diff --git a/Python/Hacking Scripts Website/Flask-Authentication/.gitignore b/Python/Hacking Scripts Website/Flask-Authentication/.gitignore new file mode 100644 index 000000000..f9429cdfd --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/.gitignore @@ -0,0 +1,3 @@ +users.db +venv +.idea diff --git a/Python/Hacking Scripts Website/Flask-Authentication/Procfile b/Python/Hacking Scripts Website/Flask-Authentication/Procfile new file mode 100644 index 000000000..ca6e941cb --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/Procfile @@ -0,0 +1 @@ +web: gunicorn app:app diff --git a/Python/Hacking Scripts Website/Flask-Authentication/app.py b/Python/Hacking Scripts Website/Flask-Authentication/app.py new file mode 100644 index 000000000..5fef6a7fe --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/app.py @@ -0,0 +1,98 @@ +from flask import Flask, render_template, request, url_for, redirect, flash, send_from_directory +from werkzeug.security import generate_password_hash, check_password_hash +from flask_sqlalchemy import SQLAlchemy +from flask_login import UserMixin, login_user, LoginManager, login_required, current_user, logout_user +import jinja2 +import os + +app = Flask(__name__) + +app.config['SECRET_KEY'] = "secret" +app.config['SQLALCHEMY_DATABASE_URI'] = os.environ.get("DATABASE_URL", "sqlite:///users.db") +app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False +db = SQLAlchemy(app) +login_manager = LoginManager() +login_manager.init_app(app) + + +@login_manager.user_loader +def load_user(user_id): + return User.query.get(int(user_id)) + + +##Create table in data base +class User(UserMixin, db.Model): + id = db.Column(db.Integer, primary_key=True) + email = db.Column(db.String(100), unique=True) + password = db.Column(db.String(100)) + name = db.Column(db.String(1000)) + + +# db.create_all only once +db.create_all() + +@app.route('/') +def home(): + return render_template("index.html", logged_in=current_user.is_authenticated) + + +@app.route('/register', methods=["GET", "POST"]) +def register(): + if request.method == "POST": + data = request.form + if User.query.filter_by(email=data["email"]).first(): + flash("You are already registered,instead Login") + return redirect(url_for("login")) + # Using hashing and salting while creating password + hash_and_salted_password = generate_password_hash( + request.form.get('password'), + method='pbkdf2:sha256', + salt_length=8 + ) + + new_user = User( + email=data["email"], + name=data["name"], + password=hash_and_salted_password + ) + + db.session.add(new_user) + db.session.commit() + login_user(new_user) + return redirect(url_for("secrets", name=new_user.name)) + + return render_template("register.html", logged_in=current_user.is_authenticated) + + +@app.route('/login', methods=["GET", "POST"]) +def login(): + if request.method == "POST": + data = request.form + email = data["email"] + password = data["password"] + user = User.query.filter_by(email=email).first() + # Using flask flash messages for errors + if not user: + flash('Please register first') + return redirect(url_for("login")) + elif not check_password_hash(user.password, password): + flash("Incorrect Password") + return redirect(url_for("login")) + else: + login_user(user) + return redirect(url_for("secrets", name=user.name)) + return render_template("login.html", logged_in=current_user.is_authenticated) + + +@app.route('/secrets/') +def secrets(name): + return render_template("secrets.html", name=name) + + +@app.route('/logout') +def logout(): + return render_template("index.html") + + +if __name__ == "__main__": + app.run(debug=True) diff --git a/Python/Hacking Scripts Website/Flask-Authentication/readme.md b/Python/Hacking Scripts Website/Flask-Authentication/readme.md new file mode 100644 index 000000000..8331952fe --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/readme.md @@ -0,0 +1,4 @@ +# Flask Authentication Page +This app adds users to a website.It uses SQLAlchemy for managing the database(SQLite). +As it is deployed on heroku [here](https://flask-authenticate.herokuapp.com/) , it is using Postgres database. + diff --git a/Python/Hacking Scripts Website/Flask-Authentication/requirements.txt b/Python/Hacking Scripts Website/Flask-Authentication/requirements.txt new file mode 100644 index 000000000..520108bbb --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/requirements.txt @@ -0,0 +1,35 @@ +click==7.1.2 +colorama==0.4.4 +dominate==2.5.2 +Flask==1.1.2 +Flask-Bootstrap==3.3.7.1 +Flask-Login==0.5.0 +Flask-SQLAlchemy==2.4.4 +Flask-WTF==0.14.3 +greenlet==1.1.0 +gunicorn==20.0.4 +itsdangerous==1.1.0 +Jinja2==2.11.2 +MarkupSafe==1.1.1 +SQLAlchemy==1.3.20 +visitor==0.1.3 +Werkzeug==1.0.1 +WTForms==2.3.3 +click==7.1.2 +colorama==0.4.4 +dominate==2.5.2 +Flask==1.1.2 +Flask-Bootstrap==3.3.7.1 +Flask-Login==0.5.0 +Flask-SQLAlchemy==2.4.4 +Flask-WTF==0.14.3 +greenlet==1.1.0 +gunicorn==20.0.4 +itsdangerous==1.1.0 +Jinja2==2.11.2 +MarkupSafe==1.1.1 +psycopg2-binary==2.9.1 +SQLAlchemy==1.3.20 +visitor==0.1.3 +Werkzeug==1.0.1 +WTForms==2.3.3 diff --git a/Python/Hacking Scripts Website/Flask-Authentication/templates/base.html b/Python/Hacking Scripts Website/Flask-Authentication/templates/base.html new file mode 100644 index 000000000..c1c19d5c7 --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/templates/base.html @@ -0,0 +1,42 @@ + + + + + + + + Flask Authentication + + + + + + + + {% block content %} + {% endblock %} + + + \ No newline at end of file diff --git a/Python/Hacking Scripts Website/Flask-Authentication/templates/index.html b/Python/Hacking Scripts Website/Flask-Authentication/templates/index.html new file mode 100644 index 000000000..219ccc293 --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/templates/index.html @@ -0,0 +1,12 @@ +{% extends "base.html" %} +{% block content %} + +
+

Authentication Demo

+ + Login + Register + +
+ +{% endblock %} \ No newline at end of file diff --git a/Python/Hacking Scripts Website/Flask-Authentication/templates/login.html b/Python/Hacking Scripts Website/Flask-Authentication/templates/login.html new file mode 100644 index 000000000..a83f03e09 --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/templates/login.html @@ -0,0 +1,20 @@ +{% extends "base.html" %} +{% block content %} + +
+

Login

+ {% with messages = get_flashed_messages() %} + {% if messages %} + {% for message in messages %} +

{{ message }}

+ {% endfor %} + {% endif %} + {% endwith %} +
+ + + +
+
+ +{% endblock %} \ No newline at end of file diff --git a/Python/Hacking Scripts Website/Flask-Authentication/templates/register.html b/Python/Hacking Scripts Website/Flask-Authentication/templates/register.html new file mode 100644 index 000000000..784490ac4 --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/templates/register.html @@ -0,0 +1,14 @@ +{% extends "base.html" %} +{% block content %} + +
+

Register

+
+ + + + +
+
+ +{% endblock %} \ No newline at end of file diff --git a/Python/Hacking Scripts Website/Flask-Authentication/templates/secrets.html b/Python/Hacking Scripts Website/Flask-Authentication/templates/secrets.html new file mode 100644 index 000000000..2103e19c2 --- /dev/null +++ b/Python/Hacking Scripts Website/Flask-Authentication/templates/secrets.html @@ -0,0 +1,7 @@ +{% extends "base.html" %} +{% block content %} + +
+

Welcome, {{ name }}

+
+{% endblock %} \ No newline at end of file