From 807741fc73c7dccc9f38d7065bec3af3ab2f7b07 Mon Sep 17 00:00:00 2001
From: Gustav <gusel725@student.liu.se>
Date: Tue, 28 Feb 2023 12:13:57 +0100
Subject: [PATCH] backed signup and signin progress
---
.gitignore | 5 +++--
lab2/database_helper.py | 16 ++++++++-----
lab2/schema.sql | 5 -----
lab2/server.py | 50 +++++++++++++++++++++++++++++++++++++----
4 files changed, 59 insertions(+), 17 deletions(-)
diff --git a/.gitignore b/.gitignore
index d596082..243e6e3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
-lab2/venv/
-database.db
\ No newline at end of file
+database.db
+__pycache__
+venv
diff --git a/lab2/database_helper.py b/lab2/database_helper.py
index 9743536..1187a2f 100644
--- a/lab2/database_helper.py
+++ b/lab2/database_helper.py
@@ -4,24 +4,28 @@ con = sqlite3.connect("database.db")
cur = con.cursor()
-def get_token_from_email(email):
- res = cur.execute(f"SELECT token FROM logged_in_users WHERE email='{email}'")
+
+def get_token(email):
+ res = cur.execute(f"SELECT token FROM logged_in_users WHERE email=?", (email,))
return res.fetchone()
+
def get_password(email):
- res = cur.execute(f"SELECT password_hash FROM user_data WHERE email='{email}'")
+ res = cur.execute("SELECT password_hash FROM user_data WHERE email=?", (email,))
return res.fetchone()
def update_logged_in_users(email, token):
- cur.execute(f"Insert INTO logged_in_users")
-
+ cur.execute("Insert INTO logged_in_users VALUES (?,?)", (email,token))
def get_user_data(email):
- data = cur.execute(f"SELECT * FROM user_data WHERE email='{email}'")
+ data = cur.execute("SELECT * FROM user_data WHERE email=?", (email,))
return data.fetchall()
+
+def create_user(email, pw_hash, fname, lname, gender, city, country):
+ cur.execute(f"Insert INTO user_data VALUES (?,?,?,?,?,?,?)", (email, pw_hash, fname, lname, gender, city, country))
\ No newline at end of file
diff --git a/lab2/schema.sql b/lab2/schema.sql
index 4059f49..70b09b4 100644
--- a/lab2/schema.sql
+++ b/lab2/schema.sql
@@ -5,11 +5,6 @@ CREATE TABLE "logged_in_users" (
PRIMARY KEY("email")
);
-CREATE TABLE "all_users" (
- "email" TEXT,
- PRIMARY KEY("email")
-);
-
CREATE TABLE "user_data" (
"email" TEXT,
"password_hash" TEXT,
diff --git a/lab2/server.py b/lab2/server.py
index 1a10f75..1445c1d 100644
--- a/lab2/server.py
+++ b/lab2/server.py
@@ -1,7 +1,8 @@
import random
import hashlib
+import re
-from flask import Flask
+from flask import Flask, request
import database_helper as dbh
@@ -14,11 +15,28 @@ def index():
return 'Hello world!'
-@app.route('/signin')
+@app.route('/signin', methods=['POST'])
def sign_in(email='test@gmail.com', password='123123123'):
"""
Authenticate the username by the provided password.
"""
+
+
+ args = request.get_json()
+
+ if set(args) != {'email', 'password', 'firstname', 'familyname', 'gender', 'city', 'country'}:
+ return {"success": "false", "message": "Form data missing or incorrect type."}
+
+ if re.fullmatch(r'\w+@\w+.\w+', args['email']) is None: return False
+
+ if len(args['password']) < 8: return False
+
+
+
+ email = args['email']
+ password = args['password']
+
+
hashed_password = hashlib.sha256((password + email).encode()).hexdigest()
database_password = dbh.get_password(email)
@@ -34,11 +52,35 @@ def sign_in(email='test@gmail.com', password='123123123'):
return { "success": "false", "message": "Wrong username or password." }
-@app.route('/signup')
-def sign_up(jsonObj):
+@app.route('/signup', methods=['POST'])
+def sign_up():
"""
Register a user in the database.
"""
+ args = request.get_json()
+
+
+ if dbh.get_user_data(args['email']) is not None:
+ return {"success": "false", "message": "User already exists."}
+
+ pw_hash = hashlib.sha256((args['password'] + args['email']).encode()).hexdigest()
+
+ dbh.create_user(
+ args['email'],
+ pw_hash,
+ args['firstname'],
+ args['lastname'],
+ args['gender'],
+ args['city'],
+ args['country'],
+ )
+
+ return {"success": "true", "message": "Successfully created a new user."};
+ } else {
+ }
+
+ } else {
+ }
pass
--
GitLab