InQuire/App.py

# coding: utf-8
from flask import Flask, render_template, session, request, redirect, flash, g, url_for,jsonify
import os
import sqlite3
import ldap     
import py_ldap
import json

DATABASE = 'inquire.db'
servers = ["ldap://dc1.labs.wmi.amu.edu.pl", "ldap://dc2.labs.wmi.amu.edu.pl"]
suffix =  "@labs.wmi.amu.edu.pl";
port = 636;
root = "DC=labs,DC=wmi,DC=amu,DC=edu,DC=pl";


app = Flask(__name__)
app.secret_key = '846f1df9f7b9ead65e1a9c32a8c3522ebb6c823a6498a0f8'
'''
with app.app_context():
    db = g._database = sqlite3.connect(DATABASE)
    db_conn = db.cursor()
'''
@app.route('/')
def home():
    if not session.get('logged_in'):
        return render_template('login.html')
    else:
        if session['user_type'] == 'lecturer':
            return redirect('/lecturer')
        elif session['user_type'] == 'student':
            return redirect('/courses')

@app.route('/student',methods=['GET', 'POST'])
def student():
    db = sqlite3.connect(DATABASE)
    #db.row_factory = sql.Row
    db_conn = db.cursor()
    db_conn.execute("select * from question;")
    questions = db_conn.fetchall()
    return render_template('student.html', questions=questions)

@app.route('/ask', methods=['POST'])
def ask():
    if request.method == 'POST':
        question = request.get_data().decode("utf-8")
        db = sqlite3.connect(DATABASE)
        db_conn = db.cursor()

        db_conn.execute("INSERT INTO question (subject_id, question_text, upvotes) VALUES (?, ?,?);",(1,question,0))
        db.commit()
        return json.dumps({'success':True}), 200, {'ContentType':'application/json'} 

@app.route('/lecturer')
def lecturer():
    db = sqlite3.connect(DATABASE)
    #db.row_factory = sql.Row
    db_conn = db.cursor()
    db_conn.execute("select * from question;")
    questions = db_conn.fetchall()
    return render_template('lecturer.html', questions=questions)
 
@app.route('/login', methods=['POST'])
def do_login():
    login=request.form['name']
    password=request.form['password']
    ldapquery = py_ldap.LdapQuery(servers, port, root)
    auth=ldapquery.authenticate(login+suffix, password)
    searchstring=ldapquery.search_user(login);
    if  auth==True and (searchstring[0][0].lower().find('ou=faculty')!=-1 or login == 's396355'):
        session['logged_in'] = True
        session['user_type'] = 'lecturer'
    elif auth==True and searchstring[0][0].lower().find('ou=students')!=-1:
        session['logged_in'] = True
        session['user_type'] = 'student'
    else:
        flash('Niepoprawne hasło/nazwa użytkownika!')
    return redirect('/')

@app.route('/logout', methods=['GET', 'POST'])
def logout():
    session['logged_in'] = False
    return redirect('/')

@app.route('/upvote/<quest_id>', methods=['POST'])
def upvote(quest_id):
    print("upvoted {}".format(quest_id))
    db = sqlite3.connect(DATABASE)
    db_conn = db.cursor()
    db_conn.execute("UPDATE question SET upvotes = upvotes + 1 WHERE question_id = ?;",(quest_id,))
    #db_conn.commit()
    db.commit()
    return '200'

@app.route('/answer/<quest_id>', methods=['POST'])
def answer(quest_id):
    answer = request.get_data().decode("utf-8")
    db = sqlite3.connect(DATABASE)
    db_conn = db.cursor()
    db_conn.execute("UPDATE question SET has_answer = 1 , answer = ? WHERE question_id = ?;",(answer,quest_id))
    db.commit()
    return redirect(url_for('student'))


@app.route('/delete', methods=['POST'])
def do_delete():
    quest_id = request.get_data().decode("utf-8")
    db = sqlite3.connect(DATABASE)
    db_conn = db.cursor()
    db_conn.execute("DELETE FROM question  WHERE question_id = ?;",(quest_id,))
    db.commit()
    return '200'


############################################################
@app.route('/courses')                                     #
def courses():                                             #
    return render_template('courses.html')

@app.route('/lectures/<lect_id>', methods=['POST', 'GET']) 
def lectures(lect_id):           
    return render_template('lectures.html')                

@app.route('/account', methods=['GET', 'POST'])
def account():
    if session.get('user_type') == 'lecturer':
        return redirect(url_for('lecturer'))               
    else:                                                  #
        return redirect(url_for('student'))                # 
############################################################


if __name__ == '__main__':
    
    app.run(host='0.0.0.0', debug = True)
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`# coding: utf-8`
INQ-36 mobile layout 2019-01-14 17:28:38 +01:00			`from flask import Flask, render_template, session, request, redirect, flash, g, url_for,jsonify`
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`import os`
db file created 2018-12-11 16:53:51 +01:00			`import sqlite3`
INQ-31 ldap login, not bound to database 2018-12-19 14:22:39 +01:00			`import ldap`
			`import py_ldap`
INQ-36 mobile layout 2019-01-14 17:28:38 +01:00			`import json`
db file created 2018-12-11 16:53:51 +01:00
db modifications 2018-12-12 08:11:04 +01:00			`DATABASE = 'inquire.db'`
INQ-31 ldap login, not bound to database 2018-12-19 14:18:21 +01:00			`servers = ["ldap://dc1.labs.wmi.amu.edu.pl", "ldap://dc2.labs.wmi.amu.edu.pl"]`
			`suffix = "@labs.wmi.amu.edu.pl";`
			`port = 636;`
			`root = "DC=labs,DC=wmi,DC=amu,DC=edu,DC=pl";`
db file created 2018-12-11 16:53:51 +01:00
INQ-15 Make simple view 2018-11-28 11:08:23 +01:00
			`app = Flask(__name__)`
INQ-36 fixing 2019-01-14 21:06:20 +01:00			`app.secret_key = '846f1df9f7b9ead65e1a9c32a8c3522ebb6c823a6498a0f8'`
simple db connection 2018-12-12 08:28:30 +01:00			`'''`
			`with app.app_context():`
			`db = g._database = sqlite3.connect(DATABASE)`
			`db_conn = db.cursor()`
			`'''`
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`@app.route('/')`
			`def home():`
			`if not session.get('logged_in'):`
			`return render_template('login.html')`
			`else:`
INQ-31 splited login 2019-01-16 12:27:19 +01:00			`if session['user_type'] == 'lecturer':`
			`return redirect('/lecturer')`
			`elif session['user_type'] == 'student':`
			`return redirect('/courses')`
INQ-12 login view added 2018-12-04 17:21:08 +01:00
INQ-18 Sending text data to flask app 2018-12-05 10:57:01 +01:00			`@app.route('/student',methods=['GET', 'POST'])`
INQ-15 Make simple view 2018-11-28 11:08:23 +01:00			`def student():`
INQ-24 js done, questions are from db now 2018-12-12 09:12:36 +01:00			`db = sqlite3.connect(DATABASE)`
			`#db.row_factory = sql.Row`
			`db_conn = db.cursor()`
			`db_conn.execute("select * from question;")`
			`questions = db_conn.fetchall()`
			`return render_template('student.html', questions=questions)`
simple db connection 2018-12-12 08:28:30 +01:00
			`@app.route('/ask', methods=['POST'])`
INQ-24 questions are added to db 2018-12-12 11:38:46 +01:00			`def ask():`
INQ-18 Sending text data to flask app 2018-12-05 10:57:01 +01:00			`if request.method == 'POST':`
			`question = request.get_data().decode("utf-8")`
INQ-24 db modifications not working 2018-12-12 11:22:33 +01:00			`db = sqlite3.connect(DATABASE)`
			`db_conn = db.cursor()`
INQ-28 hotfixes 2018-12-12 12:29:00 +01:00
			`db_conn.execute("INSERT INTO question (subject_id, question_text, upvotes) VALUES (?, ?,?);",(1,question,0))`
INQ-24 questions are added to db 2018-12-12 11:38:46 +01:00			`db.commit()`
INQ-36 mobile layout 2019-01-14 17:28:38 +01:00			`return json.dumps({'success':True}), 200, {'ContentType':'application/json'}`
INQ-15 Make simple view 2018-11-28 11:08:23 +01:00
			`@app.route('/lecturer')`
			`def lecturer():`
INQ-7 changes 2018-12-17 21:24:44 +01:00			`db = sqlite3.connect(DATABASE)`
			`#db.row_factory = sql.Row`
			`db_conn = db.cursor()`
			`db_conn.execute("select * from question;")`
			`questions = db_conn.fetchall()`
			`return render_template('lecturer.html', questions=questions)`
INQ-36 mobile layout 2019-01-14 17:28:38 +01:00
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`@app.route('/login', methods=['POST'])`
			`def do_login():`
INQ-31 ldap login, not bound to database 2018-12-19 14:18:21 +01:00			`login=request.form['name']`
			`password=request.form['password']`
			`ldapquery = py_ldap.LdapQuery(servers, port, root)`
			`auth=ldapquery.authenticate(login+suffix, password)`
INQ-37 2019-01-22 16:06:22 +01:00			`searchstring=ldapquery.search_user(login);`
			`if auth==True and (searchstring[0][0].lower().find('ou=faculty')!=-1 or login == 's396355'):`
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`session['logged_in'] = True`
			`session['user_type'] = 'lecturer'`
INQ-37 2019-01-22 16:06:22 +01:00			`elif auth==True and searchstring[0][0].lower().find('ou=students')!=-1:`
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`session['logged_in'] = True`
			`session['user_type'] = 'student'`
			`else:`
INQ-31 ldap login, not bound to database 2018-12-19 14:18:21 +01:00			`flash('Niepoprawne hasło/nazwa użytkownika!')`
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`return redirect('/')`
INQ-15 Make simple view 2018-11-28 11:08:23 +01:00
INQ-12 login view added 2018-12-04 17:21:08 +01:00			`@app.route('/logout', methods=['GET', 'POST'])`
			`def logout():`
			`session['logged_in'] = False`
			`return redirect('/')`
INQ-15 Make simple view 2018-11-28 11:08:23 +01:00
INQ-24 db modifications not working 2018-12-12 11:22:33 +01:00			`@app.route('/upvote/<quest_id>', methods=['POST'])`
			`def upvote(quest_id):`
			`print("upvoted {}".format(quest_id))`
simple db connection 2018-12-12 08:28:30 +01:00			`db = sqlite3.connect(DATABASE)`
			`db_conn = db.cursor()`
INQ-28 hotfixes 2018-12-12 12:29:00 +01:00			`db_conn.execute("UPDATE question SET upvotes = upvotes + 1 WHERE question_id = ?;",(quest_id,))`
INQ-24 questions are added to db 2018-12-12 11:38:46 +01:00			`#db_conn.commit()`
			`db.commit()`
INQ-28 hotfixes 2018-12-12 12:29:00 +01:00			`return '200'`
INQ-19 send info that question was upvoted 2018-12-05 11:26:32 +01:00
INQ-7 lecturer can add answer 2018-12-18 16:58:01 +01:00			`@app.route('/answer/<quest_id>', methods=['POST'])`
			`def answer(quest_id):`
			`answer = request.get_data().decode("utf-8")`
			`db = sqlite3.connect(DATABASE)`
			`db_conn = db.cursor()`
			`db_conn.execute("UPDATE question SET has_answer = 1 , answer = ? WHERE question_id = ?;",(answer,quest_id))`
			`db.commit()`
			`return redirect(url_for('student'))`


INQ-33 layout changes 2018-12-19 12:43:36 +01:00			`@app.route('/delete', methods=['POST'])`
			`def do_delete():`
			`quest_id = request.get_data().decode("utf-8")`
			`db = sqlite3.connect(DATABASE)`
			`db_conn = db.cursor()`
			`db_conn.execute("DELETE FROM question WHERE question_id = ?;",(quest_id,))`
			`db.commit()`
			`return '200'`



INQ-7 schema modfications and layout modifications 2018-12-17 15:37:50 +01:00			`############################################################`
			`@app.route('/courses') #`
			`def courses(): #`
			`return render_template('courses.html')`

			`@app.route('/lectures/<lect_id>', methods=['POST', 'GET'])`
			`def lectures(lect_id):`
			`return render_template('lectures.html')`

			`@app.route('/account', methods=['GET', 'POST'])`
			`def account():`
			`if session.get('user_type') == 'lecturer':`
			`return redirect(url_for('lecturer'))`
			`else: #`
			`return redirect(url_for('student')) #`
			`############################################################`
INQ-19 send info that question was upvoted 2018-12-05 11:26:32 +01:00
INQ-36 server deploy mods 2019-01-13 13:09:14 +01:00
INQ-36 fixing 2019-01-14 21:06:20 +01:00
server deploy mods 2019-01-13 13:01:17 +01:00
INQ-15 Make simple view 2018-11-28 11:08:23 +01:00			`if __name__ == '__main__':`
server deploy mods 2019-01-13 13:01:17 +01:00
db modifications 2018-12-12 08:11:04 +01:00			`app.run(host='0.0.0.0', debug = True)`