Skip to content
Snippets Groups Projects
Unverified Commit 928c7c97 authored by Wolfram's avatar Wolfram Committed by GitHub
Browse files

Merge branch 'main' into fabio

parents 3419f057 2b0e7a51
Branches fabio
Tags
1 merge request!1Prototipo del frontend y mejoras de seguridad del servidor.
server/__pycache__/checker.cpython-38.pyc
server/__pycache__/db.cpython-38.pyc
server/__pycache__/utils.cpython-38.pyc
server/librehomework.db
# Generated by Cargo
# will have compiled files and executables
/target/
WixTools
Cargo.lock
......@@ -59,9 +59,7 @@ def args_checker(needs_login):
if not username or not password:
return json({"error": "Missing username or password"})
else:
return json({"error": "Not logged in"})
return await f(request, *args, **kwargs)
return await f(request, *args, **kwargs)
else:
return await f(request, *args, **kwargs)
......
......@@ -14,6 +14,7 @@ async def setup_tables(db):
twitter VARCHAR(16),
bio VARCHAR(50));
""")
async def list_users(db, page):
......@@ -35,6 +36,24 @@ async def add_user(db, username, password, email, discord, twitter, bio):
""", (username, hp[0], hp[1], email, discord, twitter, bio,))
await db.commit()
if q.rowcount == 0:
return False
else:
return True
async def remove_user(db, username, password):
async with db.cursor() as c:
q = await c.execute("""
DELETE FROM users WHERE username = ? AND password = ?
""", (username, utils.hash(password.encode("utf8")),))
await db.commit()
if q.rowcount == 0:
return False
else:
return True
async def login():
......@@ -55,3 +74,36 @@ async def find_user(db, username):
temp.append({"username": row[0], "email": row[1], "discord": row[2], "twitter": row[3], "bio": row[4], "profile_picture": utils.get_gravatar(row[1])})
return temp
async def edit_user(db, username, password, email, discord, twitter, bio):
query = "UPDATE users SET "
args = []
if email:
query += "email = ?, "
args.append(email)
if discord:
query += "discord = ?, "
args.append(discord)
if twitter:
query += "twitter = ?, "
args.append(twitter)
if bio:
query += "bio = ?, "
args.append(bio)
query = query[:-2]
query += " WHERE username = ? AND password = ?"
args.append(username)
args.append(utils.hash(password.encode("utf8")))
async with db.cursor() as c:
q = await c.execute("""
UPDATE users SET email = ?, discord = ?, twitter = ?, bio = ? WHERE username = ? AND password = ?
""", args)
await db.commit()
if q.rowcount == 0:
return False
else:
return True
\ No newline at end of file
......@@ -18,21 +18,51 @@ async def setup_db(app, loop):
@checker.args_checker(False)
async def users(req, page):
users = await database.list_users(app.ctx.db, int(page))
return json({"users": users})
return json(users)
@app.post("/signup")
@checker.args_checker(False)
async def signup(req, arg_list):
await database.add_user(app.ctx.db, arg_list[0], arg_list[1], arg_list[2], arg_list[3], arg_list[4], arg_list[5])
return json({"status":"ok"})
res = await database.add_user(app.ctx.db, arg_list[0], arg_list[1], arg_list[2], arg_list[3], arg_list[4], arg_list[5])
if not res:
return json({"error":"Error creating user in the database. If the error persists please open an issue"})
else:
return json({"status": 200})
@app.post("/remove")
@checker.args_checker(True)
async def remove_user(req):
res = await database.remove_user(app.ctx.db, req.form.get("username"), req.form.get("password"))
if not res:
return json({"error": "Error removing error from database. If username and password are correct please open an issue"})
else:
return json({"status": 200})
@app.get("/find/<username>")
@checker.args_checker(False)
async def find_user(req, username):
user = await database.find_user(app.ctx.db, username)
return json({"user": user})
return json(user)
@app.post("/edit")
@checker.args_checker(True)
async def edit_profile(req):
username = req.form.get("username")
password = req.form.get("password")
email = req.form.get("email")
discord = req.form.get("discord")
twitter = req.form.get("twitter")
bio = req.form.get("bio")
res = await database.edit_profile(app.ctx.db, username, password, email, discord, twitter, bio)
if not res:
return json({"error": "Error editing profile. If username and password are correct please open an issue"})
else:
return json({"status": 200})
app.run(host="0.0.0.0", port=8000, debug=True)
app.run(host="0.0.0.0", port=8000)#, debug=True)
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment