def post_login():
user = request.form.get("user")
password = request.form.get("password")
profile = storage.get_profile(user)
# create a rejection response
response = make_response(redirect("/login"))
response.set_cookie("session_key", "", expires=0)
if not profile:
response.set_cookie("message",
"User/password not found, please try again.")
return response
if profile['password'] != encrypt(password, profile['salt']):
# NEED TO HANDLE PASSWORDS CORRECTLY
response.set_cookie("message",
"User/password not found, please try again.")
return response
# create a success response
response = make_response(redirect("/notes"))
# generate a (not really) random string
key = "session." + str(random.randint(1000000000, 1999999999))
# create a session based on that key
storage.add_session({
"key": key,
"user": user,
"login": int(time.time()),
"pages": 1
})
# store the key in a cookie
response.set_cookie("session_key", key, max_age=600)
return response
def post_homepage():
#we will obviosuly check the username and password before going to the dashboard
#thats where the data API comes in
#Dank Memes
#getting username and password from front end
email = request.form.get("email")
password = request.form.get("password")
#checking to see if profile is in database
data = storage.get_profile(email, password)
#used if profile is not found
response = make_response(redirect("/main"))
response.set_cookie("session_key", "", expires=0)
if not data:
return response
#this determines if the user is a customer or provider
#Dank Memes
if data['type'] == "customer":
response = make_response(redirect("/user_dashboard"))
elif data['type'] == "provider":
response = make_response(redirect("/provider_dashboard"))
#creating a session and storing a cookie
key = "session." + str(random.randint(1000000000, 1999999999))
storage.add_session({
"key": key,
"email": email,
"login": int(time.time())
})
response.set_cookie("session_key", key, max_age=600)
return response
#for running on cloud 9
#app.run(host=os.getenv('IP', '0.0.0.0'),port=int(os.getenv('PORT', 8080)))
#for running on your local machine
#works for MAC and Linux. Windows users are S.O.L.
#1. export FLASK_APP=call_waiting.py
#2. flask run -h 0.0.0.0 -p 8080
def test_sessions():
test_session = "session." + str(time.time())
s = storage.get_session(test_session)
assert s == None
storage.add_session({'key': test_session})
s = storage.get_session(test_session)
assert type(s) is dict
assert 'key' in s
assert s['key'] == test_session
storage.update_session(test_session, {'elephant': 12})
s = storage.get_session(test_session)
assert type(s) is dict
assert 'key' in s
assert s['key'] == test_session
assert 'elephant' in s
assert s['elephant'] == 12
storage.delete_session(test_session)
s = storage.get_session(test_session)
assert s == None
import storage
import os
import time
import mysql.connector
from mysql.connector import Error
profile = storage.get_profile("bill", "password")
print(profile)
#profile = {'user': '******', 'password': '******'}
#sql = "INSERT INTO Profile (UserName, Password) VALUES (%s, %s)"
#param = profile['user'], profile['password']
#storage.in_up_de_query(sql, param)
key = '111'
session = {"key": key, "email": "hello", "login": int(time.time())}
storage.add_session(session)