Added Flask Blueprints to enforce modularity

2025-01-19 20:13:45 +00:00
parent 43d97f638b
commit d3620cc9da
15 changed files with 71 additions and 50 deletions
--- a/.flaskenv
+++ b/.flaskenv
@@ -1,2 +1,2 @@
-FLASK_APP=core.app
+FLASK_APP=core.blueprints.__init__
 FLASK_DEBUG=True
--- a/core/pycache/app.cpython-310.pyc
+++ b/core/pycache/app.cpython-310.pyc
--- a/core/blueprints/init.py
+++ b/core/blueprints/init.py
@@ -0,0 +1,21 @@
+from flask import Flask
+from flask_session import Session
+from core.blueprints.utils import logged_in_user
+
+def create_app():
+    app = Flask(__name__, template_folder="../../ui/templates/")
+    app.config["SECRET_KEY"] = ""
+    app.config["SESSION_PERMANENT"] = False
+    app.config["SESSION_TYPE"] = "filesystem"
+
+    Session(app)
+    app.before_request(logged_in_user)
+
+    with app.app_context():
+        from core.blueprints.authentication import auth_bp
+        from core.blueprints.main import main_bp
+
+        app.register_blueprint(auth_bp)
+        app.register_blueprint(main_bp)
+
+    return app
--- a/core/blueprints/pycache/init.cpython-310.pyc
+++ b/core/blueprints/pycache/init.cpython-310.pyc
--- a/core/blueprints/pycache/app.cpython-310.pyc
+++ b/core/blueprints/pycache/app.cpython-310.pyc
--- a/core/blueprints/pycache/authentication.cpython-310.pyc
+++ b/core/blueprints/pycache/authentication.cpython-310.pyc
--- a/core/blueprints/pycache/main.cpython-310.pyc
+++ b/core/blueprints/pycache/main.cpython-310.pyc
--- a/core/blueprints/pycache/utils.cpython-310.pyc
+++ b/core/blueprints/pycache/utils.cpython-310.pyc
--- a/core/blueprints/authentication.py
+++ b/core/blueprints/authentication.py
@@ -1,52 +1,12 @@
-from flask import Flask, render_template, session, request, url_for, redirect, g
-from flask_session import Session
+from flask import Blueprint, render_template, session, request, url_for, redirect, g
 from werkzeug.security import generate_password_hash, check_password_hash
-from functools import wraps
-
 from core.forms import SignupForm, LoginForm
 from database.database import Database
+from core.blueprints.utils import login_required

-app = Flask(__name__, template_folder="../ui/templates/")
-app.config["SECRET_KEY"] = ""
-app.config["SESSION_PERMANENT"] = False
-app.config["SESSION_TYPE"] = "filesystem"
+auth_bp = Blueprint("auth", __name__)

-Session(app)
-
-@app.before_request
-def logged_in_user():
-    g.user = session.get("username", None)
-    g.admin = session.get("username", None)
-
-def login_required(view):
-    """add at start of routes where users need to be logged in to access"""
-    @wraps(view)
-    def wrapped_view(*args, **kwargs):
-        if g.user is None:
-            return redirect(url_for("login", next=request.url))
-        return view(*args, **kwargs)
-    return wrapped_view
-
-def admin_required(view):
-    """add at start of routes where admins need to be logged in to access"""
-    @wraps(view)
-    def wrapped_view(*args, **kwargs):
-        if g.admin != "admin":
-            return redirect(url_for("login", next=request.url))
-        return view(*args, **kwargs)
-    return wrapped_view
-
-@app.route('/')
-def index():
-    """
-    Home page of the platform
-    
-    Contains a list of some of the streams that are currently live and the most popular categories.
-    """
-
-    return render_template('index.html')
-
-@app.route("/signup", methods=["GET", "POST"])
+@auth_bp.route("/signup", methods=["GET", "POST"])
 def signup():
    form = SignupForm()
    if form.validate_on_submit():
@@ -76,7 +36,7 @@ def signup():
            cursor.execute("""INSERT INTO users (username, password, email, num_followers, isPartenered, bio)
                       VALUES (?, ?, ?, ?, ?, ?);""", (username, generate_password_hash(password), email, 0, 0, "This user does not have a Bio."))
            db.commit_data()
-            return redirect(url_for("login"))
+            return redirect(url_for("auth.login"))


        # Close connection to prevent data leaks
@@ -84,7 +44,7 @@ def signup():

    return render_template("signup.html", form=form)

-@app.route("/login", methods=["GET", "POST"])
+@auth_bp.route("/login", methods=["GET", "POST"])
 def login():
    form = LoginForm()
    if form.validate_on_submit():
@@ -99,14 +59,15 @@ def login():
        # Check if user exists so only users who have signed up can login
        user_exists = cursor.execute("""SELECT * FROM users
                                  WHERE username = ?;""", (username,)).fetchone()
-        db.close_connection()

        if not user_exists:
            form.username.errors.append("Incorrect username or password.")
+            db.close_connection()

        # Check is hashed passwords match to verify the user logging in
        elif not check_password_hash(user_exists["password"], password):
            form.username.errors.append("Incorrect username or password.")
+            db.close_connection()

        else:
            # Create a new session to prevent users from exploiting horizontal access control
@@ -118,12 +79,13 @@ def login():

            # Otherwise return home
            if not next_page:
-                next_page = url_for("index")
+                next_page = url_for("app.index")
+            db.close_connection()
            return redirect(next_page)
        
    return render_template("login.html", form=form)
    
-@app.route("/logout")
+@auth_bp.route("/logout")
@login_required
 def logout():
    session.clear()
--- a/core/blueprints/main.py
+++ b/core/blueprints/main.py
@@ -0,0 +1,14 @@
+from flask import render_template, Blueprint
+
+main_bp = Blueprint("app", __name__)
+
+
+@main_bp.route('/')
+def index():
+    """
+    Home page of the platform
+    
+    Contains a list of some of the streams that are currently live and the most popular categories.
+    """
+    return render_template('index.html')
+
--- a/core/blueprints/utils.py
+++ b/core/blueprints/utils.py
@@ -0,0 +1,24 @@
+from flask import redirect, url_for, request, g, session
+from functools import wraps
+
+def logged_in_user():
+    g.user = session.get("username", None)
+    g.admin = session.get("username", None)
+
+def login_required(view):
+    """add at start of routes where users need to be logged in to access"""
+    @wraps(view)
+    def wrapped_view(*args, **kwargs):
+        if g.user is None:
+            return redirect(url_for("login", next=request.url))
+        return view(*args, **kwargs)
+    return wrapped_view
+
+def admin_required(view):
+    """add at start of routes where admins need to be logged in to access"""
+    @wraps(view)
+    def wrapped_view(*args, **kwargs):
+        if g.admin != "admin":
+            return redirect(url_for("login", next=request.url))
+        return view(*args, **kwargs)
+    return wrapped_view
--- a/database/pycache/database.cpython-310.pyc
+++ b/database/pycache/database.cpython-310.pyc
--- a/database/app.db
+++ b/database/app.db
--- a/flask_session/841e29f4900cf96cfb8ec55c0c598d2c
+++ b/flask_session/841e29f4900cf96cfb8ec55c0c598d2c
--- a/flask_session/bd9d4040a2dcd9c9d4ed85d3dc2d6ba7
+++ b/flask_session/bd9d4040a2dcd9c9d4ed85d3dc2d6ba7