Commit df78035ac223d3a9ba67866bfd6f5cbf1792ec6c

  • avatar
  • arvind
  • Mon Jun 24 19:38:27 IST 2013
Adding features
  - SweeT store can authenticate users now
  • Diff rendering mode:
  • inline
  • side by side

swtr.py

25PASSWORD = 'default'25PASSWORD = 'default'
26DB_PORT = 2701726DB_PORT = 27017
27DB_HOST = 'localhost'27DB_HOST = 'localhost'
28URL = "http://localhost:5000"
28URL = "http://localhost:5001"
29# create our little application :)29# create our little application :)
30app = Flask(__name__)30app = Flask(__name__)
31app.config.from_object(__name__)31app.config.from_object(__name__)
39 g.collection = db[app.config["COLLECTION_NAME"]]39 g.collection = db[app.config["COLLECTION_NAME"]]
4040
4141
42
43@app.teardown_request42@app.teardown_request
44def close_db(exception):43def close_db(exception):
45 g.connection.disconnect()44 g.connection.disconnect()
137137
138@app.route('/serveUser')138@app.route('/serveUser')
139def serveUser():139def serveUser():
140 session['key'] = conf.SECRET_KEY
141 return render_template('user.html')
140 if "logged_in" in session:
141 print session["logged_in"]
142 session['key'] = conf.SECRET_KEY
143 return render_template('user.html')
144 else:
145 return render_template('login.html', error=None)
142146
143
144@app.route('/user', methods=['POST', "GET"])147@app.route('/user', methods=['POST', "GET"])
145def user():148def user():
146 if request.method == 'POST':149 if request.method == 'POST':
159 for user in collection.find():159 for user in collection.find():
160 users.append(user['user'])160 users.append(user['user'])
161 return render_template("users.html", users=users)161 return render_template("users.html", users=users)
162
163
164@app.route('/authenticate', methods=['POST','GET'])
165def authenticate():
166 if request.method == "POST":
167 response = make_response()
168 db = g.connection[app.config['DATABASE']]
169 collection = db['sweet_users']
170 for i in collection.find():
171 if i['user'] == request.form['user'] and i['key'] == request.form['hash']:
172 response.status_code = 200
173 response.headers['Access-Control-Allow-Origin'] = '*'
174 return response
175 else:
176 response.status_code = 403
177 response.headers['Access-Control-Allow-Origin'] = '*'
178 return response
179 elif request.method == "GET":
180 return app.send_static_file("sweet-authenticate.js")
162181
163182
164def make_list(res):183def make_list(res):

templates/user.html

1<!doctype html>1<!doctype html>
2<head>2<head>
3<script src="{{ url_for('static', filename='sjcl.js') }}" type="text/javascript"></script>
3<!-- <script src="{{ url_for('static', filename='sjcl.js') }}" type="text/javascript"></script> -->
4<script src="http://code.jquery.com/jquery-1.10.1.min.js"></script>4<script src="http://code.jquery.com/jquery-1.10.1.min.js"></script>
5<link rel=stylesheet type=text/css href="{{ url_for('static', filename='bootstrap.min.css') }}">5<link rel=stylesheet type=text/css href="{{ url_for('static', filename='bootstrap.min.css') }}">
6<style type="text/css">6<style type="text/css">
51{51{
52key = {{ session.key| tojson| safe }}52key = {{ session.key| tojson| safe }}
53data = $('#password').val();53data = $('#password').val();
54var hash = sjcl.encrypt(key,data);
55$.post({{ url_for('user')| tojson| safe }}, {'user':$("#user").val(), "key":hash}, function(data){
54$.post({{ url_for('user')| tojson| safe }}, {'user':$("#user").val(), "key":data}, function(data){
56/*TODO: In the UI flash a "check mark", to indicate success.*/55/*TODO: In the UI flash a "check mark", to indicate success.*/
57console.log("Success");56console.log("Success");
58});57});