· 7 years ago · Jun 23, 2018, 12:40 PM
1# -*- coding: utf-8 -*-
2from __future__ import with_statement
3from contextlib import closing
4from flask import Flask, request, session, g, redirect, url_for, abort, render_template, flash
5from flaskext.openid import OpenID
6from sqlalchemy import create_engine, Column, Integer, String, Text
7from sqlalchemy.orm import scoped_session, sessionmaker
8from sqlalchemy.ext.declarative import declarative_base
9
10
11app = Flask(__name__)
12app.config.update(
13 DATABASE_URI = 'sqlite:////tmp/deepsec.db',
14 SECRET_KEY = 'development key',
15 DEBUG = True
16)
17
18oid = OpenID(app)
19engine = create_engine(app.config['DATABASE_URI'])
20db_session = scoped_session(sessionmaker(autocommit=False,
21 autoflush=False,
22 bind=engine))
23Base = declarative_base()
24Base.query = db_session.query_property()
25
26def connect_db():
27 """Return a database. connection"""
28 Base.metadata.create_all(bind=engine)
29
30class User(Base):
31 __tablename__ = 'users'
32 id = Column(Integer, primary_key=True)
33 name = Column(String(60))
34 email = Column(String(200))
35 openid = Column(String(200))
36
37 def __init__(self, name, email, openid):
38 self.name = name
39 self.email = email
40 self.openid = openid
41
42class Codes(Base):
43 __tablename__ ='codes'
44 title = Column(String(200), primary_key=True)
45 code = Column(Text(), primary_key=True)
46
47 def __init__(self, title, text):
48 self.title = title
49 self.text = text
50
51 def __init__(self, name, email, openid):
52 self.name = name
53 self.email = email
54 self.openid = openid
55
56class Category(Base):
57 __tablename__ = 'categories'
58 id = Column(Integer, primary_key=True)
59 name = Column(String(50))
60
61 def __init__(self, name):
62 self.name = name
63
64@app.before_request
65def before_request():
66 g.user = None
67 if 'openid' in session:
68 g.user = User.query.filter_by(openid=session['openid']).first()
69
70@app.after_request
71def after_request(response):
72 db_session.remove()
73 return response
74
75#################################
76
77@app.route('/')
78def index():
79 return render_template('index.html')
80
81@app.route('/add', methods=['POST'])
82def add_code():
83 if not session.get('logged_in'):
84 abort(401)
85 g.db.execute('insert into codes (title, text) values (?, ?)',
86 [request.form['title'], request.form['text']])
87 g.db.commit()
88 flash('New code was successfully posted')
89 return redirect(url_for('show_codes'))
90
91@app.route('/login', methods=['GET', 'POST'])
92@oid.loginhandler
93def login():
94 """Does the login via OpenID. Has to call into `oid.try_login`
95to start the OpenID machinery.
96"""
97 # if we are already logged in, go back to were we came from
98 if g.user is not None:
99 return redirect(oid.get_next_url())
100 if request.method == 'POST':
101 openid = request.form.get('openid')
102 if openid:
103 return oid.try_login(openid, ask_for=['email', 'fullname',
104 'nickname'])
105 return render_template('login.html', next=oid.get_next_url(),
106 error=oid.fetch_error())
107
108@oid.after_login
109def create_or_login(resp):
110 """This is called when login with OpenID succeeded and it's not
111necessary to figure out if this is the users's first login or not.
112This function has to redirect otherwise the user will be presented
113with a terrible URL which we certainly don't want.
114"""
115 session['openid'] = resp.identity_url
116 user = User.query.filter_by(openid=resp.identity_url).first()
117 if user is not None:
118 flash(u'Successfully signed in')
119 g.user = user
120 return redirect(oid.get_next_url())
121 return redirect(url_for('create_profile', next=oid.get_next_url(),
122 name=resp.fullname or resp.nickname,
123 email=resp.email))
124
125@app.route("/codes")
126def show_codes():
127 codes = Codes.query()
128 g.code = codes
129 return render_template('show_codes.html', codes=codes)
130
131@app.route('/create-profile', methods=['GET', 'POST'])
132def create_profile():
133 """If this is the user's first login, the create_or_login function
134will redirect here so that the user can set up his profile.
135"""
136 if g.user is not None or 'openid' not in session:
137 return redirect(url_for('index'))
138 if request.method == 'POST':
139 name = request.form['name']
140 email = request.form['email']
141 if not name:
142 flash(u'Error: you have to provide a name')
143 elif '@' not in email:
144 flash(u'Error: you have to enter a valid email address')
145 else:
146 flash(u'Profile successfully created')
147 db_session.add(User(name, email, session['openid']))
148 db_session.commit()
149 return redirect(oid.get_next_url())
150 return render_template('create_profile.html', next_url=oid.get_next_url())
151
152
153@app.route('/profile', methods=['GET', 'POST'])
154def edit_profile():
155 """Updates a profile"""
156 if g.user is None:
157 abort(401)
158 form = dict(name=g.user.name, email=g.user.email)
159 if request.method == 'POST':
160 if 'delete' in request.form:
161 db_session.delete(g.user)
162 db_session.commit()
163 session['openid'] = None
164 flash(u'Profile deleted')
165 return redirect(url_for('index'))
166 form['name'] = request.form['name']
167 form['email'] = request.form['email']
168 if not form['name']:
169 flash(u'Error: you have to provide a name')
170 elif '@' not in form['email']:
171 flash(u'Error: you have to enter a valid email address')
172 else:
173 flash(u'Profile successfully created')
174 g.user.name = form['name']
175 g.user.email = form['email']
176 db_session.commit()
177 return redirect(url_for('edit_profile'))
178 return render_template('edit_profile.html', form=form)
179
180@app.route('/logout')
181def logout():
182 session.pop('logged_in', None)
183 flash('You were logged out')
184 return redirect(url_for('show_codes'))
185
186
187if __name__ == '__main__':
188 app.run()