added profile page

made views in url_for relative to current blueprint
2018-06-21 11:00:24 -04:00 · 2018-06-21 09:06:23 -04:00
9 changed files with 67 additions and 22 deletions
--- a/anonkun.sql
+++ b/anonkun.sql
@ -2,6 +2,7 @@ CREATE TABLE `users` (
 	`user_id` SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT,
 	`username` VARCHAR(20) NOT NULL,
 	`password_hash` CHAR(73) NOT NULL,
 	`signup_date` INT UNSIGNED NOT NULL,
 	PRIMARY KEY (`user_id`)
 ) ENGINE=InnoDB CHARSET utf8mb4;
--- a/database.py
+++ b/database.py
@ -41,7 +41,7 @@ class Database():
 _DB = Database()
-def add_user(username, password):
+def add_user(username, password, timestamp):
 	"""
 	Adds a user to the database.
 	"""
@ -52,8 +52,8 @@ def add_user(username, password):
 	pw_hash = argon2.hash(password)
 	_DB.execute(
-		"INSERT INTO `users` (`username`, `password_hash`) VALUES (%s, %s)",
+		"INSERT INTO `users` (`username`, `password_hash`, `signup_date`) " \
-		(username, pw_hash))
+		+ "VALUES (%s, %s, %s)", (username, pw_hash, timestamp))
 	return "success"
@ -151,3 +151,23 @@ def get_quest_data(quest_id):
 	data = _DB.execute("SELECT * FROM `quest_data` WHERE `quest_id` = %s",
 		(quest_id,)).fetchall()
 	return data
 def get_user_info(username):
 	"""
 	Retrives relevant user data.
 	"""
 	data = _DB.execute(
 		"SELECT `user_id`, `signup_date` FROM `users` WHERE `username` = %s",
 		(username,)).fetchone()
 	return data
 def get_user_quests(user_id):
 	"""
 	Retrieves all quests ran by a particular user_id.
 	"""
 	data = _DB.execute(
 		"SELECT * FROM `quest_meta` WHERE `owner_id` = %s",
 		(user_id,)).fetchall()
 	return data
--- a/templates/base.html
+++ b/templates/base.html
@ -9,12 +9,12 @@
 			if (document.getElementById('header').style.display == 'initial') {
 				document.getElementById('header').style.display = 'none';
 				document.getElementById('headerHidden').style.display = 'initial';
-				xhr.open('GET', '{{ url_for("views.set_session", hide_header="on") }}', true);
+				xhr.open('GET', '{{ url_for(".set_session", hide_header="on") }}', true);
 			}
 			else {
 				document.getElementById('header').style.display = 'initial';
 				document.getElementById('headerHidden').style.display = 'none';
-				xhr.open('GET', '{{ url_for("views.set_session", hide_header="off") }}', true);
+				xhr.open('GET', '{{ url_for(".set_session", hide_header="off") }}', true);
 			}
 			xhr.send();
 		}
@ -24,7 +24,7 @@
 <body>
 	<ul id="header" class="header" style="{% if session.get("hide_header") == True %}display:none;{% else %}display:initial;{% endif %}">
 		<li><a onclick="toggleHeader();" href="javascript:void(0);">^</a></li>
-		<li><a href="{{ url_for('views.index') }}">Home</a></li>
+		<li><a href="{{ url_for('.index') }}">Home</a></li>
 		{% block header %}{% endblock %}
 	</ul>
 	<ul id="headerHidden" class="header" style="{% if session.get("hide_header") == True %}display:initial;{% else %}display:none;{% endif %}">
--- a/templates/create_quest.html
+++ b/templates/create_quest.html
@ -2,7 +2,7 @@
 {% block title %}Start a new quest{% endblock %}
 {% block content %}
 <h1>New Quest</h1>
-<form method="post" action="{{ url_for('views.create_quest') }}">
+<form method="post" action="{{ url_for('.create_quest') }}">
   	<input type="text" placeholder="Quest Title" name="quest_title" maxlength="300" required/><br/>
 	<textarea id="create_textarea" name="quest_body"></textarea>
 	<input type="submit" name="submit" value="Submit"/>
--- a/templates/login.html
+++ b/templates/login.html
@ -2,7 +2,7 @@
 {% block title %}Login{% endblock %}
 {% block content %}
 <h1>Login</h1>
-<form method="post" action="{{ url_for('views.login') }}">
+<form method="post" action="{{ url_for('.login') }}">
 	<input type="text" placeholder="Username" name="user" maxlength="20" required/><br />
 	<input type="password" placeholder="Password" name="pass" maxlength="1024" required/><br />
 	<input type="submit" value="Log in" name="submit"/>
--- a/templates/profile.html
+++ b/templates/profile.html
@ -0,0 +1,7 @@
 {% extends "base.html" %}
 {% block title %}{{ username }}{% endblock %}
 {% block content %}
 <h1>{{ username }}'s profile</h1>
 Signed up: {{ signup_date | strftime }}<br />
 Num. quests ran: {{ num_quests }}<br />
 {% endblock %}
--- a/templates/quest.html
+++ b/templates/quest.html
@ -60,7 +60,7 @@
 {% endblock %}
 {% block header %}
 {% if session.get("user_id") == owner_id %}
-	<li><a href="{{ url_for('views.edit_quest') }}">Edit Quest</a></li>
+	<li><a href="{{ url_for('.edit_quest') }}">Edit Quest</a></li>
 {% endif %}
 {% endblock %}
 {% block content %}
--- a/templates/signup.html
+++ b/templates/signup.html
@ -13,7 +13,7 @@
 		<li>Must be between 8 and 1024 characters</li>
 	</ul>
 </div>
-<form method="post" action="{{ url_for('views.signup') }}">
+<form method="post" action="{{ url_for('.signup') }}">
 	<input type="text" placeholder="Username" name="user" maxlength="20" required/><br />
 	<input type="password" placeholder="Password" name="pass" maxlength="1024" required/><br />
 	<input type="password" placeholder="Verify password" name="pass_verify" maxlength="1024" required/><br />
--- a/views.py
+++ b/views.py
@ -71,8 +71,24 @@ def quest(quest_title):
 		messages=messages)
@views.route("/profile/<path:username>")
 def profile(username):
 	"""
 	Shows the profile page of the specified user.
 	"""
 	data = db.get_user_info(username)
 	if not data:
 		return "user_not_found"
 	user_id, signup_date = data
 	quests = db.get_user_quests(user_id)
 	return render_template("profile.html",
 		username=username,
 		signup_date=signup_date,
 		num_quests=len(quests))
@views.route("/create_quest", methods=["GET", "POST"])
-@login_required("views.login")
+@login_required(".login")
 def create_quest():
 	"""
 	Starts a new quest.
@ -92,7 +108,7 @@ def create_quest():
 	quest_id = db.insert_quest(canon_title, ident_title, owner_id)
 	db.insert_quest_post(quest_id, quest_body, timestamp)
-	return redirect(url_for('views.quest', quest_title=ident_title))
+	return redirect(url_for('.quest', quest_title=ident_title))
@views.route("/edit_quest")
@ -129,7 +145,7 @@ def login():
 	if db.verify_password(username, password):
 		session["username"] = username
-		return redirect(url_for("views.index"))
+		return redirect(url_for(".index"))
 	else:
 		abort(401)
@ -147,25 +163,26 @@ def signup():
 	password_verify = request.form.get("pass_verify")
 	if len(username) > 20:
-		"username_too_long"
+		return "username_too_long"
 	elif len(username) < 3:
-		"username_too_short"
+		return "username_too_short"
 	chrs = [c not in string.ascii_letters + string.digits for c in username]
 	if any(chrs):
-		"username_bad_chars"
+		return "username_bad_chars"
 	if db.verify_username(username):
-		"username_taken"
+		return "username_taken"
 	if len(password) > 1024:
-		"password_too_long"
+		return "password_too_long"
 	elif len(password) < 8:
-		"password_too_short"
+		return "password_too_short"
 	if password != password_verify:
-		"passwords_dont_match"
+		return "passwords_dont_match"
-	res = db.add_user(username, password)
+	timestamp = int(time.time())
-	return redirect(url_for("views.index"))
+	res = db.add_user(username, password, timestamp)
 	return redirect(url_for(".index"))
@views.route("/")
Author	SHA1	Message	Date
iou1name	355ff7aac8	added profile page	2018-06-21 11:00:24 -04:00
iou1name	124adf5580	made views in url_for relative to current blueprint	2018-06-21 09:06:23 -04:00