def create_app(): app = Flask(__name__) app.secret_key = 'bdb92dbe238008edfac05e92412b0c23' # Another bad practice in security is # when you embed security keys in your code like this # app.config['PERMANENT_SESSION_LIFETIME'] = 120 # session lifetime disabled for showing bad security practice app.config['FLASK_ADMIN_SWATCH'] = 'united' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///info.db' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False admin = Admin(app, name='Admin-Panel', template_mode='bootstrap3') db.init_app(app) # csrf.init_app(app) with app.app_context(): from application.views import main_bp from application.model import db_init, User, Comments app.register_blueprint(main_bp) # admin.add_views(MyModelView(User, db.session), MyModelView(Comments, db.session)) # For the custom model above admin.add_views(ModelView(User, db.session), ModelView(Comments, db.session)) db.drop_all() db_init() # initialize sql injection db for part 1 db.create_all() # initialize db for logins, comments db.session.add(Comments(comment=' 🤘🏾🤘🏾 Spaces in code is the way to go. Who uses Tabs 😂😂?')) db.session.add(User(username='******', password='******')) db.session.add(User(username='******', password='******')) db.session.commit() return app
def register_user(username, password): if not query_user_exist(username=username): user = User(username=username, password=password) try: db.session.add(user) db.session.commit() except exc.SQLAlchemyError: return False return True
def register(): if session.get('username'): return redirect(url_for('index')) form = RegisterForm() if form.validate_on_submit(): user_id = User.objects.count() user_id += 1 email = form.email.data password = form.password.data first_name = form.first_name.data last_name = form.last_name.data user = User(user_id = user_id, email = email, first_name = first_name, last_name= last_name) user.set_password(password) user.save() flash('You are successfully registered!') return redirect(url_for('index')) return render_template("register.html",title = "Register",form = form,register =True)
def submitResearch(): """ Submits the research form """ form_data = request.form user = User(feedback=form_data['feedback']) db.session.add(user) for i in range(1, 30): s_i = str(i) if "title_" + s_i in form_data: track = Track.query.filter_by(title=request.form["title_" + s_i]).first() db.session.add( Rating(user_id=user.id, track_id=track.id, rating=form_data["rating_" + s_i])) try: db.session.commit() return jsonify({'success': True}) except: return jsonify({'success': False})
def register(): if request.method == 'POST': name = request.form['name'] email = request.form['email'].lower() password = sha256_hash(request.form['password']) token = str(uuid.uuid4()) if User.query.filter(User.email == email).first() is not None: return "E-mail already in use" user = User() user.name = name user.email = email user.password = password user.token = token user.creation = time.time() user.update = time.time() db.session.add(user) db.session.commit() login_user(user) return redirect(url_for('frontend_app')) else: return render_template('register.html')
def post(self): data = api.payload user = User(user_id = data['user_id'], email = data['email'], first_name = data['first_name'], last_name= data['last_name']) user.set_password(data['password']) user.save() return jsonify(User.objects(user_id =data['user_id']))