2021-04-23 18:52:56 +02:00
|
|
|
from flask import Flask, render_template, g, request, url_for, flash, redirect, session
|
|
|
|
from rethinkdb import r
|
|
|
|
from rethinkdb.errors import RqlRuntimeError, RqlDriverError
|
|
|
|
from werkzeug.exceptions import abort
|
|
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
|
|
|
|
|
|
|
app = Flask(__name__)
|
|
|
|
app.config.from_envvar("ENVIRONMENTFILE")
|
|
|
|
|
|
|
|
|
|
|
|
def dbSetup():
|
|
|
|
connection = r.connect(
|
|
|
|
host=app.config.get("RDB_HOST"), port=app.config.get("RDB_PORT")
|
|
|
|
)
|
|
|
|
try:
|
|
|
|
r.db_create(app.config.get("RDB_DB")).run(connection)
|
|
|
|
r.db(app.config.get("RDB_DB")).table_create("cspreport").run(connection)
|
|
|
|
r.db(app.config.get("RDB_DB")).table_create("users").run(connection)
|
|
|
|
r.db(app.config.get("RDB_DB")).table_create("website").run(connection)
|
|
|
|
print("Database setup completed")
|
|
|
|
except RqlRuntimeError:
|
|
|
|
print("Database already exists.")
|
|
|
|
finally:
|
|
|
|
connection.close()
|
|
|
|
|
|
|
|
|
|
|
|
dbSetup()
|
|
|
|
|
|
|
|
|
|
|
|
@app.before_request
|
|
|
|
def before_request():
|
|
|
|
try:
|
|
|
|
g.rdb_conn = r.connect(
|
|
|
|
host=app.config.get("RDB_HOST"),
|
|
|
|
port=app.config.get("RDB_PORT"),
|
|
|
|
db=app.config.get("RDB_DB"),
|
|
|
|
)
|
|
|
|
except RqlDriverError:
|
|
|
|
abort(503, "Database connection could be established.")
|
|
|
|
|
|
|
|
|
|
|
|
@app.teardown_request
|
|
|
|
def teardown_request(exception):
|
|
|
|
try:
|
|
|
|
g.rdb_conn.close()
|
|
|
|
except AttributeError:
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
|
@app.route("/")
|
|
|
|
def index():
|
|
|
|
return render_template("index.html")
|
|
|
|
|
|
|
|
|
|
|
|
@app.route("/register", methods=("GET", "POST"))
|
|
|
|
def register():
|
|
|
|
"""
|
|
|
|
csp = list(r.table("cspreport").run(g.rdb_conn))
|
|
|
|
"""
|
|
|
|
if request.method == "POST":
|
|
|
|
login = request.form["login"]
|
|
|
|
email = request.form["email"]
|
|
|
|
password = request.form["password"]
|
|
|
|
if not login or not password or not email:
|
|
|
|
flash("Missing field")
|
|
|
|
else:
|
|
|
|
r.table("users").insert(
|
|
|
|
{
|
|
|
|
"login": login,
|
|
|
|
"email": email,
|
|
|
|
"password": generate_password_hash(password),
|
|
|
|
}
|
|
|
|
).run(g.rdb_conn)
|
|
|
|
return redirect("/login", code=302)
|
|
|
|
return render_template("register.html")
|
|
|
|
|
|
|
|
|
|
|
|
@app.route("/login", methods=("GET", "POST"))
|
|
|
|
def login():
|
|
|
|
"""
|
|
|
|
csp = list(r.table("cspreport").run(g.rdb_conn))
|
|
|
|
"""
|
|
|
|
if request.method == "POST":
|
|
|
|
login = request.form["login"]
|
|
|
|
password = request.form["password"]
|
|
|
|
if not login or not password:
|
|
|
|
flash("Missing field")
|
|
|
|
else:
|
|
|
|
users = r.table("users").filter({"login": login}).run(g.rdb_conn)
|
|
|
|
for user in users:
|
|
|
|
if check_password_hash(user["password"], password):
|
|
|
|
session["login"] = login
|
|
|
|
session["id"] = user["id"]
|
|
|
|
return redirect("/manager", code=302)
|
|
|
|
return render_template("login.html")
|
|
|
|
|
2021-04-23 18:54:57 +02:00
|
|
|
|
2021-04-23 18:52:56 +02:00
|
|
|
@app.route("/manager")
|
|
|
|
def manager():
|
|
|
|
return render_template("index.html")
|
2021-04-23 18:54:57 +02:00
|
|
|
|
|
|
|
|
|
|
|
@app.route("/report", methods=("POST"))
|
|
|
|
def report():
|
|
|
|
return False
|