-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.py
156 lines (121 loc) · 4.07 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
import pymysql
from flask import Flask, render_template, request, redirect, url_for, session
from flask_session import Session
from Controller import mainController, userController, dbController, reviewProductController, adminController
from password_hashing import encrypt
app = Flask(__name__)
app.config['MYSQL_HOST'] = 'buyadvisordb.ctyxfzfytuey.us-east-1.rds.amazonaws.com'
app.config['MYSQL_USER'] = 'admin'
app.config['MYSQL_PASSWORD'] = 'buyadvisor'
app.config['MYSQL_DB'] = 'buyadvisor'
app.config['PORT'] = 3306
app.config['autocommit'] = True
app.config["SESSION_PERMANENT"] = False
app.config["SESSION_TYPE"] = "filesystem"
app.config['SECRET_KEY'] = 'wZOCYEMqiZDj69v06Pl1KFOYF1gPxENY'
# Configure session management
Session(app)
# Configure DB connection
db = pymysql.connect(
host=app.config['MYSQL_HOST'],
user=app.config['MYSQL_USER'],
password=app.config['MYSQL_PASSWORD'],
db=app.config['MYSQL_DB'],
port=app.config['PORT'],
autocommit=app.config['autocommit']
)
dbController.openDbConnection(db)
def sessionCheck():
try:
if session['email'] is None or 'email' not in session:
return False
except:
return False
return True
@app.route("/")
def index():
dbController.openDbConnection(db)
return render_template("homepage.html")
@app.route("/signIn", methods=['GET', 'POST'])
def signIn():
return mainController.login(request)
@app.route("/register", methods=['GET', 'POST'])
def register():
if request.method == 'POST':
passwordEncrypt = encrypt(request.form['password'])
return userController.register(request.form['firstName'], request.form['lastName'], request.form['email'],
passwordEncrypt)
return mainController.register()
@app.route("/signOut")
def signOut():
mainController.logout()
return redirect("/")
# User Functions
@app.route("/dashboard")
def dashboard():
if not sessionCheck():
return redirect("/")
return reviewProduct()
@app.route("/editProfile", methods=['GET', 'POST'])
def editProfile():
if not sessionCheck():
return redirect("/")
userController.editProfile(request)
return render_template("editProfile.html")
@app.route("/searchHistory", methods=['GET', 'POST'])
def searchHistory():
if not sessionCheck():
return redirect("/")
userController.searchHistory()
return render_template("searchHistory.html")
@app.route("/reviewProduct", methods=['GET', 'POST'])
def reviewProduct():
if not sessionCheck():
return redirect("/")
url = request.values.get('url')
if url:
print(url)
reviewProductController.reviewProduct(url)
return render_template("reviewProduct.html")
# Admin Functions
@app.route("/adminDashboard")
def adminDashboard():
if not sessionCheck():
return redirect("/")
return viewUsers()
@app.route("/viewUsers")
def viewUsers():
if not sessionCheck():
return redirect("/")
adminController.viewUsers()
return render_template("viewUsers.html")
@app.route("/deleteUser", methods=['POST'])
def deleteUser():
if not sessionCheck():
return redirect("/")
if request.method == 'POST':
adminController.deleteUser(request.form['email'])
return redirect(url_for("viewUsers"))
@app.route("/editEmail", methods=['GET', 'POST'])
def editEmail():
if not sessionCheck():
return redirect("/")
if request.method == 'GET':
adminController.editUserEmail(request.args.get('email'))
elif request.method == 'POST':
adminController.updateEmail(request)
return render_template("editEmail.html")
@app.route("/userSearchHistory", methods=['POST'])
def userSearchHistory():
if not sessionCheck():
return redirect("/")
if request.method == 'POST':
adminController.searchHistory(request.form['email'])
return render_template("userSearchHistory.html")
@app.after_request
def add_header(response):
response.cache_control.no_store = True
return response
if __name__ == '__main__':
dbController.openDbConnection(db)
app.run()