Created
September 24, 2021 21:25
-
-
Save dominiksimgen/c2323b378629ffe4b3b873dea09b43e7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# basic 'hello world' server | |
from flask import Flask | |
app = Flask(__name__) | |
@app.route('/') | |
def hello_world(): | |
return 'Hello, World' | |
#export environment variable via terminal: | |
# flask_server % export FLASK_APP=hello.py | |
#start development server via terminal | |
# flask run | |
#to run the server from the IDE, add: | |
if __name__ == "__main__": | |
app.run() | |
# route with variable rules | |
@app.route('/username/<name>') | |
def greet(name): | |
return f"Hello {name}!" | |
# alternative variable rules | |
@app.route('/username') | |
def greet(): | |
return f"Hello {request.args.get('name')}!" | |
# run in debug mode | |
if __name__ == "__main__": | |
app.run(debug=True) | |
# render html with render remplates | |
#the html files need to be stored in a directory called "templates" | |
#any linked files like images or css files need to be stored in the directory "static" | |
from flask import Flask | |
from flask import render_template | |
app = Flask(__name__) | |
@app.route('/') | |
def home(): | |
return render_template('index.html') | |
# redirect | |
... | |
return redirect(url_for('secrets',name="Dominik")) | |
# receive post request from HTML | |
#html | |
<form action="/login" method="post"> | |
<label>Name</label> | |
<input type="text" placeholder="name" name="username"> | |
<label>Password</label> | |
<input type="text" placeholder="password" name="password"> | |
<button type="submit">Ok</button> | |
</form> | |
#Python | |
@app.route('/login', methods=["POST"]) | |
def receive_data(): | |
name = request.form["username"] | |
password = request.form["password"] | |
return f'Name: {name}, Password: {password}' | |
# downloads | |
@app.route('/download') | |
def download(): | |
return send_from_directory('static', filename="files/cheat_sheet.pdf", as_attachment=True) | |
# store password hash | |
from werkzeug.security import generate_password_hash | |
... | |
password=generate_password_hash(request.form.get('password'), method='pbkdf2:sha256', salt_length=8) | |
... | |
# Flask-Login and securing routes | |
# https://flask-login.readthedocs.io/en/latest/#how-it-works | |
from flask_login import UserMixin, login_user, LoginManager, login_required, current_user, logout_user | |
app.config['SECRET_KEY'] = 'any-secret-key-you-choose' | |
login_manager = LoginManager() | |
login_manager.init_app(app) | |
@login_manager.user_loader | |
def load_user(user_id): | |
return User.query.get(int(user_id)) # "User refers to a table in the FLASK Alchemy Database" | |
@app.route('/login', methods=['GET', 'POST']) | |
def login(): | |
if request.method == 'POST': | |
email = request.form.get('email') | |
password = request.form.get('password') | |
user = User.query.filter_by(email=email).first() | |
if check_password_hash(user.password, password): | |
login_user(user) | |
return redirect(url_for('secrets')) | |
return render_template("login.html") | |
@app.route('/secrets') | |
@login_required. # secures the route | |
def secrets(): | |
return render_template("secrets.html", name=current_user.name) | |
@app.route('/logout') | |
def logout(): | |
logout_user() | |
return redirect(url_for('home')) | |
# admin only route via custom decorator | |
from functools import wraps | |
def admin_only(f): | |
@wraps(f) | |
def decorated_function(*args,**kwargs): | |
if ( not current_user.is_authenticated or current_user.id != 1 ): | |
return abort(403) | |
return f(*args,**kwargs) | |
return decorated_function | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment