1
0
mirror of https://github.com/avatao-content/test-tutorial-framework synced 2024-12-05 02:41:32 +00:00

Refactor messy global scoped_session from webservice

This commit is contained in:
Kristóf Tóth 2018-04-28 18:25:23 +02:00
parent 42ce7ca511
commit cf464c1987
2 changed files with 35 additions and 21 deletions

View File

@ -1,14 +1,31 @@
from sqlalchemy import Column, Integer, String, create_engine
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import scoped_session, sessionmaker
from sqlalchemy.orm import sessionmaker
from passlib.hash import pbkdf2_sha256
engine = create_engine('sqlite:///db.db', convert_unicode=True)
db_session = scoped_session(sessionmaker(autocommit=False,
autoflush=False,
bind=engine))
class Session:
session = None
def __enter__(self):
self.session = Session.create()
return self.session
@staticmethod
def create():
factory = sessionmaker(autocommit=False,
autoflush=False,
bind=engine)
return factory()
def __exit__(self, exc_type, exc_val, exc_tb):
self.session.close()
Base = declarative_base()
Base.query = db_session.query_property()
class User(Base):

View File

@ -2,7 +2,7 @@ from os import urandom, getenv
from flask import Flask, render_template, request, session, url_for
from model import db_session, init_db, User, PasswordHasher
from model import init_db, User, Session, PasswordHasher
BASEURL = getenv('BASEURL', '')
init_db()
@ -15,19 +15,15 @@ def get_url(endpoint):
app.jinja_env.globals.update(get_url=get_url)
@app.teardown_appcontext
def remove_db_session(exception=None):
db_session.remove()
@app.route('/', methods=['GET', 'POST'])
def index():
if request.method == 'POST':
user = User.query.filter(User.username == request.form['username']).first()
with Session() as db:
user = db.query(User).filter(User.username == request.form['username']).first()
if not user or not PasswordHasher.verify(request.form['password'], user.passwordhash):
return render_template('login.html', alert='Invalid credentials!')
if not user or not PasswordHasher.verify(request.form['password'], user.passwordhash):
return render_template('login.html', alert='Invalid credentials!')
else:
session['logged_in'] = True
session['username'] = request.form['username']
return render_template('internal.html')
@ -40,14 +36,15 @@ def index():
@app.route('/register', methods=['GET', 'POST'])
def register():
if request.method == 'POST':
validate_register_fields(request)
validate_register_fields(request.form.to_dict())
if User.query.filter(User.username == request.form['username']).all():
return render_template('register.html', alert='Username already in use.')
with Session() as db:
if db.query(User).filter(User.username == request.form['username']).all():
return render_template('register.html', alert='Username already in use.')
db_session().add(User(username=request.form['username'],
passwordhash=PasswordHasher.hash(request.form['password'])))
db_session().commit()
db.add(User(username=request.form['username'],
passwordhash=PasswordHasher.hash(request.form['password'])))
db.commit()
return render_template('login.html', success='Account "{}" successfully registered. You can log in now!'.format(request.form['username']))