_fiyati):
self.kategori_id = kategori_id
self.urun_ozellikleri = urun_ozellikleri
self.urun_fiyati = urun_fiyati
class kategori(db.Model):
__tablename__ = 'kategori'
kategoriId = db.Column(db.Integer, primary_key=True)
kategori_adi = db.Column(db.String(80))
def __init__(self, kategori_adi):
self.kategori_adi = kategori_adi
class markalar(db.Model):
__tablename__ = 'markalar'
markaId = db.Column(db.Integer, primary_key=True)
markaadi = db.Column(db.String(80))
marka_modeli = db.Column(db.String(80))
def __init__(self, markaadi, marka_modeli):
self.markaadi = markaadi
self.marka_modeli = marka_modeli
class musteri(db.Model):
__tablename__ = 'musteri'
musteriId = db.Column(db.Integer, primary_key=True)
musteriadi = db.Column(db.String(80))
musterisoyadi = db.Column(db.String(80))
mail = db.Column(db.String(80), unique=True)
telefon = db.Column(db.Integer)
sifre = db.Column(db.String(80))
il = db.Column(db.String(80))
ilce = db.Column(db.String(80))
kullaniciId = db.Column(db.Integer(), db.ForeignKey('Kullanici.id', ondelete='CASCADE'))
def __init__(self, musteriadi, musterisoyadi, mail, telefon, sifre, il, ilce, kullaniciId):
self.musteriadi = musteriadi
self.musterisoyadi = musterisoyadi
self.mail = mail
self.telefon = telefon
self.sifre = sifre
self.il = il
self.ilce = ilce
self.kullaniciId = kullaniciId
class siparis(db.Model):
__tablename__ = 'siparis'
siparisId = db.Column(db.Integer, primary_key=True)
musteriId = db.Column(db.Integer(), db.ForeignKey('musteri.musteriId', ondelete='CASCADE'))
urunId = db.Column(db.Integer(), db.ForeignKey('urunler.urun_id', ondelete='CASCADE'))
siparisno = db.Column(db.Integer)
siparisTarihi = db.Column(db.Integer)
odemeId = db.Column(db.Integer())
def __init__(self, musteriId, urunId, siparisno, siparisTarihi, odemeId):
self.musteriId = musteriId
self.urunId = urunId
self.siparisno = siparisno
self.siparisTarihi = siparisTarihi
self.odemeId = odemeId
user_manager = UserManager(app, db, Kullanici)
db.create_all()
@app.route('/')
def anasayfa():
return render_template('index.html')
@app.route('/kayit', methods=['GET', 'POST'])
def kayit():
if request.method == 'POST':
mail = request.form['email']
parola = request.form['sifre']
yeniKullanici = Kullanici(email=mail, sifre=parola)
db.session.add(yeniKullanici)
db.session.commit()
if yeniKullanici is not None:
mesaj = "Kayıt Başarıyla Sağlanmıştır."
return render_template("index.html", mesaj=mesaj)
else:
return render_template('kayit.html')
@app.route('/admin')
def admin():
return render_template("admin.html")
@app.route('/uye', methods=['GET', 'POST'])
def uye():
return render_template("uyeGirisi.html")
@app.route('/giris', methods=['GET', 'POST'])
def giris():
hata=None
if request.method=='POST':
if request.form['email']!='*****@*****.**' or request.form['sifre']!='admin':
if Kullanici.query.filter_by(email=request.form['email'],sifre=request.form['sifre']) is not None:
return redirect(url_for('anasayfa'))
else:
hata='hatalı giris yaptınız'
else:
flash('giriş başarılı')
return redirect(url_for('admin'))
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
Compress(app) # Initialize Flask-Compress
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
mail = Mail(app) # Initialize Flask-Mail
if not app.debug:
flask_raygun.Provider(app, app.config['RAYGUN_APIKEY']).attach()
celery = Celery(app.name, broker=app.config['CELERY_BROKER_URL'])
celery.conf.update(app.config)
cache = Cache(app,
config={
'CACHE_TYPE': app.config['CACHE_TYPE'],
'CACHE_REDIS_URL': app.config['CACHE_REDIS_URL'],
})
from app import views, models, forms, tasks
from forms import InviteForm
from app.models import User
from app.views import *
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
user_manager = UserManager( # Initialize Flask-User
db_adapter,
app,
register_form=InviteForm,
register_view_function=invite)
"""
from flask_login import AnonymousUserMixin
from flask_user import UserManager
# from flask_user.forms import EditUserProfileForm, RegisterForm, StringField
from avwx_account import app, db
from avwx_account.models import User
# Add company field to registration and profile edit forms
# class CustomRegisterForm(RegisterForm):
# country = StringField('Company')
# class CustomEditUserProfileForm(EditUserProfileForm):
# country = StringField('Company')
# class CustomUserManager(UserManager):
# def customize(self, app):
# self.RegisterFormClass = CustomRegisterForm
# self.EditUserProfileFormClass = CustomEditUserProfileForm
user_manager = UserManager(app, db, User)
# Say that anonymous users have no roles
class Anonymous(AnonymousUserMixin):
def has_roles(self, *_) -> bool:
return False
user_manager.anonymous_user = Anonymous
def create_app(test_config=None): # For automated tests
# Setup Flask and read config from ConfigClass defined above
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
# Load local_settings.py if file exists # For automated tests
try: app.config.from_object('local_settings')
except: pass
# Load optional test_config # For automated tests
if test_config:
app.config.update(test_config)
# Initialize Flask extensions
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
mail = Mail(app) # Initialize Flask-Mail
babel = Babel(app) # Initialize Flask-Babel
@babel.localeselector
def get_locale():
translations = [str(translation) for translation in babel.list_translations()]
language = request.accept_languages.best_match(translations)
return language
# Define the User data model. Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
# User authentication information
username = db.Column(db.String(50), nullable=False, unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
reset_password_token = db.Column(db.String(100), nullable=False, server_default='')
# User email information
email = db.Column(db.String(255), nullable=False, unique=True)
confirmed_at = db.Column(db.DateTime())
# User information
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='0')
first_name = db.Column(db.String(100), nullable=False, server_default='')
last_name = db.Column(db.String(100), nullable=False, server_default='')
# Create all database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User) # Select database adapter
user_manager = UserManager(db_adapter, app) # Init Flask-User and bind to app
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>{%trans%}Home Page{%endtrans%}</h2>
{% if current_user.is_authenticated() %}
<p> <a href="{{ url_for('user_profile_page') }}">
{%trans%}Profile Page{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.logout') }}">
{%trans%}Sign out{%endtrans%}</a></p>
{% else %}
<p> <a href="{{ url_for('user.login') }}">
{%trans%}Sign in or Register{%endtrans%}</a></p>
{% endif %}
{% endblock %}
""")
if current_user.is_authenticated():
return redirect(url_for('user_profile_page'))
else:
return redirect(url_for('user.login'))
# The Profile page requires a logged-in user
@app.route('/user/profile')
@login_required # Use of @login_required decorator
@confirm_email_required
def user_profile_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>{%trans%}Profile Page{%endtrans%}</h2>
<p> {%trans%}Hello{%endtrans%}
{{ current_user.username or current_user.email }},</p>
<p> <a href="{{ url_for('home_page') }}">
{%trans%}Home Page{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.change_username') }}">
{%trans%}Change username{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.change_password') }}">
{%trans%}Change password{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.logout') }}">
{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
return app
from flask_user import UserManager, SQLAlchemyAdapter
from app.extensions.database import db
from app.models.user import User
db_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adapter)
def init_app(application, ):
user_manager.init_app(app=application)
from loan import app, db
from flask import render_template, flash, redirect, url_for
from loan.models import User, Profile, Account, Role, LoanProfile
from flask_user import login_required, UserManager, roles_required, current_user
from flask_user.db_manager import DBManager
from loan.forms import AddUserForm, AddAdminForm, LoanStatusForm
from loan.randomforest import RandomForestAlgorithm
from loan.functions import modify_home_ownership, modify_purpose, modify_term, modify_time_of_employment
user_manager = UserManager(app, db, User)
db_manager = DBManager(app,
db,
User,
UserEmailClass=None,
UserInvitationClass=None,
RoleClass=Role)
db.create_all()
if len(User.query.all()) < 1:
user = User(username='******',
email='*****@*****.**',
password=user_manager.hash_password('asdfghjkl'),
active=True)
user.roles.append(Role(name='Admin'))
db.session.add(user)
db.session.commit()
profile = Profile(firstname='Peter',
def create_app():
""" Flask application factory """
# Setup Flask and load app.config
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
# Setup Flask-MongoEngine
db = MongoEngine(app)
# Define the User document.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Document, UserMixin):
active = db.BooleanField(default=True)
# User authentication information
username = db.StringField(default='')
password = db.StringField()
# User information
first_name = db.StringField(default='')
last_name = db.StringField(default='')
# Relationships
roles = db.ListField(db.StringField(), default=[])
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# The Home page is accessible to anyone
@app.route('/')
def home_page():
# String-based templates
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>Home page</h2>
<p><a href={{ url_for('user.register') }}>Register</a></p>
<p><a href={{ url_for('user.login') }}>Sign in</a></p>
<p><a href={{ url_for('home_page') }}>Home page</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>Member page</a> (login required)</p>
<p><a href={{ url_for('user.logout') }}>Sign out</a></p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users via the @login_required decorator
@app.route('/members')
@login_required # User must be authenticated
def member_page():
# String-based templates
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>Members page</h2>
<p><a href={{ url_for('user.register') }}>Register</a></p>
<p><a href={{ url_for('user.login') }}>Sign in</a></p>
<p><a href={{ url_for('home_page') }}>Home page</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>Member page</a> (login required)</p>
<p><a href={{ url_for('user.logout') }}>Sign out</a></p>
{% endblock %}
""")
return app
def create_app(config=None):
"""Create a Flask applicationlicaction.
"""
# Instantiate Flask
application = Flask(__name__)
# Load application Config settings
if config is not None:
application.config.from_object('config.Config')
# Setup Flask-SQLAlchemy
db.init_app(application)
# Setup Flask-Migrate
migrate.init_app(application, db)
# Setup Heroku
heroku = Heroku(application)
# Setup Flask-Mail
mail.init_app(application)
# Setup Flask-Principal
principal.init_app(application)
# Setup WTForms CSRFProtect
csrf_protect.init_app(application)
# Setup Flask-Blogging
with application.app_context():
storage = SQLAStorage(db=db)
db.create_all()
blog_engine.init_app(application, storage)
from application.models.user_models import User
@blog_engine.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
@identity_loaded.connect_via(application)
def on_identity_loaded(sender, identity):
identity.user = current_user
if hasattr(current_user, "id"):
identity.provides.add(UserNeed(current_user.id))
# Shortcut to the give admins "blogger" role.
#if hasattr(current_user, "is_admin"):
#if current_user.is_admin:
#identity.provides.add(RoleNeed("blogger"))
if hasattr(current_user, 'roles'):
for role in current_user.roles:
identity.provides.add(RoleNeed(role.name))
# Register blueprints
from application.views.misc_views import main_blueprint
application.register_blueprint(main_blueprint)
# Define bootstrap_is_hidden_field for flask-bootstrap's bootstrap_wtf.html
from wtforms.fields import HiddenField
def is_hidden_field_filter(field):
return isinstance(field, HiddenField)
application.jinja_env.globals['bootstrap_is_hidden_field'] = is_hidden_field_filter
# Setup an error-logger to send emails to application.config.ADMINS
init_email_error_handler(application)
# Setup Flask-User to handle user account related forms
from .models.user_models import User, Role, MyRegisterForm
db_adapter = SQLAlchemyAdapter(db, User) # Setup the SQLAlchemy DB Adapter
user_manager = UserManager(db_adapter, application, # Init Flask-User and bind to application
register_form=MyRegisterForm)
# Create admin
global admin
admin = flask_admin.Admin(application, 'Admin manager', template_mode='bootstrap3',)
from .models.user_models import UserModelView,PostModelView, RoleModelView
Post = storage.post_model
admin.add_view(UserModelView(User, db.session))
#admin.add_view(RoleModelView(Role, db.session))
#admin.add_view(sqla.ModelView(Role, db.session))
admin.add_view(PostModelView(Post, db.session))
admin.add_link(MenuLink(name='Index', category='Index', url='../'))
return application
def create_app(test_config=None): # For automated tests
# Setup Flask and read config from ConfigClass defined above
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Load local_settings.py if file exists # For automated tests
try:
app.config.from_object('local_settings')
except:
pass
# Load optional test_config # For automated tests
if test_config:
app.config.update(test_config)
# Initialize Flask extensions
mail = Mail(app) # Initialize Flask-Mail
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
# Define User model. Make sure to add flask.ext.user UserMixin!!
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
user_profile_id = db.Column(
db.Integer(), db.ForeignKey('user_profile.id', ondelete='CASCADE'))
# User authentication information
username = db.Column(db.String(50), nullable=False, unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
reset_password_token = db.Column(db.String(100),
nullable=False,
server_default='')
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='0')
# User email information
email = db.Column(db.String(255), nullable=False, unique=True)
confirmed_at = db.Column(db.DateTime())
# Relationships
user_profile = db.relationship('UserProfile',
uselist=False,
foreign_keys=[user_profile_id])
class UserProfile(db.Model):
id = db.Column(db.Integer, primary_key=True)
# User information
first_name = db.Column(db.String(50), nullable=False, default='')
last_name = db.Column(db.String(50), nullable=False, default='')
# Relationships
roles = db.relationship('Role',
secondary='user_roles',
backref=db.backref('users', lazy='dynamic'))
# Define Role model
class Role(db.Model):
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define UserRoles model
class UserRoles(db.Model):
id = db.Column(db.Integer(), primary_key=True)
user_profile_id = db.Column(
db.Integer(), db.ForeignKey('user_profile.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('role.id', ondelete='CASCADE'))
# Reset all the database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User, UserProfileClass=UserProfile)
user_manager = UserManager(db_adapter, app)
# Create 'user007' user with 'secret' and 'agent' roles
if not User.query.filter(User.username == 'user007').first():
user_profile1 = UserProfile(first_name='James', last_name='Bond')
db.session.add(user_profile1)
user1 = User(user_profile=user_profile1,
username='******',
email='*****@*****.**',
password=user_manager.hash_password('Password1'),
active=True)
db.session.add(user1)
user_profile1.roles.append(Role(name='secret'))
user_profile1.roles.append(Role(name='agent'))
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Home page</h2>
<p>This page can be accessed by anyone.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
<p><a href={{ url_for('special_page') }}>Special page</a> (login with username 'user007' and password 'Password1')</p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def members_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Members page</h2>
<p>This page can only be accessed by authenticated users.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
<p><a href={{ url_for('special_page') }}>Special page</a> (login with username 'user007' and password 'Password1')</p>
{% endblock %}
""")
# The Special page requires a user with 'special' and 'sauce' roles or with 'special' and 'agent' roles.
@app.route('/special')
@roles_required('secret',
['sauce', 'agent']) # Use of @roles_required decorator
def special_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>Special Page</h2>
<p>This page can only be accessed by user007.</p><br/>
<p><a href={{ url_for('home_page') }}>Home page</a> (anyone)</p>
<p><a href={{ url_for('members_page') }}>Members page</a> (login required)</p>
<p><a href={{ url_for('special_page') }}>Special page</a> (login with username 'user007' and password 'Password1')</p>
{% endblock %}
""")
return app
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
@babel.localeselector
def get_locale():
translations = [
str(translation) for translation in babel.list_translations()
]
# return request.accept_languages.best_match(translations)
# @babel.localeselector
#def get_locale():
# if request.args.get('lang'):
# session['lang'] = request.args.get('lang')
# return session.get('lang', 'tr')
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'),
nullable=False,
unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# Create '*****@*****.**' user with no roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
db.session.add(user)
db.session.commit()
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='Agent'))
db.session.add(user)
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home():
return render_template('/index.html')
@app.route('/üye')
def uye():
email = request.form.get("e-mail")
sifre = request.form.get("sifre")
newuser = User(email=email, password=sifre)
db.session.add(newuser)
db.session.comit()
return render_template('/üye.html')
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def member_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Üyeler sayfası {%endtrans%}</h2>
<h1>{%trans%}Sisteme giriş yapanlar bu sayfayı görüntüleyebilir{%endtrans%}</h1>
<p><a href={{ url_for('user.register') }}>{%trans%}Kayıt ol{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Giriş Yap{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Ana sayfa{%endtrans%}</a> (Herkes erişebilir)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Üye sayfası{%endtrans%}</a> (Giriş gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin sayfası{%endtrans%}</a> (Rol gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Çıkış{%endtrans%}</a></p>
{% endblock %}
""")
# The Admin page requires an 'Admin' role.
@app.route('/admin')
@roles_required('Admin') #Use of @roles_required decorator
def admin_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Admin Sayfası{%endtrans%}</h2>
<h1>{%trans%}Bu yalnızca adminlerin giriş yapabildiği bir sayfadır{%endtrans%}</h1>
<p><a href={{ url_for('user.register') }}>{%trans%}Kayıt ol{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Giriş Yap{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Ana sayfa{%endtrans%}</a> (Herkes erişebilir)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Üye sayfası{%endtrans%}</a> (Giriş gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin sayfası{%endtrans%}</a> (Rol gerekli: [email protected] / Password1)</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Çıkış{%endtrans%}</a></p>
{% endblock %}
""")
return app
def get_app(db_name=None,
db_port=None,
db_host=None,
extra_config_settings={}): # pylint: disable=dangerous-default-value,too-many-locals
"""You may pass the name/port/host of the db if you want to deviate
from the standard configs (staging/production). This is used for testing.
extra_config_settings is forwarded to app.config during instantiation of Flask.
"""
curdir = os.path.dirname(os.path.abspath(__file__))
dev_mode = bool(os.environ.get('SC_DEV'))
app = Flask(__name__)
app.config.from_pyfile(os.path.join(curdir, 'config', 'public.py'))
app.config.from_pyfile(os.path.join(curdir, 'config', 'private.py'))
app.config.update(extra_config_settings)
app.config['DEBUG'] = dev_mode
# The flask app reads the database configs directly, rather than being passed them
# through the env in docker. This means runserver and other debug/dev methods
# aren't FULLY coupled to docker-compose. Runserver still won't work because it now expects
# the db in another container on a certain port, but you can still use it for
# light smoketesting.
db_conf_dir = os.path.join(curdir, '..', 'docker', 'database')
db_public_conf = get_headerless_conf(
os.path.join(db_conf_dir, 'public.conf'))
db_private_conf = get_headerless_conf(
os.path.join(db_conf_dir, 'private.conf'))
db_conf = {**db_public_conf, **db_private_conf}
app.config['SQLALCHEMY_DATABASE_URI'] = \
'postgresql://{user}:{password}@{host}:{port}/{database}'.format(
user=db_conf['POSTGRES_USER'],
password=db_conf['POSTGRES_PASSWORD'],
host=db_host or db_conf['POSTGRES_HOST'],
port=db_port or db_conf['POSTGRES_PORT'],
database=db_name or db_conf['POSTGRES_DB'])
db.init_app(app)
migrate.init_app(app, db)
mail.init_app(app)
csrf_protect.init_app(app)
from supercontest.views import register_blueprints # pylint: disable=wrong-import-position
register_blueprints(app)
from supercontest.models import User # pylint: disable=wrong-import-position
user_manager = UserManager(app, db, User)
app.jinja_env.globals['bootstrap_is_hidden_field'] = is_hidden_field_filter # pylint: disable=no-member
# Make the function for displaying dates available to the templates
from supercontest.core.utilities import convert_date
app.jinja_env.globals['convert_date'] = convert_date # pylint: disable=no-member
@app.context_processor
def context_processor(): # pylint: disable=unused-variable
return dict(user_manager=user_manager)
# Add graphql view.
from supercontest.graphql import schema
# Intentionally allowing users in production to use graphiql to explore
# the db because it still requires auth. To disable this in dev mode,
# set graphiql=dev_mode instead of True.
view = GraphQLView.as_view('graphql', schema=schema, graphiql=True)
app.add_url_rule('/graphql',
view_func=login_required(csrf_protect.exempt(view)))
# Add the dashboard.
this_dir = os.path.dirname(os.path.realpath(__file__))
fmd_cfg = os.path.join(this_dir, 'config', 'dashboard.cfg')
dashboard.config.init_from(file=fmd_cfg)
dashboard.bind(app)
csrf_protect.exempt(dashboard.blueprint)
# Add the debug toolbar.
toolbar.init_app(app)
return app
def create_app(first_time=False):
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
api = Api(app)
# Initialize Flask-SQLAlchemy
db = SQLAlchemy(app)
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
username = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
db.create_all()
user_manager = UserManager(app, db, User)
## member_page template
@app.route('/members')
@login_required
def member_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>Members page</h2>
<p><a href={{ url_for('user.register') }}>Register</a></p>
<p><a href={{ url_for('user.login') }}>Sign in</a></p>
<p><a href={{ url_for('home_page') }}>Home page</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>Member page</a> (login required)</p>
<p><a href={{ url_for('user.logout') }}>Sign out</a></p>
{% endblock %}
""")
## home_page template
@app.route('/')
def home_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>Home page</h2>
<p><a href={{ url_for('user.register') }}>Register</a></p>
<p><a href={{ url_for('user.login') }}>Sign in</a></p>
<p><a href={{ url_for('home_page') }}>Home page</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>Member page</a> (login required)</p>
<p><a href={{ url_for('user.logout') }}>Sign out</a></p>
{% endblock %}
""")
if first_time:
try:
admin_role = Role(name='Admin')
user1 = User(username='******',
active=True,
password=user_manager.hash_password('Password1'))
user2 = User(username='******',
active=True,
password=user_manager.hash_password('Password2'))
user1.roles = [
admin_role,
]
db.session.add(admin_role)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
except exc.IntegrityError:
pass
## attaching the url to view
from views import MovieViewset, AllMoviesViewset
api.add_resource(MovieViewset, '/movie/<int:movie_id>')
api.add_resource(AllMoviesViewset, '/allmovies')
return app
mail = Mail(app)
db = SQLAlchemy(app)
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(80), nullable=False)
password = db.Column(db.Integer, nullable=False)
active = db.Column(db.Boolean, nullable=False)
email = db.Column(db.String, nullable=False)
db_adaptor = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adaptor, app)
@app.route('/')
def home():
return render_template("index.html")
@app.route('/templates/profile')
@login_required
def index_1():
return '<h1> This is protected profile Page</h1>'
class DeviceData(db.Model):
id = db.Column(db.Integer, primary_key=True)
def create_app():
""" Flask application factory """
# Setup Flask app and app.config
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
app.config['SQLALCHEMY_DATABASE_URI'] = "sqlite:///" + app.instance_path + os.sep + "users.sqlite"
print(app.config['SQLALCHEMY_DATABASE_URI'])
install_secret_key(app)
# Initialize Flask extensions
mail = Mail(app) # Initialize Flask-Mail
db, user_db_adapter, User, Role = init_db(app)
# Setup Flask-User
def password_validator(form, field):
password = field.data
if len(password) < 6:
raise ValidationError(('Password must have at least 6 characters'))
def username_validator(form, field):
""" Username must cont at least 3 alphanumeric characters long"""
username = field.data
if len(username) < 1:
raise ValidationError(('Username must be at least 1 characters long'))
user_manager = UserManager(user_db_adapter, password_validator=password_validator, username_validator=username_validator)
user_manager.init_app(app) # Initialize Flask-User
# A flask/sqlalchemy/python bug? anyway sqlalchemy complains in a weird error without this line
User.query
# The Home page is accessible to anyone
@app.route('/')
@login_required
def home_page():
return render_template("index.html", current_user=current_user)
# The Home page is accessible to anyone
@app.route('/keyring/<name>')
@login_required
def keyring(name):
found = False
for r in current_user.roles:
found = found or r.name == name
if not found:
return "Not authorized"
return render_template("keyring.html", keyring=name)
@app.route('/grid', methods=["POST", "GET"])
@login_required
@roles_required('hacker')
def grid():
if request.method == "POST":
user = db.session.query(User).filter(User.id==request.form["user"]).first()
role = db.session.query(Role).filter(Role.id==request.form["role"]).first()
if "val" in request.form and request.form["val"] == "on":
user.roles.append(role)
else:
if role in user.roles:
user.roles.remove(role)
db.session.commit()
return render_template("grid.html", users=db.session.query(User), roles=db.session.query(Role), user_reset_id = "-1", newpass = "")
@app.route('/grid/reset/<user_id>')
@login_required
@roles_required('hacker')
def reset_grid(user_id):
user = db.session.query(User).filter(User.id==int(user_id)).first()
newpass = id_generator()
user.password = user_manager.hash_password(newpass)
db.session.commit()
return render_template("grid.html", users=db.session.query(User), roles=db.session.query(Role), newpass=newpass, user_reset_id=user_id)
@app.route('/new', methods=["POST", "GET"])
@login_required
@roles_required('hacker')
def new():
if request.method == "POST":
rolename = request.form["role"]
if not db.session.query(Role).filter(Role.name==rolename).first():
new_role = Role(name=rolename)
db.session.add(new_role)
current_user.roles.append(new_role)
db.session.commit()
save(rolename, True)
return redirect("/grid")
return render_template("create.html", users=db.session.query(User), roles=db.session.query(Role))
@app.route('/save/<name>', methods=["POST"])
@login_required
def save(name, initial = False):
found = False
for r in current_user.roles:
found = found or r.name == name
if not found:
return "Not authorized"
if initial:
if subprocess.call(["touch", name + ".txt"], cwd="db/") != 0:
print("Keyring already exists??")
return "error"
if subprocess.call(["git", "add", name + ".txt"], cwd="db/") != 0:
print("git error")
return "error"
subprocess.call(["git", "commit", "-m", "commit pre-web-update"], cwd="db/")
with open("db/" + name + ".txt", "w") as f:
f.write(request.form["data"])
f.close()
if subprocess.call(["git", "add", name + ".txt"], cwd="db/") != 0:
print("git error")
return "error"
if subprocess.call(["git", "commit", "-m", "Web update"], cwd="db/") != 0:
print("git error")
return "error"
return "done"
@app.route('/get/<name>')
@login_required
def get(name):
found = False
for r in current_user.roles:
found = found or r.name == name
if not found:
return "Not authorized"
try:
with open("db/" + name + ".txt", "r") as f:
return f.read()
except FileNotFoundError:
return "{}"
return app,db, user_db_adapter, User, Role, user_manager
def create_app():
""" Flask application factory """
#ayar yapılandırmamızı içe aktarıyoruz
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
db = SQLAlchemy(app)
#tablolarımızı oluşturuyoruz
class User(db.Model, UserMixin):
__tablename__ = 'users'
kullanici_id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(50), nullable=False, unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(50), nullable=False)
kullanici_adi = db.Column(db.String(50))
kullanici_soyadi = db.Column(db.String(50))
kullanici_tcno = db.Column(db.Integer())
kullanici_telno = db.Column(db.Integer())
kullanici_puan = db.Column(db.Float(), server_default='0')
kullanici_rol = db.Column('adminlik', db.Boolean())
def __init__(self, email, password, kullanici_adi, kullanici_soyadi,
kullanici_tcno, kullanici_telno, email_confirmed_at,
kullanici_rol):
self.email = email
self.password = password
self.kullanici_adi = kullanici_adi
self.kullanici_soyadi = kullanici_soyadi
self.kullanici_tcno = kullanici_tcno
self.kullanici_telno = kullanici_telno
self.email_confirmed_at = email_confirmed_at
self.kullanici_rol = kullanici_rol
class Otel(db.Model):
__tablename__ = 'oteller'
otel_id = db.Column(db.Integer(), primary_key=True)
otel_adi = db.Column(db.String(100), nullable=False)
otel_sehir = db.Column(db.Integer(), nullable=False)
otel_yildizi = db.Column(db.Integer(), nullable=False)
def __init__(self, otel_adi, otel_sehir, otel_yildizi):
self.otel_adi = otel_adi
self.otel_sehir = otel_sehir
self.otel_yildizi = otel_yildizi
class Oda(db.Model):
__tablename__ = 'odalar'
oda_id = db.Column(db.Integer(), primary_key=True)
otel_id = db.Column(
db.Integer, db.ForeignKey('oteller.otel_id', ondelete='CASCADE'))
oda_adi = db.Column(db.String(50), nullable=False)
oda_tipi = db.Column(db.String(50), nullable=False)
oda_fiyat = db.Column(db.Float())
oda_durum = db.Column(db.Boolean(), server_default='0')
def __init__(self, otel_id, oda_adi, oda_tipi, oda_fiyat):
self.otel_id = otel_id
self.oda_adi = oda_adi
self.oda_tipi = oda_tipi
self.oda_fiyat = oda_fiyat
class Sepet(db.Model):
__tablename__ = 'sepetler'
sepet_id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(
db.Integer(),
db.ForeignKey('users.kullanici_id', ondelete='CASCADE'))
oda_id = db.Column(db.Integer(),
db.ForeignKey('odalar.oda_id', ondelete='CASCADE'))
otel_id = db.Column(
db.Integer, db.ForeignKey('oteller.otel_id', ondelete='CASCADE'))
toplam_tutar = db.Column(db.Float())
rezerve_tarih = db.Column(db.DateTime(), nullable=False)
giris_tarih = db.Column(db.Date())
cikis_tarih = db.Column(db.Date())
kalinacak_gun = db.Column(db.Integer())
sepet_durum = db.Column(db.Boolean(), server_default='0')
def __init__(self, user_id, otel_id, oda_id, toplam_tutar,
rezerve_tarih, giris_tarih, cikis_tarih, kalinacak_gun):
self.user_id = user_id
self.otel_id = otel_id
self.oda_id = oda_id
self.toplam_tutar = toplam_tutar
self.rezerve_tarih = rezerve_tarih
self.giris_tarih = giris_tarih
self.cikis_tarih = cikis_tarih
self.kalinacak_gun = kalinacak_gun
user_manager = UserManager(app, db, User)
#veritabanımızı oluşturuyor ve tablolara erişim
#için takma isimler veriyoruz
db.create_all()
engine = create_engine('sqlite:///otel_rezervasyon.sqlite')
meta = MetaData(engine, reflect=True)
table_users = meta.tables['users']
table_otel = meta.tables['oteller']
table_oda = meta.tables['odalar']
table_sepet = meta.tables['sepetler']
#sistemde admin kayıtlı değilse bir admin oluşturuyoruz
if not User.query.filter(User.email == '*****@*****.**').first():
#şifremizi hashli bir şekilde tutmak için fonksiyona tabi tutuyoruz
tmp_psw = '12345678'
tmp_psw = hashlib.md5(tmp_psw.encode())
tmp_psw = tmp_psw.hexdigest()
user = User(email='*****@*****.**',
password=tmp_psw,
email_confirmed_at=datetime.datetime.utcnow(),
kullanici_adi=None,
kullanici_soyadi=None,
kullanici_tcno=None,
kullanici_telno=None,
kullanici_rol=1)
db.session.add(user)
db.session.commit()
#anasayfaya yönlendirme fonksiyonumuzu oluşturuyoruz
@app.route('/')
def home_page():
return render_template("index.html")
#giriş yap fonksiyonumuzu oluşturuyoruz,
#formdan gelen verileri veritabanındaki
#veriler ile karşılaştırıyoruz, uyuşması
#durumunda sisteme giriş yapılıyor.
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
email = request.form['email']
#şifremizi veritabanında ki hashli hali ile karşılaştırıyoruz
tmp_psw = request.form['password']
tmp_psw = hashlib.md5(tmp_psw.encode())
tmp_psw = tmp_psw.hexdigest()
password = tmp_psw
try:
#böyle bir email ve şifre uyuşması var mı sorgusu yapıyoruz
sorgu1 = User.query.filter_by(email=email,
password=password).first()
if sorgu1 is not None:
global sorgu_kullanici_id
conn = engine.connect()
select_st = select([table_users.c.kullanici_id
]).where(table_users.c.email == email)
sorgu_kullanici_id = conn.execute(select_st).scalar()
sorgu2 = User.query.filter_by(email=email,
password=password,
kullanici_rol=1).first()
if sorgu2 is not None:
session['admin'] = True
session['logged_in'] = True
flash('Hoşgeldiniz')
return redirect(url_for('home_page'))
else:
flash('Kullanıcı adı veya şifre yanlış')
return redirect(url_for('home_page'))
except:
flash('Beklenmeyen bir hata oluştu!')
return redirect(url_for('home_page'))
else:
return redirect(url_for('home_page'))
@app.route('/rezerve_login', methods=['GET', 'POST'])
def rezerve_login():
if request.method == 'POST':
email = request.form['email']
tmp_psw = request.form['password']
tmp_psw = hashlib.md5(tmp_psw.encode())
tmp_psw = tmp_psw.hexdigest()
password = tmp_psw
try:
sorgu1 = User.query.filter_by(email=email,
password=password).first()
if sorgu1 is not None:
global sorgu_kullanici_id
conn = engine.connect()
select_st = select([table_users.c.kullanici_id
]).where(table_users.c.email == email)
sorgu_kullanici_id = conn.execute(select_st).scalar()
sorgu2 = User.query.filter_by(email=email,
password=password,
kullanici_rol=1).first()
if sorgu2 is not None:
session['admin'] = True
session['logged_in'] = True
flash('Hoşgeldiniz')
return redirect(url_for('rezerve'))
else:
flash('Kullanıcı adı veya şifre yanlış')
return redirect(url_for('rezerve'))
except:
flash('Beklenmeyen bir hata oluştu!')
return redirect(url_for('rezerve'))
else:
return redirect(url_for('rezerve'))
@app.route("/logout")
@login_required
def logout():
conn = engine.connect()
select_st = table_sepet.delete().where(
and_(table_sepet.c.user_id == sorgu_kullanici_id,
table_sepet.c.sepet_durum == 0))
conn.execute(select_st)
session.clear()
flash("Başarı ile çıkış yaptınız.")
return redirect(url_for('home_page'))
@app.route('/', methods=['GET', 'POST'])
def uye_ol():
if request.method == 'POST':
tmp_psw = request.form['parola']
tmp_psw = hashlib.md5(tmp_psw.encode())
tmp_psw = tmp_psw.hexdigest()
password = tmp_psw
try:
new_user = User(kullanici_tcno=request.form['tcno'],
kullanici_adi=request.form['adi'],
kullanici_soyadi=request.form['soyadi'],
kullanici_telno=request.form['telno'],
email=request.form['email'],
password=password,
kullanici_rol=0,
email_confirmed_at=datetime.datetime.utcnow())
db.session.add(new_user)
db.session.commit()
flash("Kayıt başarı ile eklendi")
except:
flash("Kayıt işlemi sırasında hata oluştu")
finally:
return redirect(url_for('home_page'))
@app.route('/uye_gor', methods=['GET', 'POST'])
@login_required
@admin_required
def uye_gor():
conn = engine.connect()
select_st = select([
table_users.c.kullanici_id, table_users.c.kullanici_adi,
table_users.c.kullanici_soyadi, table_users.c.kullanici_tcno,
table_users.c.email, table_users.c.kullanici_telno
]).where(table_users.c.adminlik == 0)
rows = conn.execute(select_st)
return render_template("uye_gor.html", rows=rows)
@app.route('/uye_sil/<id>')
@login_required
@admin_required
def uye_sil(id=0):
conn = engine.connect()
select_st = table_users.delete().where(
table_users.c.kullanici_id == id)
rows = conn.execute(select_st)
return redirect(url_for('uye_gor'))
@app.route('/otel_listele', methods=['GET', 'POST'])
@login_required
@admin_required
def otel_listele():
if request.method == 'POST':
new_otel = Otel(otel_adi=request.form['oteladi'],
otel_sehir=request.form['otelsehir'],
otel_yildizi=request.form['otelyildizi'])
db.session.add(new_otel)
db.session.commit()
return redirect(url_for('otel_listele'))
conn = engine.connect()
select_st = select([
table_otel.c.otel_id, table_otel.c.otel_adi,
table_otel.c.otel_sehir, table_otel.c.otel_yildizi
])
rows = conn.execute(select_st)
return render_template("otel_listele.html", rows=rows)
@app.route('/otel_duzenle/<id>', methods=['GET', 'POST'])
@login_required
@admin_required
def otel_duzenle(id=0):
if request.method == 'POST':
otel_adi = request.form['oteladi']
otel_sehir = request.form['otelsehir']
otel_yildizi = request.form['otelyildizi']
conn = engine.connect()
select_st1 = table_otel.update().where(
table_otel.c.otel_id == id).values(otel_adi=otel_adi,
otel_sehir=otel_sehir,
otel_yildizi=otel_yildizi)
conn.execute(select_st1)
return redirect(url_for('otel_listele'))
else:
conn = engine.connect()
select_st2 = select([
table_otel.c.otel_adi, table_otel.c.otel_sehir,
table_otel.c.otel_yildizi
]).where(table_otel.c.otel_id == id)
rows = conn.execute(select_st2)
return render_template("otel_duzenle.html",
tmp_otel_id=id,
rows=rows)
@app.route('/otel_sil/<id>')
@login_required
@admin_required
def otel_sil(id=0):
conn = engine.connect()
select_st = table_otel.delete().where(table_otel.c.otel_id == id)
rows = conn.execute(select_st)
return redirect(url_for('otel_listele'))
@app.route('/oda_listele', methods=['GET', 'POST'])
@login_required
@admin_required
def oda_listele():
if request.method == 'POST':
if request.form['btn'] == 'Ekle':
try:
new_oda = Oda(otel_id=request.form['id'],
oda_adi=request.form['odaadi'],
oda_tipi=request.form['odatipi'],
oda_fiyat=request.form['odafiyat'])
db.session.add(new_oda)
db.session.commit()
flash("Kayıt başarı ile eklendi")
return redirect(url_for('oda_listele'))
except:
flash("Kayıt işlemi sırasında hata oluştu")
elif request.form['btn'] == 'Seç':
otel_id = request.form['otel_id']
conn = engine.connect()
select_st = select(
[table_otel.c.otel_id, table_otel.c.otel_adi])
rows_otel = conn.execute(select_st)
select_st1 = select([
table_oda.c.oda_id, table_oda.c.oda_adi,
table_oda.c.otel_id, table_oda.c.oda_tipi,
table_oda.c.oda_fiyat
]).where(table_oda.c.otel_id == otel_id)
rows_oda = conn.execute(select_st1)
return render_template("oda_listele.html",
rows=rows_oda,
rows2=rows_otel,
otel_id=otel_id)
conn = engine.connect()
select_st = select([table_otel.c.otel_id, table_otel.c.otel_adi])
rows_otel = conn.execute(select_st)
return render_template("oda_listele.html", rows2=rows_otel)
@app.route('/oda_duzenle/<id>', methods=['GET', 'POST'])
@login_required
@admin_required
def oda_duzenle(id=0):
if request.method == 'POST':
oda_adi = request.form['odaadi']
oda_tipi = request.form['odatipi']
oda_fiyat = request.form['odafiyat']
conn = engine.connect()
select_st1 = table_oda.update().where(
table_oda.c.oda_id == id).values(oda_adi=oda_adi,
oda_tipi=oda_tipi,
oda_fiyat=oda_fiyat)
conn.execute(select_st1)
return redirect(url_for('oda_listele'))
else:
conn = engine.connect()
select_st2 = select([
table_oda.c.oda_id, table_oda.c.oda_adi, table_oda.c.oda_tipi,
table_oda.c.oda_fiyat
]).where(table_oda.c.oda_id == id)
rows = conn.execute(select_st2)
return render_template("oda_duzenle.html",
tmp_oda_id=id,
rows=rows)
@app.route('/oda_sil/<id>')
@login_required
@admin_required
def oda_sil(id=0):
conn = engine.connect()
select_st = table_oda.delete().where(table_oda.c.oda_id == id)
rows = conn.execute(select_st)
return redirect(url_for('oda_listele'))
@app.route('/rezerve', methods=['GET', 'POST'])
def rezerve():
conn = engine.connect()
j = table_oda.join(table_otel,
table_oda.c.otel_id == table_otel.c.otel_id)
stmt = select([
table_oda.c.oda_id, table_oda.c.oda_adi, table_oda.c.oda_tipi,
table_oda.c.oda_fiyat, table_otel.c.otel_sehir,
table_otel.c.otel_adi, table_oda.c.otel_id
]).select_from(j).where(table_oda.c.oda_durum == 0)
rows = conn.execute(stmt)
return render_template("rezerve.html", rows=rows)
@app.route('/sepet_ekle/<id>', methods=['GET', 'POST'])
@login_required
def sepet_ekle(id=0):
conn = engine.connect()
select_st1 = select([table_oda.c.oda_fiyat
]).where(table_oda.c.oda_id == id)
toplam_tutar = conn.execute(select_st1).scalar()
print('toplam tutar: ', toplam_tutar)
select_st2 = select([table_oda.c.otel_id
]).where(table_oda.c.oda_id == id)
otel_id = conn.execute(select_st2).scalar()
sepet = Sepet(user_id=sorgu_kullanici_id,
otel_id=otel_id,
oda_id=id,
toplam_tutar=toplam_tutar,
rezerve_tarih=datetime.datetime.utcnow(),
giris_tarih=None,
cikis_tarih=None,
kalinacak_gun=0)
db.session.add(sepet)
db.session.commit()
return redirect(url_for('sepet'))
@app.route('/sepet', methods=['GET', 'POST'])
@login_required
def sepet():
global sorgu_kullanici_puan
conn = engine.connect()
j = table_oda.join(table_otel,
table_oda.c.otel_id == table_otel.c.otel_id).join(
table_sepet,
table_oda.c.oda_id == table_sepet.c.oda_id)
sorgu1 = select([
table_sepet.c.sepet_id, table_oda.c.oda_id, table_oda.c.oda_adi,
table_oda.c.oda_tipi, table_oda.c.oda_fiyat,
table_otel.c.otel_sehir, table_otel.c.otel_adi, table_oda.c.otel_id
]).select_from(j).where(table_sepet.c.sepet_durum == 0)
rows = conn.execute(sorgu1)
sorgu2 = select([
table_users.c.kullanici_puan
]).where(table_users.c.kullanici_id == sorgu_kullanici_id)
sorgu_kullanici_puan = conn.execute(sorgu2).scalar()
sorgu_kullanici_puan = round(sorgu_kullanici_puan, 4)
return render_template("sepet.html",
rows=rows,
puan=sorgu_kullanici_puan)
@app.route('/sepet_sepet_tarih_sec/<id>/<odaid>', methods=['GET', 'POST'])
@login_required
def sepet_tarih_sec(id=None, odaid=None):
return render_template("sepet_onay.html", sepet_id=id, oda_id=odaid)
@app.route('/sepet_duzenle/<id>/<odaid>', methods=['GET', 'POST'])
@login_required
def sepet_duzenle(id=None, odaid=None):
if request.method == 'POST':
tmp_giris = request.form['giristarihi']
tmp_cikis = request.form['cikistarihi']
giris_liste = tmp_giris.split('-')
cikis_liste = tmp_cikis.split('-')
giris_tarih = date(int(giris_liste[0]), int(giris_liste[1]),
int(giris_liste[2]))
cikis_tarih = date(int(cikis_liste[0]), int(cikis_liste[1]),
int(cikis_liste[2]))
kalinacak_gun = request.form['kalinacakgun']
puan_kullanma_durumu = request.form['puan']
if puan_kullanma_durumu == '1':
conn = engine.connect()
select_st2 = select([
table_users.c.kullanici_puan
]).where(table_users.c.kullanici_id == sorgu_kullanici_id)
puan_kullanma_durumu = conn.execute(select_st2).scalar()
print('puan_kullanma_durumu: ', puan_kullanma_durumu)
else:
puan_kullanma_durumu = 0
print('puan_kullanma_durumu: ', puan_kullanma_durumu)
global sorgu_kazanilan_puan
conn = engine.connect()
select_st2 = select([table_oda.c.oda_fiyat
]).where(table_oda.c.oda_id == odaid)
birim_fiyat = conn.execute(select_st2).scalar()
print('birim fiyat: ', birim_fiyat)
toplam_tutar = float(kalinacak_gun) * birim_fiyat - float(
puan_kullanma_durumu)
sorgu_kazanilan_puan = toplam_tutar * 0.03 - puan_kullanma_durumu
print('kazanilan puan: ', sorgu_kazanilan_puan)
select_st1 = table_sepet.update().where(
table_sepet.c.sepet_id == id).values(
giris_tarih=giris_tarih,
cikis_tarih=cikis_tarih,
kalinacak_gun=kalinacak_gun,
toplam_tutar=toplam_tutar)
conn.execute(select_st1)
return redirect(url_for('sepet'))
@app.route('/sepet_onay/<id>', methods=['GET', 'POST'])
@login_required
def sepet_onay(id=0):
global sorgu_kullanici_puan
try:
conn = engine.connect()
tmp_tarihzaman = datetime.datetime.utcnow()
select_st1 = table_sepet.update().where(
table_sepet.c.sepet_id == id).values(
sepet_durum=1, rezerve_tarih=tmp_tarihzaman)
sorgu_kullanici_puan += sorgu_kazanilan_puan
select_st2 = table_users.update().where(
table_users.c.kullanici_id == sorgu_kullanici_id).values(
kullanici_puan=sorgu_kullanici_puan)
conn.execute(select_st1)
conn.execute(select_st2)
except:
flash('Önce tarih seçmelisiniz')
return redirect(url_for('sepet'))
@app.route('/sepet_sil/<id>', methods=['GET', 'POST'])
@login_required
def sepet_sil(id=0):
conn = engine.connect()
select_st1 = table_sepet.delete().where(table_sepet.c.sepet_id == id)
conn.execute(select_st1)
return redirect(url_for('sepet'))
@app.route('/islemlerim', methods=['GET', 'POST'])
@login_required
def islemler():
conn = engine.connect()
j = table_sepet.join(table_oda,
table_sepet.c.oda_id == table_oda.c.oda_id).join(
table_otel,
table_sepet.c.otel_id == table_otel.c.otel_id)
stmt = select([
table_otel.c.otel_adi, table_otel.c.otel_sehir,
table_otel.c.otel_id, table_oda.c.oda_adi, table_oda.c.oda_tipi,
table_sepet.c.giris_tarih, table_sepet.c.cikis_tarih,
table_sepet.c.kalinacak_gun, table_sepet.c.toplam_tutar,
table_sepet.c.rezerve_tarih
]).select_from(j).where(
and_(table_sepet.c.user_id == sorgu_kullanici_id,
table_sepet.c.sepet_durum == 1))
rows = conn.execute(stmt)
return render_template("islem.html", rows=rows)
return app
app = Flask(__name__)
app.config.from_object('spelinkyapp.config')
babel = Babel(app)
csrf = CsrfProtect(app)
mail = Mail(app)
admin = Admin(app)
api_manager = APIManager(app, flask_sqlalchemy_db=db)
db.init_app(app)
with app.app_context():
db.create_all()
db_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adapter, app)
if not User.query.filter_by(username='******').first():
user1 = User(username='******', email='*****@*****.**', active=True,
password=user_manager.hash_password('password'))
db.session.add(user1)
db.session.commit()
admin.add_view(ModelView(Link, db.session))
def get_locale():
translations = [str(translation) for translation in babel.list_translations()]
return request.accept_languages.best_match(translations)
from spelinkyapp import views
views.generate_apis(api_manager)
app = Flask(__name__)
# Password hashing
from flask_bcrypt import Bcrypt
bcrypt = Bcrypt(app)
app.config.from_object('config')
db = SQLAlchemy(app)
from app import views, models
# LoginManager parts
import os
from flask_login import LoginManager
from config import basedir
# Setup Flask-User
from flask_user import login_required, UserManager, UserMixin, SQLAlchemyAdapter
from app.models import User
from app.forms import CustomRegister
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
user_manager = UserManager(
db_adapter, app, register_form=CustomRegister) # Initialize Flask-User
from flask_mail import Mail
mail = Mail(app)
from flask_misaka import Misaka
Misaka(app, tables=True)
def init_app(app, test_config=None): # For automated tests
# Setup Flask and read config from ConfigClass defined above
app.config.from_object(__name__+'.ConfigClass')
# Load local_settings.py if file exists # For automated tests
try: app.config.from_object('local_settings')
except: pass
# Load optional test_config # For automated tests
if test_config:
app.config.update(test_config)
# Initialize Flask extensions
babel = Babel(app) # Initialize Flask-Babel
mail = Mail(app) # Initialize Flask-Mail
# Reset all the database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User, UserInvitationClass=UserInvitation)
user_manager = UserManager(db_adapter, app)
# Create regular 'member' user
if not User.query.filter(User.username=='member').first():
user = User(username='******', email='*****@*****.**', active=True,
password=user_manager.hash_password('Password1'), confirmed_at=datetime.datetime.utcnow())
db.session.add(user)
db.session.commit()
# Create 'user007' user with 'secret' and 'agent' roles
if not User.query.filter(User.username=='user007').first():
user1 = User(username='******', email='*****@*****.**', active=True,
password=user_manager.hash_password('Password1'))
user1.roles.append(Role(name='secret'))
user1.roles.append(Role(name='agent'))
db.session.add(user1)
db.session.commit()
# The '/' page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>{%trans%}Home Page{%endtrans%}</h2>
<p><a href="{{ url_for('user.login') }}">{%trans%}Sign in{%endtrans%}</a></p>
{% endblock %}
""")
# The '/profile' page requires a logged-in user
@app.route('/user/profile')
@login_required # Use of @login_required decorator
@confirm_email_required
def user_profile_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>{%trans%}Profile Page{%endtrans%}</h2>
<p> {%trans%}Hello{%endtrans%}
{{ current_user.username or current_user.email }},</p>
<p> <a href="{{ url_for('user.change_username') }}">
{%trans%}Change username{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.change_password') }}">
{%trans%}Change password{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.invite') }}">
{%trans%}Invite User{%endtrans%}</a></p>
<p> <a href="{{ url_for('user.logout') }}?next={{ url_for('user.login') }}">
{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The '/special' page requires a user that has the 'special' AND ('sauce' OR 'agent') role.
@app.route('/special')
@roles_required('secret', ['sauce', 'agent']) # Use of @roles_required decorator
def special_page():
return render_template_string("""
{% extends "base.html" %}
{% block content %}
<h2>{%trans%}Special Page{%endtrans%}</h2>
{% endblock %}
""")
# For testing only
app.db = db
app.UserEmailClass = UserEmail
return app
def create_app(extra_config_settings={}):
# Create a Flask applicaction.
# Instantiate Flask
app = Flask(__name__)
# Load App Config settings
# Load common settings from 'app/settings.py' file
app.config.from_object('app.settings')
# Load local settings from 'app/local_settings.py'
app.config.from_object('app.local_settings')
# Load extra config settings from 'extra_config_settings' param
app.config.update(extra_config_settings)
# Setup Flask-Extensions -- do this _after_ app config has been loaded
# Setup Flask-SQLAlchemy
db.init_app(app)
# Setup Flask-Migrate
migrate.init_app(app, db)
# Setup Flask-Mail
mail.init_app(app)
# Setup WTForms CSRFProtect
csrf_protect.init_app(app)
# Register blueprints
from app.views.public_views import public_blueprint
app.register_blueprint(public_blueprint)
from app.views.members_views import members_blueprint
app.register_blueprint(members_blueprint)
# from app.views.admin_views import admin_blueprint
# app.register_blueprint(admin_blueprint)
# Define bootstrap_is_hidden_field for flask-bootstrap's bootstrap_wtf.html
from wtforms.fields import HiddenField
def is_hidden_field_filter(field):
return isinstance(field, HiddenField)
app.jinja_env.globals['bootstrap_is_hidden_field'] = is_hidden_field_filter
# Setup an error-logger to send emails to app.config.ADMINS
init_email_error_handler(app)
# Setup Flask-User to handle user account related forms
from .models.user_models import User, MyRegisterForm
from .views.members_views import user_profile_page
db_adapter = SQLAlchemyAdapter(db, User) # Setup the SQLAlchemy DB Adapter
UserManager(
db_adapter,
app, # Init Flask-User and bind to app
register_form=MyRegisterForm, # Custom register form UserProfile fields
user_profile_view_function=user_profile_page,
)
babel.init_app(app) # Initialize Flask-Babel
Bootstrap(app) # Initialize flask_bootstrap
# Admin part
class AdminUserView(ModelView):
can_create = False
column_display_pk = True
column_exclude_list = ('password')
form_overrides = dict(password=HiddenField)
class AdmUsersRolesView(ModelView):
column_display_pk = True
class AdmRolesView(ModelView):
column_display_pk = True
from .models.models import AdmUsers, AdmUsersRoles, AdmRoles
admin = Admin(app, template_mode='bootstrap3')
admin.add_view(AdminUserView(AdmUsers, db.session, name='Users'))
admin.add_view(AdmRolesView(AdmUsersRoles, db.session, name='Roles-User'))
admin.add_view(AdmUsersRolesView(AdmRoles, db.session, name='Role'))
path = op.join(op.dirname(__file__), 'static')
admin.add_view(FileAdmin(path, '/static/', name='Files'))
admin.add_link(MenuLink(name='Profile', endpoint='user.profile'))
admin.add_link(MenuLink(name='Logout', endpoint='user.logout'))
return app
def init_user_manager(app):
from flask_user import SQLAlchemyAdapter, UserManager
from ..core import db, FromCache
from ..models import Account
from .user_login import login
from .user_forgot_password import forgot_password
from ..tasks import send_email
import hashlib
from flask.ext.wtf import Form
from wtforms import BooleanField, HiddenField, PasswordField, SubmitField, StringField
from wtforms import validators, ValidationError
def hash_password(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def generate_password_hash(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def verify_password(self, password, user):
return self.hash_password(password) == user.password
def login_manager_usercallback(account_id):
account_id = int(account_id) if isinstance(account_id,
basestring) else account_id
account = db.session.query(Account). \
options(FromCache('model', 'account:%d' % account_id)). \
filter(Account.id == account_id).first()
return account
def password_validator(form, field):
""" Password must have one lowercase letter, one uppercase letter and one digit."""
# Convert string to list of characters
password = list(field.data)
password_length = len(password)
# Count lowercase, uppercase and numbers
lowers = uppers = digits = 0
for ch in password:
if ch.islower(): lowers += 1
if ch.isupper(): uppers += 1
if ch.isdigit(): digits += 1
# Password must have one lowercase letter, one uppercase letter and one digit
is_valid = password_length >= 6 and lowers and uppers and digits
if not is_valid:
raise ValidationError(u'密码至少超过6位,其中要求包含一个大写字母,一个小写字母和一个数字')
class ResetPasswordForm(Form):
new_password = PasswordField(
u'新密码', validators=[validators.Required(u'新密码不能为空')])
retype_password = PasswordField(u'再次输入新密码',
validators=[
validators.EqualTo(
'new_password',
message=u'两次输入的新密码匹配')
])
next = HiddenField()
submit = SubmitField(u'修改密码')
def validate(self):
# Use feature config to remove unused form fields
user_manager = current_app.user_manager
if not user_manager.enable_retype_password:
delattr(self, 'retype_password')
# Add custom password validator if needed
has_been_added = False
for v in self.new_password.validators:
if v == user_manager.password_validator:
has_been_added = True
if not has_been_added:
self.new_password.validators.append(
user_manager.password_validator)
# Validate field-validators
if not super(ResetPasswordForm, self).validate():
return False
# All is well
return True
def async_send_email(recipient, subject, html_message, text_message):
send_email.delay(recipient, subject, html_message, text_message)
db_adapter = SQLAlchemyAdapter(db, Account)
user_manager = UserManager(db_adapter,
login_view_function=login,
forgot_password_view_function=forgot_password,
reset_password_form=ResetPasswordForm,
password_validator=password_validator,
send_email_function=async_send_email)
user_manager.init_app(app)
user_manager.hash_password = hash_password.__get__(user_manager,
UserManager)
user_manager.generate_password_hash = generate_password_hash.__get__(
user_manager, UserManager)
user_manager.verify_password = verify_password.__get__(
user_manager, UserManager)
user_manager.login_manager.user_callback = login_manager_usercallback
orig_unauthenticated_view_function = user_manager.unauthenticated_view_function
def unauthenticated_view_function():
if request.is_xhr:
return jsonify({
'success': False,
'error_code': errors.user_unauthenticated
})
else:
return orig_unauthenticated_view_function()
setattr(user_manager, 'unauthenticated_view_function',
unauthenticated_view_function)
orig_unauthorized_view_function = user_manager.unauthorized_view_function
def unauthorized_view_function():
if request.is_xhr:
return jsonify({
'success': False,
'error_code': errors.operation_unauthorized
})
else:
return orig_unauthorized_view_function()
setattr(user_manager, 'unauthorized_view_function',
unauthorized_view_function)
def create_app(test_config=None): # For automated tests
# Setup Flask and read config from ConfigClass defined above
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
# Load local_settings.py if file exists # For automated tests
try: app.config.from_object('local_settings')
except: pass
# Load optional test_config # For automated tests
if test_config:
app.config.update(test_config)
# Initialize Flask extensions
mail = Mail(app) # Initialize Flask-Mail
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
User, Role, UserRoles, Posts = create_models(db)
# Reset all the database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User)
user_manager = UserManager(db_adapter, app)
# Create 'user007' user with 'secret' and 'agent' roles
if not User.query.filter(User.username=='admin').first():
user1 = User(username='******', email='*****@*****.**', active=True,
password=user_manager.hash_password('password'))
user1.roles.append(Role(name='admin'))
db.session.add(user1)
db.session.commit()
if len(Posts.query.all()) == 0:
post = Posts(user_id=3, title='hello world', content='this is a test post to test the query')
db.session.add(post)
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
@login_required
def home_page():
# posts = get_posts(db)
posts = Posts.query.all()
return render_template('main.html', posts=posts)
@app.route('/post', methods=['GET', 'POST'])
def new_post():
if request.method == 'GET':
return render_template('post_form.html')
elif request.method == 'POST':
form = request.form
post = Posts(user_id=session['user_id'], title=form['title'], content=form['content'])
db.session.add(post)
db.session.commit()
flash('post successful')
return redirect(url_for('home_page'))
# The Special page requires a user with 'special' and 'sauce' roles or with 'special' and 'agent' roles.
@app.route('/admin')
@roles_required('admin') # Use of @roles_required decorator
def special_page():
return 'this isn\'t done yet'
return app
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'),
nullable=False,
unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(),
db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(),
db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# Create '*****@*****.**' user with no roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
db.session.add(user)
db.session.commit()
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='Agent'))
db.session.add(user)
db.session.commit()
#Aqui empieza el codigo en realidad
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template("index.html")
# The Members page is only accessible to authenticated users
@app.route('/biblioteca')
@login_required # Use of @login_required decorator
def biblioteca():
return render_template("biblioteca.html")
@app.route('/biblioteca2')
@login_required # Use of @login_required decorator
def biblioteca2():
return render_template("biblioteca2.html")
# The Admin page requires an 'Admin' role.
@app.route('/nuevolibro')
@roles_required('Admin') # Use of @roles_required decorator
def admin_new_libro():
return render_template("nuevolibro.html")
@app.route('/actualizarlibro')
@roles_required('Admin')
def admin_updatelibro():
return render_template("updatelibro1.html")
@app.route('/actualizarlibro2')
@roles_required('Admin')
def admin_updatelibro2():
return render_template("updatelibro.html")
@app.route('/libros', methods=['Post'])
def create_book():
titulo = request.form['titulo']
autor = request.form['autor']
genero = request.form['genero']
nacionalidad = request.form['nacionalidad']
descripcion = request.form['descripcion']
imagen = request.files['imagen']
archivo = request.files['archivo']
fotoautor = request.files['fotoautor']
nombreimagen = imagen.filename
nombrearchivo = archivo.filename
nombrefotoautor = fotoautor.filename
rutaimagen = os.path.abspath(nombreimagen)
rutaarchivo = os.path.abspath(nombrearchivo)
rutafotoautor = os.path.abspath(nombrefotoautor)
libro = entities.Libro(titulo=titulo,
autor=autor,
genero=genero,
nacionalidad=nacionalidad,
descripcion=descripcion,
imagen=imagen.read(),
archivo=archivo.read(),
fotoautor=fotoautor.read(),
nombreimagen=nombreimagen,
nombrearchivo=nombrearchivo,
nombrefotoautor=nombrefotoautor,
rutaimagen=rutaimagen,
rutaarchivo=rutaarchivo,
rutafotoautor=rutafotoautor)
session = db.Session(engine)
session.add(libro)
session.commit()
return render_template('success.html')
@app.route('/libros', methods=['PUT'])
def update_book():
session = db.Session(engine)
ID = request.form['key']
libros = session.query(entities.Libro).filter(entities.Libro.ID == ID)
content = json.loads(request.form['values'])
for libro in libros:
if 'titulo' in content:
libro.titulo = content['titulo']
if 'autor' in content:
libro.autor = content['autor']
if 'genero' in content:
libro.genero = content['genero']
if 'nacionalidad' in content:
libro.nacionalidad = content['nacionalidad']
if 'descripcion' in content:
libro.descripcion = content['descripcion']
if 'imagen' in content:
imagen = content['imagen']
libro.imagen = imagen
nombreimagen = imagen.filename
libro.nombreimagen = nombreimagen
libro.rutaimagen = os.path.abspath(nombreimagen)
if 'archivo' in content:
archivo = content['archivo']
libro.archivo = archivo
nombrearchivo = archivo.filename
libro.nombrearchivo = nombrearchivo
libro.rutaarchivo = os.path.abspath(nombrearchivo)
if 'fotoautor' in content:
fotoautor = content['fotoautor']
libro.fotoautor = fotoautor
nombrefotoautor = fotoautor.filename
libro.nombrefotoautor = nombrefotoautor
libro.rutafotoautor = os.path.abspath(nombrefotoautor)
session.add(libro)
session.commit()
return 'Update exitosa'
@app.route('/actualizarconput')
def update_put():
return render_template('updatePut.html')
@app.route('/libro/<ID>', methods=['DELETE'])
def delete_book(ID):
session = db.Session(engine)
libros = session.query(entities.Libro).filter(entities.Libro.ID == ID)
for libro in libros:
session.delete(libro)
session.commit()
return 'User Deleted'
@app.route('/titulo/<ID>', methods=['GET'])
@login_required
def titulo(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].titulo, mimetype='text/txt')
@app.route('/autor/<ID>', methods=['GET'])
@login_required
def autor(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].autor, mimetype='text/txt')
@app.route('/genero/<ID>', methods=['GET'])
@login_required
def genero(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].genero, mimetype='text/txt')
@app.route('/nacionalidad/<ID>', methods=['GET'])
@login_required
def nacionalidad(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].nacionalidad, mimetype='text/txt')
@app.route('/descripcion/<ID>', methods=['GET'])
@login_required
def descripcion(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].descripcion, mimetype='text/txt')
@app.route('/imagen/<ID>', methods=['GET'])
@login_required
def imagen(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].imagen, mimetype='image/png')
@app.route('/archivo/<ID>', methods=['GET'])
@login_required
def archivo(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].archivo, mimetype='application/pdf')
@app.route('/fotoautor/<ID>', methods=['GET'])
@login_required
def fotoautor(ID):
db_session = db.Session(engine)
libros = db_session.query(
entities.Libro).filter(entities.Libro.ID == ID)
data = []
for libro in libros:
data.append(libro)
break
return Response(data[0].fotoautor, mimetype='image/png')
@app.route('/libros', methods=['GET'])
@roles_required('Admin')
def libros():
db_session = db.Session(engine)
libros = db_session.query(entities.Libro)
data = []
for libro in libros:
data.append(libro)
return Response(json.dumps(data, cls=connector.AlchemyEncoder),
mimetype='application/json')
return app
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.debug = config.DEBUG
app.config['MAIL_SERVER'] = config.MAIL_SERVER
app.config['MAIL_PORT'] = config.MAIL_PORT
app.config['MAIL_USE_TLS'] = config.MAIL_USE_TLS
app.config['MAIL_USE_SSL'] = config.MAIL_USE_SSL
app.config['MAIL_USERNAME'] = config.MAIL_USERNAME
app.config['MAIL_PASSWORD'] = config.MAIL_PASSWORD
app.config['MAIL_DEFAULT_SENDER'] = config.MAIL_DEFAULT_SENDER
mail = Mail(app)
db = SQLAlchemy(app)
# Setup Flask-User
from tracker.models.user import User
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
user_manager = UserManager(db_adapter, app) # Initialize Flask-User
user_manager.app_name = config.APP_NAME
if not app.debug:
logging.getLogger("requests").setLevel(logging.WARNING)
logging.basicConfig(filename='error.log', level=logging.INFO, format='%(asctime)s %(message)s')
# custom jinja line delimeters
app.jinja_env.line_statement_prefix = '%'
app.jinja_env.line_comment_prefix = '##'
from tracker.views import init_views
init_views(app)
from datetime import datetime
import sys
app = Flask(__name__)
app.config.from_object(config)
socketio = SocketIO(app, async_mode=async_mode)
thread = None
db.app = app
db.init_app(app)
# Create all database tables
db.create_all()
# Setup Flask-User
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
common.user_manager = UserManager(db_adapter, app) # Initialize Flask-User
if not User.query.filter(User.username == 'root').first():
user1 = User(username='******',
email='*****@*****.**',
confirmed_at=datetime.now(),
active=True,
password=common.user_manager.hash_password('root'))
db.session.add(user1)
db.session.commit()
sessions_data = {}
def nocache(view):
@wraps(view)
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__+'.ConfigClass')
# Initialize Flask-BabelEx
babel = Babel(app)
# Initialize Flask-SQLAlchemy
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
email = db.Column(db.String(255, collation='NOCASE'), nullable=False, unique=True)
email_confirmed_at = db.Column(db.DateTime())
password = db.Column(db.String(255), nullable=False, server_default='')
# User information
first_name = db.Column(db.String(100, collation='NOCASE'), nullable=False, server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'), nullable=False, server_default='')
# Define the relationship to Role via UserRoles
roles = db.relationship('Role', secondary='user_roles')
# Define the Role data-model
class Role(db.Model):
__tablename__ = 'roles'
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(50), unique=True)
# Define the UserRoles association table
class UserRoles(db.Model):
__tablename__ = 'user_roles'
id = db.Column(db.Integer(), primary_key=True)
user_id = db.Column(db.Integer(), db.ForeignKey('users.id', ondelete='CASCADE'))
role_id = db.Column(db.Integer(), db.ForeignKey('roles.id', ondelete='CASCADE'))
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# Create all database tables
db.create_all()
# Create '*****@*****.**' user with no roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
db.session.add(user)
db.session.commit()
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not User.query.filter(User.email == '*****@*****.**').first():
user = User(
email='*****@*****.**',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password('Password1'),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='Agent'))
db.session.add(user)
db.session.commit()
# The Home page is accessible to anyone
@app.route('/')
def home_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Home page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users
@app.route('/members')
@login_required # Use of @login_required decorator
def member_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Members page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
# The Admin page requires an 'Admin' role.
@app.route('/admin')
@roles_required('Admin') # Use of @roles_required decorator
def admin_page():
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>{%trans%}Admin Page{%endtrans%}</h2>
<p><a href={{ url_for('user.register') }}>{%trans%}Register{%endtrans%}</a></p>
<p><a href={{ url_for('user.login') }}>{%trans%}Sign in{%endtrans%}</a></p>
<p><a href={{ url_for('home_page') }}>{%trans%}Home Page{%endtrans%}</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>{%trans%}Member Page{%endtrans%}</a> (login_required: [email protected] / Password1)</p>
<p><a href={{ url_for('admin_page') }}>{%trans%}Admin Page{%endtrans%}</a> (role_required: [email protected] / Password1')</p>
<p><a href={{ url_for('user.logout') }}>{%trans%}Sign out{%endtrans%}</a></p>
{% endblock %}
""")
return app
def create_app():
""" Flask application factory """
# Create Flask app load app.config
app = Flask(__name__)
app.config.from_object(__name__ + '.ConfigClass')
# Initialize Flask-SQLAlchemy
db = SQLAlchemy(app)
# Define the User data-model.
# NB: Make sure to add flask_user UserMixin !!!
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
username = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
email_confirmed_at = db.Column(db.DateTime())
# User information
first_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'),
nullable=False,
server_default='')
# Create all database tables
# db.create_all()
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
# The Home page is accessible to anyone
@app.route('/')
def home_page():
# String-based templates
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>Home page</h2>
<p><a href={{ url_for('user.register') }}>Register</a></p>
<p><a href={{ url_for('user.login') }}>Sign in</a></p>
<p><a href={{ url_for('home_page') }}>Home page</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>Member page</a> (login required)</p>
<p><a href={{ url_for('user.logout') }}>Sign out</a></p>
{% endblock %}
""")
# The Members page is only accessible to authenticated users via the @login_required decorator
@app.route('/members')
@login_required # User must be authenticated
def member_page():
# String-based templates
return render_template_string("""
{% extends "flask_user_layout.html" %}
{% block content %}
<h2>Members page</h2>
<p><a href={{ url_for('user.register') }}>Register</a></p>
<p><a href={{ url_for('user.login') }}>Sign in</a></p>
<p><a href={{ url_for('home_page') }}>Home page</a> (accessible to anyone)</p>
<p><a href={{ url_for('member_page') }}>Member page</a> (login required)</p>
<p><a href={{ url_for('user.logout') }}>Sign out</a></p>
{% endblock %}
""")
return app
def init_user_manager(app):
from flask_user import SQLAlchemyAdapter, UserManager
from ..core import db, FromCache
from ..models import Account
from .user_login import login
from .user_register import register
from .user_forgot_password import forgot_password
from ..tasks import send_email
import hashlib
from flask.ext.wtf import Form
from wtforms import BooleanField, HiddenField, PasswordField, SubmitField, StringField
from wtforms import validators, ValidationError
def hash_password(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def generate_password_hash(self, password):
_md5 = hashlib.md5()
_md5.update(password)
return _md5.hexdigest()
def verify_password(self, password, user):
return self.hash_password(password) == user.password
def login_manager_usercallback(account_id):
account_id = int(account_id) if isinstance(account_id, basestring) else account_id
account = db.session.query(Account). \
options(FromCache('model', 'account:%d' % account_id)). \
filter(Account.id == account_id).first()
return account
def password_validator(form, field):
""" Password must have one lowercase letter, one uppercase letter and one digit."""
# Convert string to list of characters
password = list(field.data)
password_length = len(password)
# Count lowercase, uppercase and numbers
lowers = uppers = digits = 0
for ch in password:
if ch.islower(): lowers += 1
if ch.isupper(): uppers += 1
if ch.isdigit(): digits += 1
# Password must have one lowercase letter, one uppercase letter and one digit
is_valid = password_length >= 6 and lowers and uppers and digits
if not is_valid:
raise ValidationError(u'密码至少超过6位,其中要求包含一个大写字母,一个小写字母和一个数字')
class ResetPasswordForm(Form):
new_password = PasswordField(u'新密码', validators=[validators.Required(u'新密码不能为空')])
retype_password = PasswordField(u'再次输入新密码', validators=[
validators.EqualTo('new_password', message=u'两次输入的新密码匹配')])
next = HiddenField()
submit = SubmitField(u'修改密码')
def validate(self):
# Use feature config to remove unused form fields
user_manager = current_app.user_manager
if not user_manager.enable_retype_password:
delattr(self, 'retype_password')
# Add custom password validator if needed
has_been_added = False
for v in self.new_password.validators:
if v == user_manager.password_validator:
has_been_added = True
if not has_been_added:
self.new_password.validators.append(user_manager.password_validator)
# Validate field-validators
if not super(ResetPasswordForm, self).validate():
return False
# All is well
return True
def async_send_email(recipient, subject, html_message, text_message):
send_email.delay(recipient, subject, html_message, text_message)
db_adapter = SQLAlchemyAdapter(db, Account)
user_manager = UserManager(db_adapter, login_view_function=login, register_view_function=register,
forgot_password_view_function=forgot_password,
reset_password_form=ResetPasswordForm, password_validator=password_validator,
send_email_function=async_send_email)
user_manager.init_app(app)
user_manager.hash_password = hash_password.__get__(user_manager, UserManager)
user_manager.generate_password_hash = generate_password_hash.__get__(user_manager, UserManager)
user_manager.verify_password = verify_password.__get__(user_manager, UserManager)
user_manager.login_manager.user_callback = login_manager_usercallback
orig_unauthenticated_view_function = user_manager.unauthenticated_view_function
def unauthenticated_view_function():
if request.is_xhr:
return jsonify({'success': False, 'error_code': errors.user_unauthenticated})
else:
return orig_unauthenticated_view_function()
setattr(user_manager, 'unauthenticated_view_function', unauthenticated_view_function)
orig_unauthorized_view_function = user_manager.unauthorized_view_function
def unauthorized_view_function():
if request.is_xhr:
return jsonify({'success': False, 'error_code': errors.operation_unauthorized})
else:
return orig_unauthorized_view_function()
setattr(user_manager, 'unauthorized_view_function', unauthorized_view_function)
__tablename__ = 'siparis'
siparisId = db.Column(db.Integer, primary_key=True)
musteriId = db.Column(db.Integer(), db.ForeignKey('musteri.musteriId', ondelete='CASCADE'))
urunId = db.Column(db.Integer(), db.ForeignKey('urunler.urun_id', ondelete='CASCADE'))
siparisno = db.Column(db.Integer)
siparisTarihi = db.Column(db.Integer)
odemeId = db.Column(db.Integer())
def __init__(self, musteriId, urunId, siparisno, siparisTarihi, odemeId):
self.musteriId = musteriId
self.urunId = urunId
self.siparisno = siparisno
self.siparisTarihi = siparisTarihi
self.odemeId = odemeId
user_manager = UserManager(app, db, Kullanici)
db.create_all()
if not Kullanici.query.filter(Kullanici.email == request.form['email']).first():
kullanici = Kullanici(
email=request.form['email'],
tarih=datetime.datetime.utcnow(),
sifre=user_manager.hash_password(request.form['sifre']),
)
# Create '*****@*****.**' user with 'Admin' and 'Agent' roles
if not Kullanici.query.filter(Kullanici.email == '*****@*****.**').first():
kullanici = Kullanici(
email='*****@*****.**',
tarih=datetime.datetime.utcnow(),
class User(db.Model, UserMixin):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
active = db.Column('is_active', db.Boolean(), nullable=False, server_default='1')
# User authentication information. The collation='NOCASE' is required
# to search case insensitively when USER_IFIND_MODE is 'nocase_collation'.
username = db.Column(db.String(100, collation='NOCASE'), nullable=False, unique=True)
password = db.Column(db.String(255), nullable=False, server_default='')
email_confirmed_at = db.Column(db.DateTime())
# User information
first_name = db.Column(db.String(100, collation='NOCASE'), nullable=False, server_default='')
last_name = db.Column(db.String(100, collation='NOCASE'), nullable=False, server_default='')
class SearchTerm(db.Model):
__tablename__ = 'searchterms'
id = db.Column(db.Integer, primary_key=True)
term = db.Column(db.String(100), nullable=False)
username = db.Column(db.String(100, collation='NOCASE'), db.ForeignKey('users.username'), nullable=False)
user = db.relationship('User', backref=db.backref('searchterms', lazy=True))
# Create all database tables
db.create_all()
# Setup Flask-User and specify the User data-model
user_manager = UserManager(app, db, User)
import RedditPy.views
def _init_users_manager():
os.environ['SMTP_PASS'] = os.environ.get('SMTP_PASS', '')
app.config.from_object('app.config.Config')
db_adapter = SQLAlchemyAdapter(db, models.User)
return UserManager(db_adapter, app)
from flask_user import UserManager, SQLAlchemyAdapter from app import db, app from app.accounts.models import User db_adapter = SQLAlchemyAdapter(db, User) user_manager = UserManager(db_adapter, app) user_manager.login_template = 'login.jade' user_manager.enable_username = False user_manager.enable_email = True
