from flask import Flask, render_template, request, jsonify, abort, redirect, url_for from flask_login import LoginManager , login_required , UserMixin , login_user, current_user, logout_user from forms import LoginForm from services import Services, UserManager from models import User import sqlite3 import re #Setup app = Flask("Project Fish") app.config.from_pyfile('config.py') login_manager = LoginManager() login_manager.login_view = "login" login_manager.init_app(app) sqlpath="sqlite.db" db = sqlite3.connect(sqlpath, check_same_thread=False) services = Services(db) usermanager = UserManager(db) def is_string_sanitized(data): sanitized_string = re.sub('[^a-zA-Z0-9_@#$.\s]', '', data) if len(data) != len(sanitized_string): return False return True @login_manager.user_loader def load_user(user_id): return usermanager.GetUserByID(user_id) @app.route('/') def index(): return render_template("index.html") @app.route("/GetServices", methods=['GET', 'POST']) def GetServices(): nummer = (request.json)["nummer"] if(not is_string_sanitized(nummer)): return abort(401) if(nummer != None and nummer != ""): ser=services.GetServices(nummer) return jsonify(render_template("results.html", services=ser),) ser = services.GetAllServices() return render_template("results.html", services=ser) @app.route('/admin') @login_required def admin(): return render_template("admin.html") @app.route("/logout") @login_required def logout(): logout_user() return render_template("index.html") @app.route('/login' , methods=['GET' , 'POST']) def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] if(not (is_string_sanitized(username) and is_string_sanitized(username))): return abort(401) registeredUser = usermanager.Authenticate(username, password) if registeredUser != None: login_user(registeredUser) return redirect(url_for('admin')) else: return abort(401) else: return render_template("login.html") def RunWeb(): app.run(debug=True)