def getAllWorkouts():
db = get_mySQLdb()
cur = db.cursor(dictionary=True)
cur.execute(
'SELECT * FROM workouts'
)
return jsonify(cur.fetchall())
def checkLogin():
if request.method == 'POST':
jsonUserPass = request.json
returnDict = {'userId': None, 'error': None}
print(jsonUserPass)
email = jsonUserPass['email']
password = jsonUserPass['password']
db = get_mySQLdb()
cur = db.cursor()
cur.execute(
"SELECT id FROM appUsers WHERE email={}".format('"' + email + '"'))
appUserId = cur.fetchone()
if appUserId:
#if found, the id is returned as a tuple so extract the id value
appUserId = appUserId[0]
#GET password to check hash
cur.execute("SELECT password FROM appUsers WHERE id = {}".format(
appUserId))
dbPassword = cur.fetchone()
if check_password_hash(password, dbPassword):
returnDict['userId'] = appUserId
else:
returnDict['error'] = "incorrect password"
else:
returnDict['error'] = "user not registered"
return jsonify(returnDict)
def getProgramById(workoutId):
db = get_mySQLdb()
cur = db.cursor(dictionary=True)
cur.execute(
'SELECT * FROM workoutPlans WHERE id = %s', (workoutId,)
)
return jsonify(cur.fetchone())
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
db = get_mySQLdb()
cursor = db.cursor(dictionary=True)
cursor.execute('SELECT * FROM users WHERE id = %s', (user_id, ))
g.user = cursor.fetchone()
def getAllPrograms():
db = get_mySQLdb()
cur = db.cursor(dictionary=True)
cur.execute(
'SELECT * FROM workoutPlans'
)
workouts = cur.fetchall()
#GET DATA FROM MYSQL AND JSONIFY IT
return jsonify(workouts)
def register():
if request.method == 'POST':
firstName = request.form['firstName']
lastName = request.form['lastName']
email = request.form['email']
username = request.form['username']
password = request.form['password']
#get and save prof pic and create reference
profilePicLoc = None
if 'profilePic' not in request.files:
flash("no profile pic")
profilePic = request.files['profilePic']
profPicExt = profilePic.filename.split('.')[-1]
profilePicLoc = UPLOAD_FOLDER + username + '.' + profPicExt
db = get_mySQLdb()
cur = db.cursor()
cur.execute('SELECT * FROM users WHERE username="******"'.format(username))
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required'
elif cur.fetchone() is not None:
error = 'User {} is already registered'.format(username)
if error is None:
cur.execute(
'INSERT INTO users (username, email, firstName, lastName, password, profilePicLoc) VALUES (%s,%s,%s,%s,%s,%s)',
(username, email, firstName, lastName,
generate_password_hash(password), profilePicLoc))
db.commit()
profilePic.save(profilePicLoc)
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def registerAppUser():
if request.method == 'POST':
jsonDict = request.json
registerError = None
email = jsonDict["email"]
password = jsonDict["password"]
firstName = jsonDict["firstName"]
lastName = jsonDict["lastName"]
db = get_mySQLdb()
cur = db.cursor()
cur.execute('SELECT id FROM appUsers WHERE email = %s', (email, ))
if cur.fetchall():
registerError = "email already registered"
else:
cur.execute(
'INSERT INTO users (email, firstName, lastName, password) VALUES (%s,%s,%s,%s)',
(email, firstName, lastName, password))
return jsonify(registerError)
def login():
if request.method == 'POST':
try:
firstName = request.form['firstname']
except BadRequestKeyError:
username = request.form['username']
password = request.form['password']
db = get_mySQLdb()
error = None
toCheckPassword = ""
cur = db.cursor()
cur.execute(
'SELECT username, password, id FROM users WHERE username = %s',
(username, ))
user = cur.fetchone()
if user is None:
error = 'Incorrect username'
else:
toCheckPassword = user[1]
id = user[2]
if not check_password_hash(toCheckPassword, password):
error = "Incorrect password"
if error is None:
session.clear()
session['user_id'] = id
return redirect(url_for('home.home'))
else:
lastName = request.form['lastname']
username = request.form['username']
email = request.form['email']
password = request.form['password']
db = get_mySQLdb()
cur = db.cursor()
cur.execute(
'SELECT * FROM users WHERE username="******"'.format(username))
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required'
elif cur.fetchone() is not None:
error = 'User {} is already registered'.format(username)
if error is None:
cur.execute(
'INSERT INTO users (username, email, firstName, lastName, password) VALUES (%s,%s,%s,%s,%s)',
(username, email, firstName, lastName,
generate_password_hash(password)))
db.commit()
cur.execute(
'SELECT username, password, id FROM users WHERE username = %s',
(username, ))
user = cur.fetchone()
if user is None:
error = 'Incorrect username'
else:
toCheckPassword = user[1]
id = user[2]
if not check_password_hash(toCheckPassword, password):
error = "Incorrect password"
if error is None:
session.clear()
session['user_id'] = id
return redirect(url_for('home.home'))
flash(error)
return render_template('auth/login.html')