In [None]:
################################################################################################################

# EXTERNAL MODULES TO BE USED

################################################################################################################

import pandas as pd
import secrets
import re
import jwt
import datetime
from PIL import Image
from flask import Flask, render_template, redirect, url_for, session, flash, request, jsonify, make_response
from flask_sqlalchemy import SQLAlchemy
from flask_wtf import FlaskForm
from flask_wtf.file import FileField, FileAllowed
from wtforms import StringField, PasswordField, SubmitField, BooleanField, TextAreaField
from wtforms.widgets import TextArea
from wtforms.validators import InputRequired, Email, Length, ValidationError
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user
from flask_bcrypt import Bcrypt
from functools import wraps




app = Flask(__name__)
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SECRET_KEY'] = 'c1155c6a351e49eba15c00ce577b259e'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///database.db'
db = SQLAlchemy(app)
bcrypt = Bcrypt(app)

login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "login"



################################################################################################################

# JWT TOKEN

################################################################################################################

def token_required(f):
    @wraps(f)
    def decorated(*args, **kwargs):
        token = None

        if 'x-access-token' in request.headers:
            token = request.headers['x-access-token']

        if not token:
            return jsonify({'message' : 'Token is missing!'}), 401

        try: 
            data = jwt.decode(token, app.config['SECRET_KEY'])
            current_user = User.query.filter_by(id=data['id']).first()
        except:
            return jsonify({'message' : 'Token is invalid!'}), 401

        return f(current_user, *args, **kwargs)

    return decorated


################################################################################################################

# LOGIN AUTHENTICATION

################################################################################################################

@app.route('/api/login')
def apilogin():
    auth = request.authorization

    if not auth or not auth.username or not auth.password:
        return make_response('Could not verify', 401, {'WWW-Authenticate' : 'Basic realm="Login required!"'})

    user = User.query.filter_by(username=auth.username).first()

    if not user:
        return make_response('Could not verify', 401, {'WWW-Authenticate' : 'Basic realm="Login required!"'})

    if bcrypt.check_password_hash(user.password, auth.password):
        token = jwt.encode({'id' : user.id, 'exp' : datetime.datetime.utcnow() + datetime.timedelta(minutes=30)}, app.config['SECRET_KEY'])
        return jsonify({'token' : token.decode('UTF-8')})

    return make_response('Could not verify', 401, {'WWW-Authenticate' : 'Basic realm="Login required!"'})


################################################################################################################

# CRUD API FOR USER TABLE WITH AUTHENTICATION

################################################################################################################

@app.route('/user', methods=['GET'])
@token_required
def get_all_users(current_user):
    
    if not current_user.role_id == 2:
        return jsonify({'message' : 'No permission!'})
    
    users = User.query.all()

    output = []

    for user in users:
        user_data = {}
        user_data['username'] = user.username
        user_data['email']=user.email
        user_data['password'] = str(user.password)
        user_data['role_id']=user.role_id
        output.append(user_data)

    return jsonify({'users' : output})

@app.route('/user/<id>', methods=['GET'])
@token_required
def get_one_user(current_user, id):

    if not current_user.role_id ==2:
        return jsonify({'message' : 'No permission!'})

    user = User.query.filter_by(id=id).first()

    if not user:
        return jsonify({'message' : 'No user found!'})

    user_data = {}
    user_data['id'] = user.id
    user_data['username'] = user.username
    user_data['email']=user.email
    user_data['password'] = str(user.password)
    user_data['role_id']=user.role_id

    return jsonify({'user' : user_data})

@app.route('/api/register', methods=['POST'])
def apiregister():
    data = request.get_json()
    hashed_password = bcrypt.generate_password_hash(data['password'])
    new_user = User(username=data['username'], email=data['email'], password=hashed_password, role_id=1)
    db.session.add(new_user)
    db.session.commit()
    return jsonify({'message' : 'Registration completed!'})

@app.route('/user/<id>', methods=['POST'])
@token_required
def create_user(current_user, id):
    if not current_user.role_id ==2:
        return jsonify({'message' : 'No permission!'}) 
    data = request.get_json()
    hashed_password = bcrypt.generate_password_hash(data['password'])
    new_user = User(username=data['username'], email=data['email'], password=hashed_password, role_id=1)
    db.session.add(new_user)
    db.session.commit()
    return jsonify({'message' : 'New user created!'})

@app.route('/user/<id>', methods=['PUT'])
@token_required
def promote_user(current_user, id):
    print(current_user)
    if not current_user.role_id ==2:
        return jsonify({'message' : 'No permission!'})

    user = User.query.filter_by(id=id).first()

    if not user:
        return jsonify({'message' : 'No user found!'})

    user.role_id = 2
    db.session.commit()

    return jsonify({'message' : 'The user has been promoted!'})

@app.route('/user/<id>', methods=['DELETE'])
@token_required
def delete_user(current_user, id):
    if not current_user.role_id ==2:
           return jsonify({'message' : 'No permission!'})

    user = User.query.filter_by(id=id).first()

    if not user:
        return jsonify({'message' : 'No user found!'})

    db.session.delete(user)
    db.session.commit()

    return jsonify({'message' : 'The user has been deleted!'})


################################################################################################################

# WEB ROUTES FOR CONTROLLING ACCESS TO TEMPLATE VIEWS

################################################################################################################

@app.route("/")
def index():
    return render_template('index.html')

@app.route("/festivals")
def festivals():
    sqlalchemyObj = db.engine.execute('select * from venues ORDER BY Name')
    venues = []
    for i in sqlalchemyObj:
        venues.append(i)
    # print(venues)
    dataset2 = []
    dict={}
    for i in venues:
        dict['Name'] = i[0]
        dict['Lat'] = i[1]
        dict['Lng'] = i[2]
        dict['Url'] = i[3]
        dict['Img_url'] = i[4]
        dict['Desc'] = i[5]
        # print(i)
        # print(dict)
        dataset2.append(dict.copy()) #markers.append(fld.copy())
    print(dataset2)
    return render_template('festivals.html', entries = dataset2)

@app.route("/dressing")
def dressing():
    return render_template('dressing.html')

@app.route("/contact")
def contact():
    return render_template('contact.html')


################################################################################################################

# WEB ROUTES FOR FESTIVALS

################################################################################################################

@app.route("/1")
def festvial1():
    return render_template('1.html')

@app.route("/2")
def festvial2():
    return render_template('2.html')


################################################################################################################

# WEB ROUTES FOR ARTISTS

################################################################################################################

@app.route("/xinkuzi")
def xinkuzi():
    return render_template('xinkuzi.html')

@app.route("/mozaiyang")
@login_required
def mozaiyang():
    return render_template('mozaiyang.html')

@app.route("/wutiaoren")
@login_required
def wutiaoren():
    return render_template('wutiaoren.html')

@app.route("/masaike")
@login_required
def masaike():
    return render_template('masaike.html')


################################################################################################################

# ERROR HANDLERS

################################################################################################################

@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html'), 404

################################################################################################################

# APPLICATION TEST RUN AT PORT 9002

################################################################################################################

@login_manager.user_loader
def load_user(user_id):
    return User.query.get(int(user_id))


class User(db.Model, UserMixin):
    id = db.Column(db.Integer, primary_key=True)
    username = db.Column(db.String(15), unique=True)
    email = db.Column(db.String(50), unique=True)
    password = db.Column(db.String(80))
    role_id = db.Column(db.Integer)
    bio = db.Column(db.Text)
    image_file = db.Column(db.String(20), nullable=False, default='default.jpg')

class RegisterForm(FlaskForm):
    email = StringField("Email", validators=[InputRequired(), Email(message="Invalid Email"), Length(max=50)], render_kw={"placeholder": "邮箱：example@gmail.com"})
    username = StringField("Username", validators=[InputRequired(), Length(min=4, max=15)], render_kw={"placeholder": "用户名：至少4个字符，至多15个字符"})
    password = PasswordField("Password", validators=[InputRequired(), Length(min=4, max=15)], render_kw={"placeholder": "密码：至少4个字符，至多15个字符"})
    submit = SubmitField("注册")

    def validate_username(self, username):
        existing_user_username = User.query.filter_by(username=username.data).first()
        if existing_user_username:
            raise ValidationError("用户名已存在，请使用其他用户名。")

    def validate_email(self, email):
        existing_user_email = User.query.filter_by(email=email.data).first()
        if existing_user_email:
            raise ValidationError("邮箱已被注册，请使用其他邮箱。")


class LoginForm(FlaskForm):
    username = StringField("Username", validators=[InputRequired(), Length(max=15)], render_kw={"placeholder": "请输入您的用户名"})
    password = PasswordField("Password", validators=[InputRequired(), Length(max=50)], render_kw={"placeholder":  "请输入您的密码"})
    submit = SubmitField("登录")
    
class ProfileForm(FlaskForm):
    username = StringField('Username', validators=[InputRequired(), Length(min=2, max=20)])
    email = StringField("Email", validators=[InputRequired(), Length(max=50)], render_kw={"placeholder": "邮箱：example@gmail.com"})
    profile_body = StringField('Text', widget=TextArea())
    picture = FileField('Update Profile Picture', validators=[FileAllowed(['jpg', 'png'])])
    submit = SubmitField('Update')

class Venues(db.Model):
    __tablename__ = 'venues'
    name = db.Column(db.String(25), primary_key=True)
    Lat = db.Column(db.Float)
    Lng = db.Column(db.Float)
    url = db.Column(db.Text)
    img_url = db.Column(db.Text)
    desc = db.Column(db.Text)
    
    
@app.route('/login', methods=['GET','POST'])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).first()
        if user:
            if bcrypt.check_password_hash(user.password, form.password.data):
                login_user(user)
                return redirect(url_for("index"))
        flash("用户不存在或密码错误")
    return render_template('login.html', title="Login", form=form)


@app.route('/register', methods=['GET','POST'])
def register():
    form = RegisterForm()
    if form.validate_on_submit():
        hashed_password = bcrypt.generate_password_hash(form.password.data)
        new_user = User(username=form.username.data, email=form.email.data, password=hashed_password)
        db.session.add(new_user)
        db.session.commit()
        return redirect(url_for('login'))
    return render_template('register.html', title='Register', form=form)


@app.route('/logout', methods=["GET","POST"])
def logout():
    session.clear()
    logout_user()
    return redirect(url_for('index'))

@app.route("/profile", methods=['GET', 'POST'])
@login_required
def profile():
    form = ProfileForm()
    if form.validate_on_submit():
        if form.picture.data:
            picture_file = save_picture(form.picture.data)
            current_user.image_file = picture_file
        current_user.username = form.username.data
        current_user.email = form.email.data
        current_user.bio = form.profile_body.data
        db.session.commit()
        flash('Your profile has been updated!', 'success')
        return redirect(url_for('profile'))
    elif request.method == 'GET':
        form.username.data = current_user.username
        form.email.data = current_user.email
        if current_user.bio is None:
            current_user.bio = '保持神秘'
        else:
            form.profile_body.data = remove_html_tags(current_user.bio)
        if current_user.image_file is None:
            current_user.image_file = 'default.png'
    image_file = url_for('static', filename='profile_pics/' + current_user.image_file)
    return render_template('profile.html', title='Profile', image_file=image_file, form=form)

def remove_html_tags(text):
    clean = re.compile('<.*?>')
    return re.sub(clean, '', text)


def save_picture(form_picture):
    random_hex = secrets.token_hex(8)
    _, f_ext = os.path.splitext(form_picture.filename)
    picture_fn = random_hex + f_ext
    picture_path = os.path.join(app.root_path, 'static/profile_pics', picture_fn)

    output_size = (100, 100)
    i = Image.open(form_picture)
    i.thumbnail(output_size)
    i.save(picture_path)

    return picture_fn




if __name__ == '__main__':
    app.run('localhost', 8008)

 * Serving Flask app "__main__" (lazy loading)
 * Environment: production
[2m   Use a production WSGI server instead.[0m
 * Debug mode: off


 * Running on http://localhost:8008/ (Press CTRL+C to quit)
127.0.0.1 - - [19/Jan/2022 14:18:52] "[37mGET /user HTTP/1.1[0m" 200 -
[2022-01-19 14:21:41,009] ERROR in app: Exception on /user/2 [GET]
Traceback (most recent call last):
  File "/opt/anaconda3/lib/python3.8/site-packages/flask/app.py", line 2447, in wsgi_app
    response = self.full_dispatch_request()
  File "/opt/anaconda3/lib/python3.8/site-packages/flask/app.py", line 1952, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/opt/anaconda3/lib/python3.8/site-packages/flask/app.py", line 1821, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/opt/anaconda3/lib/python3.8/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/opt/anaconda3/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request
    rv = self.dispatch_request()
  File "/opt/anaconda3/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request
    return sel