Match session scope with request scope, cry with Uncle Bob
This commit is contained in:
Kristóf Tóth
parent
cb6f670329
commit
6782b49882
|
|
@ -1,8 +1,8 @@
|
|||
from os import urandom, getenv
|
||||
|
||||
from flask import Flask, render_template, request, session, url_for
|
||||
from flask import Flask, render_template, request, session, url_for, g
|
||||
|
||||
from model import init_db
|
||||
from model import init_db, session_factory
|
||||
from user_ops import UserOps
|
||||
from errors import InvalidCredentialsError, UserExistsError
|
||||
|
||||
|
|
@ -13,12 +13,25 @@ app.secret_key = urandom(32)
|
|||
app.jinja_env.globals.update(get_url=lambda endpoint: f'{BASEURL}{url_for(endpoint)}') # pylint: disable=no-member
|
||||
|
||||
|
||||
def get_db_session():
|
||||
if not hasattr(g, 'db_session'):
|
||||
g.db_session = session_factory()
|
||||
return g.db_session
|
||||
|
||||
|
||||
@app.teardown_appcontext
|
||||
def close_db_session(error):
|
||||
if hasattr(g, 'db_session'):
|
||||
g.db_session.close()
|
||||
|
||||
|
||||
@app.route('/', methods=['GET', 'POST'])
|
||||
def index():
|
||||
if request.method == 'POST':
|
||||
try:
|
||||
UserOps(request.form.get('username'),
|
||||
request.form.get('password')).authenticate()
|
||||
request.form.get('password'),
|
||||
get_db_session()).authenticate()
|
||||
except InvalidCredentialsError:
|
||||
return render_template('login.html', alert='Invalid credentials!')
|
||||
|
||||
|
|
@ -43,7 +56,8 @@ def register():
|
|||
|
||||
try:
|
||||
UserOps(request.form.get('username'),
|
||||
request.form.get('password')).register()
|
||||
request.form.get('password'),
|
||||
get_db_session()).register()
|
||||
except UserExistsError:
|
||||
return render_template('register.html', alert='Username already in use.')
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,13 @@
|
|||
from crypto import PasswordHasher
|
||||
from model import Session, User
|
||||
from model import User
|
||||
from errors import InvalidCredentialsError, UserExistsError
|
||||
|
||||
|
||||
class UserOps:
|
||||
def __init__(self, username, password):
|
||||
def __init__(self, username, password, db_session):
|
||||
self.username = username
|
||||
self.password = password
|
||||
self.db_session = db_session
|
||||
|
||||
def authenticate(self):
|
||||
"""
|
||||
|
|
@ -16,12 +17,10 @@ class UserOps:
|
|||
:raises InvalidCredentialsError:
|
||||
User does not exist or password provided is invalid
|
||||
"""
|
||||
with Session() as db:
|
||||
user = self.db_session.query(User).filter(User.username == self.username).first()
|
||||
|
||||
user = db.query(User).filter(User.username == self.username).first()
|
||||
|
||||
if not user or not PasswordHasher.verify(self.password, user.passwordhash):
|
||||
raise InvalidCredentialsError
|
||||
if not user or not PasswordHasher.verify(self.password, user.passwordhash):
|
||||
raise InvalidCredentialsError
|
||||
|
||||
def register(self):
|
||||
"""
|
||||
|
|
@ -31,11 +30,10 @@ class UserOps:
|
|||
:raises UserExistsError:
|
||||
A user with the provided username already exists
|
||||
"""
|
||||
with Session() as db:
|
||||
if self.db_session.query(User).filter(User.username == self.username).all():
|
||||
raise UserExistsError
|
||||
|
||||
if db.query(User).filter(User.username == self.username).all():
|
||||
raise UserExistsError
|
||||
|
||||
user = User(username=self.username,
|
||||
passwordhash=PasswordHasher.hash(self.password))
|
||||
db.add(user)
|
||||
user = User(username=self.username,
|
||||
passwordhash=PasswordHasher.hash(self.password))
|
||||
self.db_session.add(user)
|
||||
self.db_session.commit()
|
||||
|
|
|
|||
Loading…
Reference in New Issue