Match session scope with request scope, cry with Uncle Bob

solvable/src/webservice/server.py

@@ -1,8 +1,8 @@
 from os import urandom, getenv
 
-from flask import Flask, render_template, request, session, url_for
+from flask import Flask, render_template, request, session, url_for, g
 
-from model import init_db
+from model import init_db, session_factory
 from user_ops import UserOps
 from errors import InvalidCredentialsError, UserExistsError
 
@@ -13,12 +13,25 @@ app.secret_key = urandom(32)
 app.jinja_env.globals.update(get_url=lambda endpoint: f'{BASEURL}{url_for(endpoint)}') # pylint: disable=no-member
 
 
+def get_db_session():
+    if not hasattr(g, 'db_session'):
+        g.db_session = session_factory()
+    return g.db_session
+
+
+@app.teardown_appcontext
+def close_db_session(error):
+    if hasattr(g, 'db_session'):
+        g.db_session.close()
+
+
 @app.route('/', methods=['GET', 'POST'])
 def index():
     if request.method == 'POST':
         try:
             UserOps(request.form.get('username'),
-                    request.form.get('password')).authenticate()
+                    request.form.get('password'), 
+                    get_db_session()).authenticate()
         except InvalidCredentialsError:
             return render_template('login.html', alert='Invalid credentials!')
 
@@ -43,7 +56,8 @@ def register():
 
         try:
             UserOps(request.form.get('username'),
-                    request.form.get('password')).register()
+                    request.form.get('password'),
+                    get_db_session()).register()
         except UserExistsError:
             return render_template('register.html', alert='Username already in use.')
 

solvable/src/webservice/user_ops.py

@@ -1,12 +1,13 @@
 from crypto import PasswordHasher
-from model import Session, User
+from model import User
 from errors import InvalidCredentialsError, UserExistsError
 
 
 class UserOps:
-    def __init__(self, username, password):
+    def __init__(self, username, password, db_session):
         self.username = username
         self.password = password
+        self.db_session = db_session
 
     def authenticate(self):
         """
@@ -16,9 +17,7 @@ class UserOps:
         :raises InvalidCredentialsError:
             User does not exist or password provided is invalid
         """
-        with Session() as db:
+        user = self.db_session.query(User).filter(User.username == self.username).first()
-
-            user = db.query(User).filter(User.username == self.username).first()
 
         if not user or not PasswordHasher.verify(self.password, user.passwordhash):
             raise InvalidCredentialsError
@@ -31,11 +30,10 @@ class UserOps:
         :raises UserExistsError:
             A user with the provided username already exists
         """
-        with Session() as db:
+        if self.db_session.query(User).filter(User.username == self.username).all():
-
-            if db.query(User).filter(User.username == self.username).all():
             raise UserExistsError
 
         user = User(username=self.username,
                     passwordhash=PasswordHasher.hash(self.password))
-            db.add(user)
+        self.db_session.add(user)
+        self.db_session.commit()