def post_login(): user = request.form.get("user") password = request.form.get("password") profile = storage.get_profile(user) # create a rejection response response = make_response(redirect("/login")) response.set_cookie("session_key", "", expires=0) if not profile: response.set_cookie("message", "User/password not found, please try again.") return response if profile['password'] != encrypt(password, profile['salt']): # NEED TO HANDLE PASSWORDS CORRECTLY response.set_cookie("message", "User/password not found, please try again.") return response # create a success response response = make_response(redirect("/notes")) # generate a (not really) random string key = "session." + str(random.randint(1000000000, 1999999999)) # create a session based on that key storage.add_session({ "key": key, "user": user, "login": int(time.time()), "pages": 1 }) # store the key in a cookie response.set_cookie("session_key", key, max_age=600) return response
def post_homepage(): #we will obviosuly check the username and password before going to the dashboard #thats where the data API comes in #Dank Memes #getting username and password from front end email = request.form.get("email") password = request.form.get("password") #checking to see if profile is in database data = storage.get_profile(email, password) #used if profile is not found response = make_response(redirect("/main")) response.set_cookie("session_key", "", expires=0) if not data: return response #this determines if the user is a customer or provider #Dank Memes if data['type'] == "customer": response = make_response(redirect("/user_dashboard")) elif data['type'] == "provider": response = make_response(redirect("/provider_dashboard")) #creating a session and storing a cookie key = "session." + str(random.randint(1000000000, 1999999999)) storage.add_session({ "key": key, "email": email, "login": int(time.time()) }) response.set_cookie("session_key", key, max_age=600) return response #for running on cloud 9 #app.run(host=os.getenv('IP', '0.0.0.0'),port=int(os.getenv('PORT', 8080))) #for running on your local machine #works for MAC and Linux. Windows users are S.O.L. #1. export FLASK_APP=call_waiting.py #2. flask run -h 0.0.0.0 -p 8080
def test_sessions(): test_session = "session." + str(time.time()) s = storage.get_session(test_session) assert s == None storage.add_session({'key': test_session}) s = storage.get_session(test_session) assert type(s) is dict assert 'key' in s assert s['key'] == test_session storage.update_session(test_session, {'elephant': 12}) s = storage.get_session(test_session) assert type(s) is dict assert 'key' in s assert s['key'] == test_session assert 'elephant' in s assert s['elephant'] == 12 storage.delete_session(test_session) s = storage.get_session(test_session) assert s == None
import storage import os import time import mysql.connector from mysql.connector import Error profile = storage.get_profile("bill", "password") print(profile) #profile = {'user': '******', 'password': '******'} #sql = "INSERT INTO Profile (UserName, Password) VALUES (%s, %s)" #param = profile['user'], profile['password'] #storage.in_up_de_query(sql, param) key = '111' session = {"key": key, "email": "hello", "login": int(time.time())} storage.add_session(session)