1
0
mirror of https://github.com/avatao-content/test-tutorial-framework synced 2024-12-05 02:41:32 +00:00

Match session scope with request scope, cry with Uncle Bob

This commit is contained in:
Kristóf Tóth 2018-05-04 10:27:46 +02:00
parent cb6f670329
commit 6782b49882
2 changed files with 30 additions and 18 deletions

View File

@ -1,8 +1,8 @@
from os import urandom, getenv
from flask import Flask, render_template, request, session, url_for
from flask import Flask, render_template, request, session, url_for, g
from model import init_db
from model import init_db, session_factory
from user_ops import UserOps
from errors import InvalidCredentialsError, UserExistsError
@ -13,12 +13,25 @@ app.secret_key = urandom(32)
app.jinja_env.globals.update(get_url=lambda endpoint: f'{BASEURL}{url_for(endpoint)}') # pylint: disable=no-member
def get_db_session():
if not hasattr(g, 'db_session'):
g.db_session = session_factory()
return g.db_session
@app.teardown_appcontext
def close_db_session(error):
if hasattr(g, 'db_session'):
g.db_session.close()
@app.route('/', methods=['GET', 'POST'])
def index():
if request.method == 'POST':
try:
UserOps(request.form.get('username'),
request.form.get('password')).authenticate()
request.form.get('password'),
get_db_session()).authenticate()
except InvalidCredentialsError:
return render_template('login.html', alert='Invalid credentials!')
@ -43,7 +56,8 @@ def register():
try:
UserOps(request.form.get('username'),
request.form.get('password')).register()
request.form.get('password'),
get_db_session()).register()
except UserExistsError:
return render_template('register.html', alert='Username already in use.')

View File

@ -1,12 +1,13 @@
from crypto import PasswordHasher
from model import Session, User
from model import User
from errors import InvalidCredentialsError, UserExistsError
class UserOps:
def __init__(self, username, password):
def __init__(self, username, password, db_session):
self.username = username
self.password = password
self.db_session = db_session
def authenticate(self):
"""
@ -16,12 +17,10 @@ class UserOps:
:raises InvalidCredentialsError:
User does not exist or password provided is invalid
"""
with Session() as db:
user = self.db_session.query(User).filter(User.username == self.username).first()
user = db.query(User).filter(User.username == self.username).first()
if not user or not PasswordHasher.verify(self.password, user.passwordhash):
raise InvalidCredentialsError
if not user or not PasswordHasher.verify(self.password, user.passwordhash):
raise InvalidCredentialsError
def register(self):
"""
@ -31,11 +30,10 @@ class UserOps:
:raises UserExistsError:
A user with the provided username already exists
"""
with Session() as db:
if self.db_session.query(User).filter(User.username == self.username).all():
raise UserExistsError
if db.query(User).filter(User.username == self.username).all():
raise UserExistsError
user = User(username=self.username,
passwordhash=PasswordHasher.hash(self.password))
db.add(user)
user = User(username=self.username,
passwordhash=PasswordHasher.hash(self.password))
self.db_session.add(user)
self.db_session.commit()