# VEDA Project Setup

This notebook contains the setup instructions for the VEDA project, including directory structure, configurations, and initial code setup.



In [None]:
# Create necessary directories
!mkdir -p app/auth app/main app/templates app/static

# Create necessary files
!touch app/__init__.py app/auth/__init__.py app/main/__init__.py app/models.py
!touch config.py run.py

# Output directory structure
!tree -L 2


# Run Script

The `run.py` file is the entry point for running the Flask application. It creates the application instance and provides a shell context for the Flask CLI.

```python
from app import create_app, db
from app.models import User, Document


In [None]:
from app import create_app, db
from app.models import User, Document, Formula

app = create_app()

@app.shell_context_processor
def make_shell_context():
    return {'db': db, 'User': User, 'Document': Document, 'Formula': Formula}

if __name__ == '__main__':
    app.run()


# Authentication Forms

The `app/auth/forms.py` file contains the WTForms used for user login and registration.

```python
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, BooleanField, SubmitField
from wtforms.validators import DataRequired, Length, Email, EqualTo, ValidationError
from app.models import User
import logging
import re

# Configure logging
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(filename)s - %(lineno)d - %(levelname)s - %(message)s')

class LoginForm(FlaskForm):
    """Form for users to login."""
    username = StringField('Username', validators=[DataRequired(), Length(min=1, max=150)])
    password = PasswordField('Password', validators=[DataRequired()])
    remember_me = BooleanField('Remember Me')
    submit = SubmitField('Login')

class RegistrationForm(FlaskForm):
    """Form for users to create a new account."""
    username = StringField('Username', validators=[DataRequired(), Length(min=1, max=150)])
    email = StringField('Email', validators=[DataRequired(), Email(), Length(max=150)])
    password = PasswordField('Password', validators=[DataRequired(), Length(min=8)])
    password2 = PasswordField('Repeat Password', validators=[DataRequired(), EqualTo('password')])
    submit = SubmitField('Register')

    def validate_username(self, username):
        """Validate that the username is not already in use."""
        user = User.query.filter_by(username=username.data).first()
        if user:
            logging.warning(f"Username already in use: {username.data}")
            raise ValidationError('Username is already in use. Please choose a different one.')

    def validate_email(self, email):
        """Validate that the email is not already in use and matches the correct format."""
        user = User.query.filter_by(email=email.data).first()
        if user:
            logging.warning(f"Email already in use: {email.data}")
            raise ValidationError('Email is already in use. Please use a different email address.')

        email_regex = r'^[a-z0-9]+[\._]?[a-z0-9]+[@]\w+[.]\w+$'
        if not re.match(email_regex, email.data):
            logging.warning(f"Invalid email format: {email.data}")
            raise ValidationError('Invalid email format.')

    def validate_password(self, password):
        """Validate the password strength."""
        if len(password.data) < 8:
            logging.warning("Password too short")
            raise ValidationError('Password must be at least 8 characters long.')

        if not re.search(r"[A-Za-z]", password.data) or not re.search(r"[0-9]", password.data):
            logging.warning("Password too weak")
            raise ValidationError('Password must contain both letters and numbers.')


In [None]:
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, BooleanField, SubmitField
from wtforms.validators import DataRequired, Length, Email, EqualTo, ValidationError
from app.models import User
import logging
import re

# Configure logging
logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(filename)s - %(lineno)d - %(levelname)s - %(message)s')

class LoginForm(FlaskForm):
    """Form for users to login."""
    username = StringField('Username', validators=[DataRequired(), Length(min=1, max=150)])
    password = PasswordField('Password', validators=[DataRequired()])
    remember_me = BooleanField('Remember Me')
    submit = SubmitField('Login')

class RegistrationForm(FlaskForm):
    """Form for users to create a new account."""
    username = StringField('Username', validators=[DataRequired(), Length(min=1, max=150)])
    email = StringField('Email', validators=[DataRequired(), Email(), Length(max=150)])
    password = PasswordField('Password', validators=[DataRequired(), Length(min=8)])
    password2 = PasswordField('Repeat Password', validators=[DataRequired(), EqualTo('password')])
    submit = SubmitField('Register')

    def validate_username(self, username):
        """Validate that the username is not already in use."""
        user = User.query.filter_by(username=username.data).first()
        if user:
            logging.warning(f"Username already in use: {username.data}")
            raise ValidationError('Username is already in use. Please choose a different one.')

    def validate_email(self, email):
        """Validate that the email is not already in use and matches the correct format."""
        user = User.query.filter_by(email=email.data).first()
        if user:
            logging.warning(f"Email already in use: {email.data}")
            raise ValidationError('Email is already in use. Please use a different email address.')

        email_regex = r'^[a-z0-9]+[\._]?[a-z0-9]+[@]\w+[.]\w+$'
        if not re.match(email_regex, email.data):
            logging.warning(f"Invalid email format: {email.data}")
            raise ValidationError('Invalid email format.')

    def validate_password(self, password):
        """Validate the password strength."""
        if len(password.data) < 8:
            logging.warning("Password too short")
            raise ValidationError('Password must be at least 8 characters long.')

        if not re.search(r"[A-Za-z]", password.data) or not re.search(r"[0-9]", password.data):
            logging.warning("Password too weak")
            raise ValidationError('Password must contain both letters and numbers.')


In [None]:
# Authentication Routes

The `app/auth/routes.py` file contains the routes for user login, logout, and registration.

```python
from flask import Blueprint, render_template, redirect, url_for, flash, request
from flask_login import login_user, logout_user, login_required, current_user
from werkzeug.security import generate_password_hash, check_password_hash
from app.models import User, db
from app.auth.forms import LoginForm, RegistrationForm
import logging

auth_blueprint = Blueprint('auth', __name__)

# Configure logging
logging.basicConfig(filename='auth.log', level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')

@auth_blueprint.route('/login', methods=['GET', 'POST'])
def login():
    """
    Handle login requests and validate user credentials.
    Redirects to the main page if the user is already logged in.
    """
    # Redirect if already logged in
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = LoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).first()
        if user is None:
            # Handle case where user doesn't exist
            logging.warning("Invalid username")
            flash('Invalid username or password.', 'danger')
        elif check_password_hash(user.password_hash, form.password.data):
            # Log in the user
            login_user(user, remember=form.remember_me.data)
            logging.info(f"User {user.username} logged in successfully")
            flash('Logged in successfully.', 'success')
            return redirect(url_for('main.index'))
        else:
            # Invalid password
            logging.warning("Invalid password")
            flash('Invalid username or password.', 'danger')
    return render_template('auth/login.html', form=form)

@auth_blueprint.route('/logout')
@login_required
def logout():
    """
    Handle logout requests.
    Logs the user out and redirects to the login page.
    """
    logout_user()
    flash('You have been logged out.', 'success')
    logging.info("User logged out successfully")
    return redirect(url_for('auth.login'))

@auth_blueprint.route('/register', methods=['GET', 'POST'])
def register():
    """
    Handle registration requests.
    Registers a new user if the form is validated.
    """
    # Redirect if already logged in
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = RegistrationForm()
    if form.validate_on_submit():
        hashed_password = generate_password_hash(form.password.data)
        new_user = User(username=form.username.data, email=form.email.data, password_hash=hashed_password)
        db.session.add(new_user)
        db.session.commit()
        flash('Registration successful. You can now log in.', 'success')
        logging.info(f"New user {new_user.username} registered successfully")
        return redirect(url_for('auth.login'))
    return render_template('auth/register.html', form=form)


In [None]:
from flask import Blueprint, render_template, redirect, url_for, flash, request
from flask_login import login_user, logout_user, login_required, current_user
from werkzeug.security import generate_password_hash, check_password_hash
from app.models import User, db
from app.auth.forms import LoginForm, RegistrationForm, ResetPasswordRequestForm, ResetPasswordForm
from app.auth.email import send_password_reset_email, send_confirmation_email
import logging
from itsdangerous import URLSafeTimedSerializer

auth_blueprint = Blueprint('auth', __name__)

# Configure logging
logging.basicConfig(filename='auth.log', level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')

# Token serializer for generating and verifying tokens
serializer = URLSafeTimedSerializer('SECRET_KEY')

@auth_blueprint.route('/login', methods=['GET', 'POST'])
def login():
    """
    Handle login requests and validate user credentials.
    Redirects to the main page if the user is already logged in.
    """
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = LoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).first()
        if user is None or not check_password_hash(user.password_hash, form.password.data):
            logging.warning("Invalid username or password")
            flash('Invalid username or password.', 'danger')
        else:
            login_user(user, remember=form.remember_me.data)
            logging.info(f"User {user.username} logged in successfully")
            flash('Logged in successfully.', 'success')
            return redirect(url_for('main.index'))
    return render_template('auth/login.html', form=form)

@auth_blueprint.route('/logout')
@login_required
def logout():
    """
    Handle logout requests.
    Logs the user out and redirects to the login page.
    """
    logout_user()
    flash('You have been logged out.', 'success')
    logging.info("User logged out successfully")
    return redirect(url_for('auth.login'))

@auth_blueprint.route('/register', methods=['GET', 'POST'])
def register():
    """
    Handle registration requests.
    Registers a new user if the form is validated.
    """
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = RegistrationForm()
    if form.validate_on_submit():
        hashed_password = generate_password_hash(form.password.data)
        new_user = User(username=form.username.data, email=form.email.data, password_hash=hashed_password)
        db.session.add(new_user)
        db.session.commit()
        send_confirmation_email(new_user)
        flash('Registration successful. A confirmation email has been sent.', 'success')
        logging.info(f"New user {new_user.username} registered successfully")
        return redirect(url_for('auth.login'))
    return render_template('auth/register.html', form=form)

@auth_blueprint.route('/confirm/<token>')
def confirm_email(token):
    """
    Confirm user's email address.
    """
    try:
        email = serializer.loads(token, max_age=3600)
    except Exception as e:
        logging.error(f"Invalid or expired token: {e}")
        flash('The confirmation link is invalid or has expired.', 'danger')
        return redirect(url_for('auth.login'))

    user = User.query.filter_by(email=email).first_or_404()
    if user.email_confirmed:
        flash('Account already confirmed. Please login.', 'success')
    else:
        user.email_confirmed = True
        db.session.commit()
        flash('You have confirmed your account. Thanks!', 'success')
    return redirect(url_for('auth.login'))

@auth_blueprint.route('/reset_password_request', methods=['GET', 'POST'])
def reset_password_request():
    """
    Request password reset.
    """
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    form = ResetPasswordRequestForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        if user:
            send_password_reset_email(user)
            flash('Check your email for the instructions to reset your password', 'info')
            logging.info(f"Password reset email sent to {user.email}")
        else:
            flash('No account found with that email address.', 'danger')
    return render_template('auth/reset_password_request.html', form=form)

@auth_blueprint.route('/reset_password/<token>', methods=['GET', 'POST'])
def reset_password(token):
    """
    Reset password using the provided token.
    """
    if current_user.is_authenticated:
        return redirect(url_for('main.index'))

    try:
        email = serializer.loads(token, max_age=3600)
    except Exception as e:
        logging.error(f"Invalid or expired token: {e}")
        flash('The password reset link is invalid or has expired.', 'danger')
        return redirect(url_for('auth.reset_password_request'))

    form = ResetPasswordForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=email).first_or_404()
        user.password_hash = generate_password_hash(form.password.data)
        db.session.commit()
        flash('Your password has been reset.', 'success')
        logging.info(f"User {user.username} has reset their password")
        return redirect(url_for('auth.login'))
    return render_template('auth/reset_password.html', form=form)


# Email Functionality Implementation

## Overview

This section of the VEDA build focuses on implementing email functionalities such as sending password reset and account confirmation emails.

## File: `app/auth/email.py`

This file contains the necessary functions to send emails using Flask-Mail and handle token generation with `itsdangerous`.

```python
from flask_mail import Message
from app import mail, app
from flask import render_template
from itsdangerous import URLSafeTimedSerializer
import logging

# Configure logging
logging.basicConfig(filename='email.log', level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')

# Initialize the serializer for generating secure tokens
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])

def send_email(subject, recipients, text_body, html_body):
    """
    Sends an email with the given subject, recipients, text body, and HTML body.

    Args:
        subject (str): The subject of the email.
        recipients (list): A list of email addresses to send the email to.
        text_body (str): The plain text body of the email.
        html_body (str): The HTML body of the email.
    """
    msg = Message(subject, recipients=recipients)
    msg.body = text_body
    msg.html = html_body
    try:
        mail.send(msg)
        logging.info(f"Email sent to {recipients} with subject: {subject}")
    except Exception as e:
        logging.error(f"Error sending email to {recipients}: {e}")

def send_password_reset_email(user):
    """
    Sends a password reset email to the given user.

    Args:
        user (User): The user object.
    """
    try:
        token = serializer.dumps(user.email)
        send_email(
            'Reset Your Password',
            [user.email],
            render_template('auth/email/reset_password.txt', user=user, token=token),
            render_template('auth/email/reset_password.html', user=user, token=token),
        )
        logging.info(f"Password reset email sent to {user.email}")
    except Exception as e:
        logging.error(f"Error sending password reset email to {user.email}: {e}")

def send_confirmation_email(user):
    """
    Sends a confirmation email to the given user.

    Args:
        user (User): The user object.
    """
    try:
        token = serializer.dumps(user.email)
        send_email(
            'Confirm Your Account',
            [user.email],
            render_template('auth/email/confirm.txt', user=user, token=token),
            render_template('auth/email/confirm.html', user=user, token=token),
        )
        logging.info(f"Confirmation email sent to {user.email}")
    except Exception as e:
        logging.error(f"Error sending confirmation email to {user.email}: {e}")


In [None]:
from flask_mail import Message
from app import mail, app
from flask import render_template
from itsdangerous import URLSafeTimedSerializer
import logging

# Configure logging
logging.basicConfig(filename='email.log', level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')

# Initialize the serializer for generating secure tokens
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])

def send_email(subject, recipients, text_body, html_body):
    """
    Sends an email with the given subject, recipients, text body, and HTML body.

    Args:
        subject (str): The subject of the email.
        recipients (list): A list of email addresses to send the email to.
        text_body (str): The plain text body of the email.
        html_body (str): The HTML body of the email.
    """
    msg = Message(subject, recipients=recipients)
    msg.body = text_body
    msg.html = html_body
    try:
        mail.send(msg)
        logging.info(f"Email sent to {recipients} with subject: {subject}")
    except Exception as e:
        logging.error(f"Error sending email to {recipients}: {e}")

def send_password_reset_email(user):
    """
    Sends a password reset email to the given user.

    Args:
        user (User): The user object.
    """
    try:
        token = serializer.dumps(user.email)
        send_email(
            'Reset Your Password',
            [user.email],
            render_template('auth/email/reset_password.txt', user=user, token=token),
            render_template('auth/email/reset_password.html', user=user, token=token),
        )
        logging.info(f"Password reset email sent to {user.email}")
    except Exception as e:
        logging.error(f"Error sending password reset email to {user.email}: {e}")

def send_confirmation_email(user):
    """
    Sends a confirmation email to the given user.

    Args:
        user (User): The user object.
    """
    try:
        token = serializer.dumps(user.email)
        send_email(
            'Confirm Your Account',
            [user.email],
            render_template('auth/email/confirm.txt', user=user, token=token),
            render_template('auth/email/confirm.html', user=user, token=token),
        )
        logging.info(f"Confirmation email sent to {user.email}")
    except Exception as e:
        logging.error(f"Error sending confirmation email to {user.email}: {e}")


# This file can be empty, it's just to mark the directory as a package


In [None]:
__init__.py