Esempio n. 1
0
def login():
    name = request.form.get("user-name")
    email = request.form.get("user-email")
    password = request.form.get("user-password")

    hashed_password = hashlib.sha256(password.encode()).hexdigest()

    # create a secret number
    secret_number = random.randint(1, 30)

    # see if user already exists
    user = User.fetch_one(query=["email", "==", email])

    if not user:
        # create a User object
        user = User(name=name,
                    email=email,
                    password=hashed_password,
                    secret_number=secret_number)
        user.create()  # save the object into a database

    if hashed_password != user.password:
        return "WRONG PASSWORD! Go back and try again."
    elif hashed_password == user.password:
        session_token = str(uuid.uuid4())
        User.edit(obj_id=user.id, session_token=session_token)

    # save user's email into a cookie
    response = make_response(redirect(url_for('index')))
    response.set_cookie("session_token",
                        session_token,
                        httponly=True,
                        samesite='Strict')

    return response
Esempio n. 2
0
def index():
    session_token = request.cookies.get("session_token")

    if session_token:
        user = User.fetch_one(query=["session_token", "==", session_token])
    else:
        user = None

    return render_template("index.html", user=user)
Esempio n. 3
0
def profile():
    session_token = request.cookies.get("session_token")

    # get user from the database based on her/his email address
    user = User.fetch_one(query=["session_token", "==", session_token])

    if user:
        return render_template("profile.html", user=user)
    else:
        return redirect(url_for("index"))
Esempio n. 4
0
def profile_delete():

    if request.method == "GET":
        return render_template("profile_delete.html")
    elif request.method == "POST":
        session_token = request.cookies.get("session_token")
        user = User.fetch_one(query=["session_token", "==", session_token])

        user.delete(obj_id=user.id)
        return render_template("index.html")
Esempio n. 5
0
def result():
    guess = int(request.form.get("guess"))

    session_token = request.cookies.get("session_token")

    # get user from the database based on her/his email address
    user = User.fetch_one(query=["session_token", "==", session_token])

    if guess == user.secret_number:
        message = "Correct! The secret number is {0}".format(str(guess))

        # create a new random secret number
        new_secret = random.randint(1, 30)

        # update the user's secret number in the User collection
        User.edit(obj_id=user.id, secret_number=new_secret)
    elif guess > user.secret_number:
        message = "Your guess is not correct... try something smaller."
    elif guess < user.secret_number:
        message = "Your guess is not correct... try something bigger."

    return render_template("result.html", message=message)
Esempio n. 6
0
def profile_edit():
    session_token = request.cookies.get("session_token")
    user = User.fetch_one(query=["session_token", "==", session_token])

    if request.method == "GET":
        if user:
            return render_template("profile_edit.html", user=user)
        else:
            return redirect(url_for("index"))
    elif request.method == "POST":
        user_name = request.form.get("profile-name")
        user_email = request.form.get("profile-email")

        user.edit(obj_id=user.id, name=user_name, email=user_email)
        return redirect(url_for("profile"))
Esempio n. 7
0
def user_details(user_id):
    user = User.get(obj_id=user_id)

    return render_template("profile.html", user=user)
Esempio n. 8
0
def all_users():
    users = User.fetch()

    return render_template("users.html", users=users)