It's a simple website developed with pure Python (API), HTML and CSS (design) in order to learn how API's works; Was proposed as test (N1 = first grade), consisting in one of three notes we've the semester of software engineering degree of Católica University in Jaraguá do Sul, Brazil.
For grade N1, we will create user management and a login screen (without using JWT tokens).
You will need to implement:
(There's a file named requirements.py that contains all extensions installed!)
- Database Table(initdb should create the user table):
- The user table should have the following fields:
id;login(must be the email);password;real name;user creation date;status(active/blocked);last update dateof the user.
- The user table should have the following fields:
- Create endpoints to perform CRUD operations on the table:
- When creating the user, the password must be encrypted using a one-way method (it should not be possible to decrypt the password);
- It should NOT be allowed to create users with the same login. When registering, data validation should occur. This validation can happen at the time of data submission, there's no need to validate when leaving the field;
- When registering the user, validation of the login should occur to ensure that the chosen login is an email;
- When creating the user, the user creation date should be filled with the current date;
- When making any changes to the user, the last update date should be filled with the date of the record change (the creation date should remain unchanged);
- Users CANNOT be deleted, only blocked.
- Create a template for user management (the CRUD operations above should be done via a graphical interface):
- Remember that "deletion" will only mark the user as blocked.
- Create a login screen template, so that the user can access the system. It should be available at an endpoint
/login, and accessible from the top navigation bar of the service:- If the user is blocked, login should not be allowed. A message should be displayed on the screen informing the user of the fact;
- If the user is successfully authenticated (login and password are correct), the user should be redirected to a homepage (of your choice);
- For now, other endpoints can be accessed directly, routes will not be protected at this stage of the assignment.
We need a few things to run this simple project, that are:
- Download VScode IDE if you don't have installed;
- Install Python last version or above 3.0 and reboot your pc;
- Install SQLite3 last version or above 3.40.0 and reboot your pc;
- Download the project .zip or clone it with GitHub, extract all folders in one folder of your choice in your PC;
- Inside VScode with the project folder open, click
CTRL + SHIFT + `or type in VScode search bar>Terminal: create new terminaland pressEnter; - With terminal open, install this libraries using the syntax below, just copy and paste in terminal:
- Instead of downloading all libraries by hand, you can change
requirements.pyextension from.pyto.txtand use the commandpip install -r requirements.txtto download all automatic; pip install flask;pip install bcrypt;pip install pysqlite3;pip install flask_dance;pip install flask-email;pip install python-dotenv;pip install flask-session;pip install flask-babel.
- Instead of downloading all libraries by hand, you can change
- Now, just open
main.pyand run it with, to run the server you can use two methods:- You can install the VScode extension Code Runner, with the file open and extension installed, use shortcut
Ctrl + Alt + Nto run; - In the terminal, make sure you are in the right directory and then type:
python main.pyto start server;
- You can install the VScode extension Code Runner, with the file open and extension installed, use shortcut
- The server/application already have a database file with some data (
database.db), but if you want to start from zero, excludedatabase.dbfile and then access the route/initdbto create a new one with all tables and no data inside; - Create a
.envfile with the parameters below:GOOGLE_CLIENT_ID="your_Google_API_id" GOOGLE_CLIENT_SECRET="your_Google_client_secret" GITHUB_CLIENT_ID="your_GitHub_API_id" GITHUB_CLIENT_SECRET="your_GitHub_API_password" MAIL_USERNAME="your_e-mail" MAIL_PASSWORD="your_Google_API_password" - Enjoy exploring!