# Static files

There are many ways how to serve static files, but the most convinient and most secure is by using the ``send_from_directory`` function as given below.

In [6]:
from flask import Flask, request, send_from_directory

app = Flask(__name__, static_url_path='/home/codete/workshop/')

@app.route('/images/<path:path>')
def send_js(path):
    return send_from_directory('static', path)

if __name__ == "__main__":
    app.run(host="0.0.0.0")

 * Serving Flask app "__main__" (lazy loading)
 * Environment: production
   Use a production WSGI server instead.
 * Debug mode: off


 * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)


# Model View Controller pattern

Model View Controller is a well-known architecture that is used in almost every web framework. It divide the application into three separate layers, where each is responsible for some totally different:

- model is responsible for the database connection and data manipulation,
- view is responsible for the visible part, in our case we have templates,
- controller is responsible for the business logic (Python code). Django or some other frameworks implement MVC already, but some solutions like Flask allow to implement it, but doesn't have it available from scratch.

![images/mvc.png](images/mvc.png)

# Templates

Templates are used to move the view part of the application into separate files. You can see below that even if you add a small HTML page as the output makes it less readable:

In [None]:
from flask import Flask, request, send_from_directory

app = Flask(__name__)

@app.route('/')
def index():
    return '''
    <html>
        <head>
            <title>Important title</title>
        </head>
        <body>
            Some text goes here
        </body>
    </html>
    '''

if __name__ == "__main__":
    app.run(host="0.0.0.0")

It works, but adding more complex pages and mixing it with your Python code makes it hard to maintain. Especially, if the code that you use is used in many places.

# Django templates

Most templates engines works in a similar way. We have a template HTML file that is rendered by the controller (Python) code. During the rendering we can send variables from the Python code into the template code as shown below. Django use their own template engine, but if you compare it to Jinja or almost any other template engine, you see many similarities. What is important to mention is that most templates are cached after each is generated for the first time. The example below is an example of a form that generated based on the ``formular`` variable got from the controller.

In [None]:
%%writefile addproduct.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
    <form action="/addprodukt" method="post">
        {{  formular.title }}
        <input type="submit" value="Add" />
    </form>
</body>
</html>

A list of products can be generated when we send a list of dictionaries or just model objects to the template. In Django it can be done easily as below. We haven't covered the model part yet, so you need to believe me that the second line get all products from our database and save it to the ``produkt_liste`` variable.

In [None]:
def produkts(request):
    produkt_liste = Produkt.objects.all() # we will come here in the Database notebook
    return render(request, 'produkts.html',{'produktliste':produkt_liste})

The code that can be used in the template engine to loop over the list object and display all products can look as following:

In [None]:
{%  for produkt in produktliste %}

    <div>{{ produkt.title }}</div>

{%  endfor %}

You may see a difference between {{ }} and {% %}. The first one display the content of the variable as a string. The second one is known as tags that can be a for loop, if statement or any other operation done directly within the template code. We have the following tags in Django template engine:

| tag  | description  |
|---|---|
| autoescape  | Controls the current auto-escaping behavior  |
| block  | Defines a block that can be overridden by child templates  |
| comment  | Ignores everything between {% comment %} and {% endcomment %}  |
| csrf_token  | This tag is used for CSRF protection  |
| cycle  | Produces one of its arguments each time this tag is encountered  |
| debug  | Outputs a whole load of debugging information, including the current context and imported modules  |
| extends  | Signals that this template extends a parent template  |
| filter  | Filters the contents of the block through one or more filters  |
| firstof  | Outputs the first argument variable that is not False  |
| for  | Loops over each item in an array  |
| for … empty  | The for tag can take an optional {% empty %} clause whose text is displayed if the given array is empty or could not be found  |
| if  | The {% if %} tag evaluates a variable, and if that variable is “true”  |
| ifchanged  | heck if a value has changed from the last iteration of a loop  |
| include  | Loads a template and renders it with the current context. This is a way of "including" other templates within a template.  |
| load  | Loads a custom template tag set  |
| lorem  | Displays random “lorem ipsum” Latin text.  |
| now  | Displays the current date and/or time, using a format according to the given string.  |
| regroup  | Regroups a list of alike objects by a common attribute.  |
| resetcycle  | Resets a previous cycle so that it restarts from its first item at its next encounter  |
| spaceless  | Removes whitespace between HTML tags  |
| templatetag  | Outputs one of the syntax characters used to compose template tags  |
| url  | Returns an absolute path reference (a URL without the domain name) matching a given view and optional parameters  |
| verbatim  | Stops the template engine from rendering the contents of this block tag  |
| widthratio  | For creating bar charts and such, this tag calculates the ratio of a given value to a maximum value, and then applies that ratio to a constant  |
| with  | Caches a complex variable under a simpler name  |

We have also many filters available in Django as given below.

| filter  | description  |
|---|---|
| add  | Adds the argument to the value  |
| addslashes  | Adds slashes before quotes  |
| capfirst  | Capitalizes the first character of the value  |
| center  | Centers the value in a field of a given width  |
| cut  | Removes all values of arg from the given string  |
| date  | Formats a date according to the given format  |
| default  | If value evaluates to False, uses the given default  |
| default_if_none  | If (and only if) value is None, uses the given default. Otherwise, uses the value  |
| dictsort  | Takes a list of dictionaries and returns that list sorted by the key given in the argument  |
| dictsortreversed  | Takes a list of dictionaries and returns that list sorted in reverse order by the key given in the argument  |
| divisibleby  | Returns True if the value is divisible by the argument  |
| escape  | Escapes a string’s HTML.  |
| escapejs  | Escapes characters for use in JavaScript strings  |
| filesizeformat  | Formats the value like a ‘human-readable’ file size  |
| first  | Returns the first item in a list  |
| floatformat  | When used without an argument, rounds a floating-point number to one decimal place  |
| force_escape  | Applies HTML escaping to a string  |
| get_digit  | Given a whole number, returns the requested digit, where 1 is the right-most digit, 2 is the second-right-most digit, etc.  |
| join  | Joins a list with a string, like Python’s str.join(list)  |
| json_script  | Safely outputs a Python object as JSON, wrapped in a script tag, ready for use with JavaScript  |
| last  | Returns the last item in a list  |
| length  | Returns the length of the value. This works for both strings and lists  |
| length_is  | Returns True if the value’s length is the argument, or False otherwise  |
| linebreaks  | Replaces line breaks in plain text with appropriate HTML  |
| linebreaksbr  | Converts all newlines in a piece of plain text to HTML line breaks  |
| linenumbers  | Displays text with line numbers  |
| ljust  | Left-aligns the value in a field of a given width  |
| lower  | Converts a string into all lowercase  |
| make_list  | Returns the value turned into a list  |
| phone2numeric  | Converts a phone number (possibly containing letters) to its numerical equivalent  |
| pluralize  | Returns a plural suffix if the value is not 1,  |
| random  | Returns a random item from the given list  |
| rjust  | Right-aligns the value in a field of a given width  |
| safe  | Marks a string as not requiring further HTML escaping prior to output. When autoescaping is off, this filter has no effect  |
| safeseq  | Applies the safe filter to each element of a sequence  |
| slice  | Returns a slice of the list  |
| slugify  | Removes characters that aren’t alphanumerics, underscores, or hyphens. Converts to lowercase. Also strips leading and trailing whitespace  |
| stringformat  | Formats the variable according to the argument, a string formatting specifier  |
| striptags  | Makes all possible efforts to strip all HTML tags  |
| time  | Formats a time according to the given format  |
| timesince  | Formats a date as the time since that date  |
| timeuntil  | Similar to timesince, except that it measures the time from now until the given date or datetime  |
| title  | Converts a string into titlecase by making words start with an uppercase character and the remaining characters lowercase  |
| truncatechars  | Truncates a string if it is longer than the specified number of characters  |
| truncatechars_html  | imilar to truncatechars, except that it is aware of HTML tags  |
| truncatewords  | Truncates a string after a certain number of words  |
| truncatewords_html  | Similar to truncatewords, except that it is aware of HTML tags  |
| unordered_list  | Recursively takes a self-nested list and returns an HTML unordered list  |
| upper  | Converts a string into all uppercas  |
| urlencode  | Escapes a value for use in a URL  |
| urlize  | Converts URLs and email addresses in text into clickable links  |
| urlizetrunc  | Converts URLs and email addresses into clickable links just like urlize, but truncates URLs longer than the given character limit  |
| wordcount  | Returns the number of words  |
| wordwrap  | Wraps words at specified line length  |
| yesno  | Maps values for True, False  |


An example of filter is given below

In [None]:
{{ value|lower }}

# Jinja templates

Jinja is based on Django templates and there is hard to find differences. The main difference is that Jinja can be used so in Django as with other framework like Flask. To build a templates-based view with Jinja in Flask we can use the ``render_template`` function:

In [None]:
from flask import request
from flask import Flask, render_template

app = Flask(__name__)

@app.route('/')
def index():
    return render_template('list_grants.html', name="Karol", grants_ids=[0,1,2,3,4,5])

if __name__ == '__main__':
    app.run(host="0.0.0.0")

Where the sample.html can be as:

In [None]:
%%writefile templates/sample.html
<html>
  <head>
    <title>Template Example</title>
  </head>
  <body>
    <div class="container">
      <h2>{{ name }}</h2>
        <div>
          {% for grant_id in grants_ids %}
            {{ grant_id }}
          {% endfor %}
        </div>
    </div>
  </body>
</html>

# Template inheritance

We can use the ``block`` and ``extends`` tags. The first tag is used to define a code part to be added in the extended template. Two templates examples are given below. Template inheritance is used to write less, especially, when we develop similar or same code in many places. It follows the DRY principle.

In [None]:
{% extends "layout.html" %}
{% block content %}
        <div>
          {% for grant_id in grants_ids %}
            {{ grant_id }}
          {% endfor %}
        </div>
{% endblock %}

The layout that is used above can be defined as below:

In [None]:
%%writefile templates/layout.html
<html>
  <head>
    <title>Layout Example</title>
  </head>
  <body>
    <div class="container">
        {% block content %}{% endblock %}
    </div>
  </body>
</html>

#### Exercise 1. Build a grant webpage using Jinja2

It should consist of ``block`` and ``extends`` tags for template inheritance. The following features should be implemented:

- footer should be added to the layouts,
- create one layout that adds with block the following partials: the menu, current page name and the content (below),
- the content can be a list of grants, the grant details page, deletion page.

# Forms with Jinja

We cover the topic of forms in the section dedicated to Databases. Even that, we can build simple forms using just HTML and Jinja to send the form data to the controller. An example of a form where the data is filled using Jinja is given below.

In [None]:
<form action="/addprodukt" method="post">
    <input type="text" name="name" value="{{  formular.name }}"/>
    <input type="submit" value="Add" />
</form>

We can next use the ``request.form`` to get the data from the form we get. We can access the form data

#### Exercise 2. Build a form using Jinja

In this exercise the goal is to build two forms for creating and editing the grant details.

In [None]:
# your code goes here

# Jinja macros

Jinja macros are defined by user functions that can be used many times in the application. An example of a simple macro is given below. To reuse it, just use the ``import`` tag.

In [None]:
%%writefile grants_list.html

{% macro show_grant(grant) %}
    <h3>{{ grant.title }}</h3>
    <span class="date">{{ post.date }}</span>
    {{ post.description }}
{% endmacro %}

<h1>Grants</h1>
{% for grant in grants %}
    {{ show_grant(grant) }}
{% endfor %}

#### Exercise 3. Build a simple macro (helper) to distinguish between PhD grants and Institute grants

Change the above macro and add a new argument of grants, to distinguish if it's a grant for PhD students, PostDocs or University Institutes. Please use the ``if`` and ``elif`` tags.

In [None]:
# your code goes here

# Flat pages

Flask-FlatPages provides a collection of pages to your Flask application. Pages are built from “flat” text files as opposed to a relational database. It consist of a template, markdown and obviously controller. A sample template can be given as below:

In [None]:
%%writefile templates/grant.html
<h2>{{ page.title }}</h2>
<h4>{{ page.date }}</h4>

{{ page.html|safe }}

The markdown could be as below.

In [None]:
%%writefile pages/grant-details.md
title: Grant title#1
date: 2019-08-05

Very **important** grant

Finally, we can set the function to handle the flat pages depending on given path:

In [None]:
from flask import Flask, render_template
from flask_flatpages import FlatPages

FLATPAGES_EXTENSION = '.md'

app = Flask(__name__)
app.config.from_object(__name__)
pages = FlatPages(app)

@app.route('/')
def index():
    return "Hello World"

@app.route('/<path:path>/')
def page(path):
    page = pages.get_or_404(path)
    return render_template('page.html', page=page)

if __name__ == '__main__':
    app.run(host="0.0.0.0")

As see above, we can specify not only int type for the parameter in the path (GET requests), but also other types like path above. The full list of types is given below.

| type  | description  |
|---|---|
| string | (default) accepts any text without a slash |
| int | accepts positive integers |
| float | accepts positive floating point values |
| path | like string but also accepts slashes |
| uuid | accepts UUID strings|

# Flask bootstrap

The bootstrap components allow to easily add style to your frontend. You can check the component styles that are available at:[https://getbootstrap.com/docs/3.3/components/](https://getbootstrap.com/docs/3.3/components/). Please also check the version of the package you have installed as there are two available for version 3 and 4. Below there is one example how we can easily add styling to our application.

In [None]:
from flask_bootstrap import Bootstrap
from flask import Flask, render_template
from flask import request
app = Flask(__name__)
Bootstrap(app)

@app.route('/')
def hello_world():
    return render_template('sample.html')

if __name__ == '__main__':
    app.run(host="0.0.0.0")

The template using the bootstrap styles for the navigation can look as below:

In [None]:
{%- extends "bootstrap/base.html" %}
{% block head %}
{{super()}}
{%- endblock %}

{% block styles -%}
    {{super()}}  {# do not forget to call super or Bootstrap's own stylesheets
                    will disappear! #}
    <link rel="stylesheet" type="text/css"
          href="{{url_for('static', filename='sample-app.css')}}">
{% endblock %}

{% block navbar %}
<nav class="navbar navbar-default">
  <div class="container-fluid">
    <!-- Brand and toggle get grouped for better mobile display -->
    <div class="navbar-header">
      <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
        <span class="sr-only">Toggle navigation</span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
      </button>
      <a class="navbar-brand" href="#">Brand</a>
    </div>

    <!-- Collect the nav links, forms, and other content for toggling -->
    <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
      <ul class="nav navbar-nav">
        <li class="active"><a href="#">Link <span class="sr-only">(current)</span></a></li>
        <li><a href="#">Link</a></li>
        <li class="dropdown">
          <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
          <ul class="dropdown-menu">
            <li><a href="#">Action</a></li>
            <li><a href="#">Another action</a></li>
            <li><a href="#">Something else here</a></li>
            <li role="separator" class="divider"></li>
            <li><a href="#">Separated link</a></li>
            <li role="separator" class="divider"></li>
            <li><a href="#">One more separated link</a></li>
          </ul>
        </li>
      </ul>
      <form class="navbar-form navbar-left">
        <div class="form-group">
          <input type="text" class="form-control" placeholder="Search">
        </div>
        <button type="submit" class="btn btn-default">Submit</button>
      </form>
      <ul class="nav navbar-nav navbar-right">
        <li><a href="#">Link</a></li>
        <li class="dropdown">
          <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Dropdown <span class="caret"></span></a>
          <ul class="dropdown-menu">
            <li><a href="#">Action</a></li>
            <li><a href="#">Another action</a></li>
            <li><a href="#">Something else here</a></li>
            <li role="separator" class="divider"></li>
            <li><a href="#">Separated link</a></li>
          </ul>
        </li>
      </ul>
    </div><!-- /.navbar-collapse -->
  </div><!-- /.container-fluid -->
</nav>
{% endblock %}

#### Exercise 4. Add bootstrap CSS styles

Please take a look at the bootstrap component CSS styles [https://getbootstrap.com/docs/4.3/components/alerts/](https://getbootstrap.com/docs/4.3/components/alerts/) and add the styles to your list of grants and grant detail. Please modify the nav bar to be more appropriate for our example app.

# Error pages customization

Flask does have it's own JSON encoder called ``jsonify``. To customize the error pages, you can use the ``errorhandler`` annotation or using ``abort`` function that returns the given error page.

In [None]:
@app.errorhandler(404)
def page_not_found(e):
    return render_template('404.html')

In [None]:
from flask import abort

@app.route('/')
def hello_world():
    if True:
        abort(404)
    return str(request.base_url)