diff --git a/solvable/src/webservice/server.py b/solvable/src/webservice/server.py index 5004385..2348e13 100644 --- a/solvable/src/webservice/server.py +++ b/solvable/src/webservice/server.py @@ -1,8 +1,8 @@ from os import urandom, getenv -from flask import Flask, render_template, request, session, url_for +from flask import Flask, render_template, request, session, url_for, g -from model import init_db +from model import init_db, session_factory from user_ops import UserOps from errors import InvalidCredentialsError, UserExistsError @@ -13,12 +13,25 @@ app.secret_key = urandom(32) app.jinja_env.globals.update(get_url=lambda endpoint: f'{BASEURL}{url_for(endpoint)}') # pylint: disable=no-member +def get_db_session(): + if not hasattr(g, 'db_session'): + g.db_session = session_factory() + return g.db_session + + +@app.teardown_appcontext +def close_db_session(error): + if hasattr(g, 'db_session'): + g.db_session.close() + + @app.route('/', methods=['GET', 'POST']) def index(): if request.method == 'POST': try: UserOps(request.form.get('username'), - request.form.get('password')).authenticate() + request.form.get('password'), + get_db_session()).authenticate() except InvalidCredentialsError: return render_template('login.html', alert='Invalid credentials!') @@ -43,7 +56,8 @@ def register(): try: UserOps(request.form.get('username'), - request.form.get('password')).register() + request.form.get('password'), + get_db_session()).register() except UserExistsError: return render_template('register.html', alert='Username already in use.') diff --git a/solvable/src/webservice/user_ops.py b/solvable/src/webservice/user_ops.py index 145c12a..aac75cf 100644 --- a/solvable/src/webservice/user_ops.py +++ b/solvable/src/webservice/user_ops.py @@ -1,12 +1,13 @@ from crypto import PasswordHasher -from model import Session, User +from model import User from errors import InvalidCredentialsError, UserExistsError class UserOps: - def __init__(self, username, password): + def __init__(self, username, password, db_session): self.username = username self.password = password + self.db_session = db_session def authenticate(self): """ @@ -16,12 +17,10 @@ class UserOps: :raises InvalidCredentialsError: User does not exist or password provided is invalid """ - with Session() as db: + user = self.db_session.query(User).filter(User.username == self.username).first() - user = db.query(User).filter(User.username == self.username).first() - - if not user or not PasswordHasher.verify(self.password, user.passwordhash): - raise InvalidCredentialsError + if not user or not PasswordHasher.verify(self.password, user.passwordhash): + raise InvalidCredentialsError def register(self): """ @@ -31,11 +30,10 @@ class UserOps: :raises UserExistsError: A user with the provided username already exists """ - with Session() as db: + if self.db_session.query(User).filter(User.username == self.username).all(): + raise UserExistsError - if db.query(User).filter(User.username == self.username).all(): - raise UserExistsError - - user = User(username=self.username, - passwordhash=PasswordHasher.hash(self.password)) - db.add(user) + user = User(username=self.username, + passwordhash=PasswordHasher.hash(self.password)) + self.db_session.add(user) + self.db_session.commit()