Compare commits

..

No commits in common. "355ff7aac8e126a3fd445d796a1497714c43dcff" and "1529c77084afd0a3e11c09bf6f492e3ba6a95701" have entirely different histories.

9 changed files with 22 additions and 67 deletions

View File

@ -2,7 +2,6 @@ CREATE TABLE `users` (
`user_id` SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT, `user_id` SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT,
`username` VARCHAR(20) NOT NULL, `username` VARCHAR(20) NOT NULL,
`password_hash` CHAR(73) NOT NULL, `password_hash` CHAR(73) NOT NULL,
`signup_date` INT UNSIGNED NOT NULL,
PRIMARY KEY (`user_id`) PRIMARY KEY (`user_id`)
) ENGINE=InnoDB CHARSET utf8mb4; ) ENGINE=InnoDB CHARSET utf8mb4;

View File

@ -41,7 +41,7 @@ class Database():
_DB = Database() _DB = Database()
def add_user(username, password, timestamp): def add_user(username, password):
""" """
Adds a user to the database. Adds a user to the database.
""" """
@ -52,8 +52,8 @@ def add_user(username, password, timestamp):
pw_hash = argon2.hash(password) pw_hash = argon2.hash(password)
_DB.execute( _DB.execute(
"INSERT INTO `users` (`username`, `password_hash`, `signup_date`) " \ "INSERT INTO `users` (`username`, `password_hash`) VALUES (%s, %s)",
+ "VALUES (%s, %s, %s)", (username, pw_hash, timestamp)) (username, pw_hash))
return "success" return "success"
@ -151,23 +151,3 @@ def get_quest_data(quest_id):
data = _DB.execute("SELECT * FROM `quest_data` WHERE `quest_id` = %s", data = _DB.execute("SELECT * FROM `quest_data` WHERE `quest_id` = %s",
(quest_id,)).fetchall() (quest_id,)).fetchall()
return data return data
def get_user_info(username):
"""
Retrives relevant user data.
"""
data = _DB.execute(
"SELECT `user_id`, `signup_date` FROM `users` WHERE `username` = %s",
(username,)).fetchone()
return data
def get_user_quests(user_id):
"""
Retrieves all quests ran by a particular user_id.
"""
data = _DB.execute(
"SELECT * FROM `quest_meta` WHERE `owner_id` = %s",
(user_id,)).fetchall()
return data

View File

@ -9,12 +9,12 @@
if (document.getElementById('header').style.display == 'initial') { if (document.getElementById('header').style.display == 'initial') {
document.getElementById('header').style.display = 'none'; document.getElementById('header').style.display = 'none';
document.getElementById('headerHidden').style.display = 'initial'; document.getElementById('headerHidden').style.display = 'initial';
xhr.open('GET', '{{ url_for(".set_session", hide_header="on") }}', true); xhr.open('GET', '{{ url_for("views.set_session", hide_header="on") }}', true);
} }
else { else {
document.getElementById('header').style.display = 'initial'; document.getElementById('header').style.display = 'initial';
document.getElementById('headerHidden').style.display = 'none'; document.getElementById('headerHidden').style.display = 'none';
xhr.open('GET', '{{ url_for(".set_session", hide_header="off") }}', true); xhr.open('GET', '{{ url_for("views.set_session", hide_header="off") }}', true);
} }
xhr.send(); xhr.send();
} }
@ -24,7 +24,7 @@
<body> <body>
<ul id="header" class="header" style="{% if session.get("hide_header") == True %}display:none;{% else %}display:initial;{% endif %}"> <ul id="header" class="header" style="{% if session.get("hide_header") == True %}display:none;{% else %}display:initial;{% endif %}">
<li><a onclick="toggleHeader();" href="javascript:void(0);">^</a></li> <li><a onclick="toggleHeader();" href="javascript:void(0);">^</a></li>
<li><a href="{{ url_for('.index') }}">Home</a></li> <li><a href="{{ url_for('views.index') }}">Home</a></li>
{% block header %}{% endblock %} {% block header %}{% endblock %}
</ul> </ul>
<ul id="headerHidden" class="header" style="{% if session.get("hide_header") == True %}display:initial;{% else %}display:none;{% endif %}"> <ul id="headerHidden" class="header" style="{% if session.get("hide_header") == True %}display:initial;{% else %}display:none;{% endif %}">

View File

@ -2,7 +2,7 @@
{% block title %}Start a new quest{% endblock %} {% block title %}Start a new quest{% endblock %}
{% block content %} {% block content %}
<h1>New Quest</h1> <h1>New Quest</h1>
<form method="post" action="{{ url_for('.create_quest') }}"> <form method="post" action="{{ url_for('views.create_quest') }}">
<input type="text" placeholder="Quest Title" name="quest_title" maxlength="300" required/><br/> <input type="text" placeholder="Quest Title" name="quest_title" maxlength="300" required/><br/>
<textarea id="create_textarea" name="quest_body"></textarea> <textarea id="create_textarea" name="quest_body"></textarea>
<input type="submit" name="submit" value="Submit"/> <input type="submit" name="submit" value="Submit"/>

View File

@ -2,7 +2,7 @@
{% block title %}Login{% endblock %} {% block title %}Login{% endblock %}
{% block content %} {% block content %}
<h1>Login</h1> <h1>Login</h1>
<form method="post" action="{{ url_for('.login') }}"> <form method="post" action="{{ url_for('views.login') }}">
<input type="text" placeholder="Username" name="user" maxlength="20" required/><br /> <input type="text" placeholder="Username" name="user" maxlength="20" required/><br />
<input type="password" placeholder="Password" name="pass" maxlength="1024" required/><br /> <input type="password" placeholder="Password" name="pass" maxlength="1024" required/><br />
<input type="submit" value="Log in" name="submit"/> <input type="submit" value="Log in" name="submit"/>

View File

@ -1,7 +0,0 @@
{% extends "base.html" %}
{% block title %}{{ username }}{% endblock %}
{% block content %}
<h1>{{ username }}'s profile</h1>
Signed up: {{ signup_date | strftime }}<br />
Num. quests ran: {{ num_quests }}<br />
{% endblock %}

View File

@ -60,7 +60,7 @@
{% endblock %} {% endblock %}
{% block header %} {% block header %}
{% if session.get("user_id") == owner_id %} {% if session.get("user_id") == owner_id %}
<li><a href="{{ url_for('.edit_quest') }}">Edit Quest</a></li> <li><a href="{{ url_for('views.edit_quest') }}">Edit Quest</a></li>
{% endif %} {% endif %}
{% endblock %} {% endblock %}
{% block content %} {% block content %}

View File

@ -13,7 +13,7 @@
<li>Must be between 8 and 1024 characters</li> <li>Must be between 8 and 1024 characters</li>
</ul> </ul>
</div> </div>
<form method="post" action="{{ url_for('.signup') }}"> <form method="post" action="{{ url_for('views.signup') }}">
<input type="text" placeholder="Username" name="user" maxlength="20" required/><br /> <input type="text" placeholder="Username" name="user" maxlength="20" required/><br />
<input type="password" placeholder="Password" name="pass" maxlength="1024" required/><br /> <input type="password" placeholder="Password" name="pass" maxlength="1024" required/><br />
<input type="password" placeholder="Verify password" name="pass_verify" maxlength="1024" required/><br /> <input type="password" placeholder="Verify password" name="pass_verify" maxlength="1024" required/><br />

View File

@ -71,24 +71,8 @@ def quest(quest_title):
messages=messages) messages=messages)
@views.route("/profile/<path:username>")
def profile(username):
"""
Shows the profile page of the specified user.
"""
data = db.get_user_info(username)
if not data:
return "user_not_found"
user_id, signup_date = data
quests = db.get_user_quests(user_id)
return render_template("profile.html",
username=username,
signup_date=signup_date,
num_quests=len(quests))
@views.route("/create_quest", methods=["GET", "POST"]) @views.route("/create_quest", methods=["GET", "POST"])
@login_required(".login") @login_required("views.login")
def create_quest(): def create_quest():
""" """
Starts a new quest. Starts a new quest.
@ -108,7 +92,7 @@ def create_quest():
quest_id = db.insert_quest(canon_title, ident_title, owner_id) quest_id = db.insert_quest(canon_title, ident_title, owner_id)
db.insert_quest_post(quest_id, quest_body, timestamp) db.insert_quest_post(quest_id, quest_body, timestamp)
return redirect(url_for('.quest', quest_title=ident_title)) return redirect(url_for('views.quest', quest_title=ident_title))
@views.route("/edit_quest") @views.route("/edit_quest")
@ -145,7 +129,7 @@ def login():
if db.verify_password(username, password): if db.verify_password(username, password):
session["username"] = username session["username"] = username
return redirect(url_for(".index")) return redirect(url_for("views.index"))
else: else:
abort(401) abort(401)
@ -163,26 +147,25 @@ def signup():
password_verify = request.form.get("pass_verify") password_verify = request.form.get("pass_verify")
if len(username) > 20: if len(username) > 20:
return "username_too_long" "username_too_long"
elif len(username) < 3: elif len(username) < 3:
return "username_too_short" "username_too_short"
chrs = [c not in string.ascii_letters + string.digits for c in username] chrs = [c not in string.ascii_letters + string.digits for c in username]
if any(chrs): if any(chrs):
return "username_bad_chars" "username_bad_chars"
if db.verify_username(username): if db.verify_username(username):
return "username_taken" "username_taken"
if len(password) > 1024: if len(password) > 1024:
return "password_too_long" "password_too_long"
elif len(password) < 8: elif len(password) < 8:
return "password_too_short" "password_too_short"
if password != password_verify: if password != password_verify:
return "passwords_dont_match" "passwords_dont_match"
timestamp = int(time.time()) res = db.add_user(username, password)
res = db.add_user(username, password, timestamp) return redirect(url_for("views.index"))
return redirect(url_for(".index"))
@views.route("/") @views.route("/")