Add Project5

dsantoli · May 7, 2024 · 1c8c39e · 1c8c39e
1 parent 0fc51b9
commit 1c8c39e
Show file tree

Hide file tree

Showing 13 changed files with 704 additions and 0 deletions.
diff --git a/Project5/__pycache__/passwords.cpython-312.pyc b/Project5/__pycache__/passwords.cpython-312.pyc
diff --git a/Project5/__pycache__/quotes.cpython-312.pyc b/Project5/__pycache__/quotes.cpython-312.pyc
diff --git a/Project5/app.log b/Project5/app.log
@@ -0,0 +1,32 @@
+2024-05-02 16:01:11,837 - INFO - register button hit
+2024-05-02 16:02:24,317 - INFO - register button hit
+2024-05-02 16:02:24,319 - INFO - All entries in the user collection:
+2024-05-02 16:02:24,321 - INFO - {'_id': ObjectId('6633f0693184392a155335c9'), 'user': 'dsantoli', 'hashed_password': '66099026ced26ba9ad776abfa3f767f85157ccc88530cc467e673beb4ad12f3a', 'salt': '3344c8ECD22eAA839E476C70adb4e37E'}
+2024-05-02 16:06:43,509 - INFO - register button hit
+2024-05-02 16:16:56,974 - INFO - register button hit
+2024-05-02 16:17:24,147 - INFO - register button hit
+2024-05-02 16:17:55,106 - INFO - register button hit
+2024-05-02 16:18:26,996 - INFO - register button hit
+2024-05-02 16:20:21,970 - INFO - register button hit
+2024-05-02 16:21:09,875 - INFO - register button hit
+2024-05-02 17:14:21,362 - INFO - register button hit
+2024-05-02 17:14:34,841 - INFO - register button hit
+2024-05-02 17:14:34,843 - INFO - All entries in the user collection:
+2024-05-02 17:14:34,843 - INFO - {'_id': ObjectId('6633f0693184392a155335c9'), 'user': 'dsantoli', 'hashed_password': '66099026ced26ba9ad776abfa3f767f85157ccc88530cc467e673beb4ad12f3a', 'salt': '3344c8ECD22eAA839E476C70adb4e37E'}
+2024-05-02 17:14:34,844 - INFO - {'user': 'asantoli', 'hashed_password': 'b2ededd1a1a6e7e2e75d5d9a3af2e61b11076dc4a8e44a869259411590a03bad', 'salt': 'd63CfC1b4bC7f2a4d8BFDE639f3Ea7b1', '_id': ObjectId('6634023a7d63c9c79edabc5d')}
+2024-05-02 17:22:30,353 - INFO - register button hit
+2024-05-02 17:23:05,674 - INFO - register button hit
+2024-05-02 17:23:54,252 - INFO - register button hit
+2024-05-02 17:26:36,390 - INFO - register button hit
+2024-05-07 12:06:45,656 - INFO - register button hit
+2024-05-07 12:08:28,710 - INFO - register button hit
+2024-05-07 12:08:28,720 - INFO - All entries in the user collection:
+2024-05-07 12:08:28,720 - INFO - {'_id': ObjectId('6633f0693184392a155335c9'), 'user': 'dsantoli', 'hashed_password': '66099026ced26ba9ad776abfa3f767f85157ccc88530cc467e673beb4ad12f3a', 'salt': '3344c8ECD22eAA839E476C70adb4e37E'}
+2024-05-07 12:08:28,720 - INFO - {'_id': ObjectId('6634023a7d63c9c79edabc5d'), 'user': 'asantoli', 'hashed_password': 'b2ededd1a1a6e7e2e75d5d9a3af2e61b11076dc4a8e44a869259411590a03bad', 'salt': 'd63CfC1b4bC7f2a4d8BFDE639f3Ea7b1'}
+2024-05-07 12:08:28,721 - INFO - {'user': 'testuser', 'hashed_password': 'fecb8d3503747efd044485f92e8236f723cc51dce18b882c1b4f656a16649772', 'salt': 'feFAA9CAEaB7354De20FBBbad988c43f', '_id': ObjectId('663a51fc1c70d692547a9fc1')}
+2024-05-07 12:27:17,465 - INFO - lgoin button hit
+2024-05-07 12:30:54,752 - INFO - lgoin button hit
+2024-05-07 12:33:05,895 - INFO - register button hit
+2024-05-07 12:33:57,336 - INFO - lgoin button hit
+2024-05-07 12:34:04,163 - INFO - lgoin button hit
+2024-05-07 12:40:38,553 - INFO - lgoin button hit
diff --git a/Project5/create-quotes-db.py b/Project5/create-quotes-db.py
@@ -0,0 +1,26 @@
+# Create a Mongita database with movie information
+import json
+from mongita import MongitaClientDisk
+
+quotes_data = [
+    {"text": "I'm hungry. When's lunch?", "author": "Dorothy","owner":"Greg"},
+    {"text": "You threw that ball. You go get it.", "author": "Suzy", "owner":"Dorothy"},
+]
+
+# create a mongita client connection
+client = MongitaClientDisk()
+
+# create a movie database
+quotes_db = client.quotes_db
+
+# create a quotes collection
+quotes_collection = quotes_db.quotes_collection
+
+# empty the collection
+quotes_collection.delete_many({})
+
+# put the quotes in the database
+quotes_collection.insert_many(quotes_data)
+
+# make sure the quotes are there
+print(quotes_collection.count_documents({}))
diff --git a/Project5/passwords.py b/Project5/passwords.py
@@ -0,0 +1,30 @@
+import hashlib
+import random
+import string
+
+def hash_password(password):
+    salt = "".join(random.choices(string.hexdigits, k=32))
+    salted_password = (password+salt).encode("utf-8")
+    hash_object = hashlib.sha256(salted_password)
+    hashed_password = hash_object.hexdigest()
+    return hashed_password, salt
+
+
+def check_password(password, saved_hashed_password, salt):
+    salted_password = (password + salt).encode("utf-8")
+    hash_object = hashlib.sha256(salted_password)
+    hashed_password = hash_object.hexdigest()
+    return hashed_password == saved_hashed_password
+
+
+def test_hash_and_check_password():
+    hashed_password, salt = hash_password("hohoho")
+    assert type(hashed_password) is str
+    assert type(salt) is str
+    assert check_password("hoho",hashed_password,salt) == False
+    assert check_password("hohoho",hashed_password,salt) == True
+
+
+if __name__ == "__main__":
+    test_hash_and_check_password()
+    print("done.")
diff --git a/Project5/quotes.py b/Project5/quotes.py
@@ -0,0 +1,223 @@
+from flask import Flask, render_template, request, make_response, redirect, flash, get_flashed_messages
+from mongita import MongitaClientDisk
+from bson import ObjectId
+from passwords import hash_password,check_password
+
+import logging
+from logging.handlers import RotatingFileHandler
+
+
+app = Flask(__name__)
+
+app.secret_key = b'_5#y2L"F4Q8z\n\xec]/'
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+handler = RotatingFileHandler('app.log', maxBytes=10000, backupCount=1)
+handler.setLevel(logging.INFO)
+formatter = logging.Formatter('%(asctime)s - %(levelname)s - %(message)s')
+handler.setFormatter(formatter)
+app.logger.addHandler(handler)
+
+# create a mongita client connection
+client = MongitaClientDisk()
+
+# open the quotes database
+quotes_db = client.quotes_db
+session_db = client.session_db
+user_db = client.user_db
+
+import uuid
+
+user_collection = user_db.user_collection
+session_collection = session_db.session_collection
+
+@app.route("/", methods=["GET"])
+@app.route("/quotes", methods=["GET"])
+def get_quotes():
+    session_id = request.cookies.get("session_id", None)
+    if not session_id:
+        response = redirect("/login")
+        return response
+    # open the session collection
+    session_collection = session_db.session_collection
+    # get the data for this session
+    session_data = list(session_collection.find({"session_id": session_id}))
+    if len(session_data) == 0:
+        response = redirect("/logout")
+        return response
+    assert len(session_data) == 1
+    session_data = session_data[0]
+    # get some information from the session
+    user = session_data.get("user", "unknown user")
+    # open the quotes collection
+    quotes_collection = quotes_db.quotes_collection
+    # load the data
+    data = list(quotes_collection.find({"owner":user}))
+    for item in data:
+        item["_id"] = str(item["_id"])
+        item["object"] = ObjectId(item["_id"])
+    # display the data
+    html = render_template(
+        "quotes.html",
+        data=data,
+        user=user,
+    )
+    response = make_response(html)
+    response.set_cookie("session_id", session_id)
+    return response
+
+# ADDED ROUTE FOR LOGIN 
+@app.route("/login", methods=["GET", "POST"])
+def login():
+    if request.method == "POST":
+        app.logger.info("lgoin button hit")
+        username = request.form["username"]
+        password = request.form["password"]
+        # Check if the username exists in the database
+        user_data = user_collection.find_one({"user": username})
+        if user_data:
+            # Validate the password
+            if check_password(password, user_data["hashed_password"], user_data["salt"]):
+                # Password is correct, create a new session
+                session_id = str(uuid.uuid4())
+                session_data = {"session_id": session_id, "user": username}
+                session_collection.insert_one(session_data)
+                response = redirect("/quotes")
+                response.set_cookie("session_id", session_id)
+                return response
+        # Invalid username or password
+        flash("Invalid username or password", "error")
+        return redirect("/login")
+    return render_template("login.html")
+
+
+@app.route("/logout", methods=["GET"])
+def get_logout():
+    # get the session id
+    session_id = request.cookies.get("session_id", None)
+    if session_id:
+        # open the session collection
+        session_collection = session_db.session_collection
+        # delete the session
+        session_collection.delete_one({"session_id": session_id})
+    response = redirect("/login")
+    response.delete_cookie("session_id")
+    return response
+
+
+@app.route("/add", methods=["GET"])
+def get_add():
+    session_id = request.cookies.get("session_id", None)
+    if not session_id:
+        response = redirect("/login")
+        return response
+    return render_template("add_quote.html")
+
+
+@app.route("/add", methods=["POST"])
+def post_add():
+    session_id = request.cookies.get("session_id", None)
+    if not session_id:
+        response = redirect("/login")
+        return response
+    # open the session collection
+    session_collection = session_db.session_collection
+    # get the data for this session
+    session_data = list(session_collection.find({"session_id": session_id}))
+    if len(session_data) == 0:
+        response = redirect("/logout")
+        return response
+    assert len(session_data) == 1
+    session_data = session_data[0]
+    # get some information from the session
+    user = session_data.get("user", "unknown user")
+    text = request.form.get("text", "")
+    author = request.form.get("author", "")
+    if text != "" and author != "":
+        # open the quotes collection
+        quotes_collection = quotes_db.quotes_collection
+        # insert the quote
+        quote_data = {"owner": user, "text": text, "author": author}
+        quotes_collection.insert_one(quote_data)
+    # usually do a redirect('....')
+    return redirect("/quotes")
+
+
+@app.route("/edit/<id>", methods=["GET"])
+def get_edit(id=None):
+    session_id = request.cookies.get("session_id", None)
+    if not session_id:
+        response = redirect("/login")
+        return response
+    if id:
+        # open the quotes collection
+        quotes_collection = quotes_db.quotes_collection
+        # get the item
+        data = quotes_collection.find_one({"_id": ObjectId(id)})
+        data["id"] = str(data["_id"])
+        return render_template("edit_quote.html", data=data)
+    # return to the quotes page
+    return redirect("/quotes")
+
+
+@app.route("/edit", methods=["POST"])
+def post_edit():
+    session_id = request.cookies.get("session_id", None)
+    if not session_id:
+        response = redirect("/login")
+        return response
+    _id = request.form.get("_id", None)
+    text = request.form.get("text", "")
+    author = request.form.get("author", "")
+    if _id:
+        # open the quotes collection
+        quotes_collection = quotes_db.quotes_collection
+        # update the values in this particular record
+        values = {"$set": {"text": text, "author": author}}
+        data = quotes_collection.update_one({"_id": ObjectId(_id)}, values)
+    # do a redirect('....')
+    return redirect("/quotes")
+
+
+@app.route("/delete", methods=["GET"])
+
+@app.route("/delete/<id>", methods=["GET"])
+def get_delete(id=None):
+    session_id = request.cookies.get("session_id", None)
+    if not session_id:
+        response = redirect("/login")
+        return response
+    if id:
+        # open the quotes collection
+        quotes_collection = quotes_db.quotes_collection
+        # delete the item
+        quotes_collection.delete_one({"_id": ObjectId(id)})
+    # return to the quotes page
+    return redirect("/quotes")
+
+# ADDED ROUTE FOR REGISTER
+@app.route("/register", methods=["GET", "POST"])
+def register():
+    if request.method == "POST":
+        app.logger.info("register button hit")
+        username = request.form["username"]
+        password = request.form["password"]
+        # Check if the username is already taken
+        if user_collection.find_one({"user": username}):
+            flash("Username already taken. Please choose a different username.", "error")
+            return redirect("/register")
+        # Hash the password before storing it
+        hashed_password, salt = hash_password(password)
+        # Store the username, hashed password, and salt in the user collection
+        user_data = {"user": username, "hashed_password": hashed_password, "salt": salt}
+        user_collection.insert_one(user_data)
+        flash("Registration successful. Please log in.", "success")
+
+        # Log all entries in the user collection to the log file
+        app.logger.info("All entries in the user collection:")
+        for entry in user_collection.find():
+            app.logger.info(entry)
+
+        return redirect("/login")
+    return render_template("register.html")
diff --git a/Project5/start.sh b/Project5/start.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Set environment variables
+export FLASK_APP=quotes.py
+export FLASK_ENV=development
+
+# Start the Flask development server
+python -m flask run