from datetime import date as dt import os import sqlite3 from werkzeug.security import generate_password_hash, check_password_hash class User(): def __init__(self, name, pass_hash=None): self.name = name self.id = 0 self.is_active = True self.is_authenticated = True self.is_anonymous = False self.pass_hash = pass_hash def set_password(self, password): self.pass_hash = generate_password_hash(password) def set_id(self, ident): self.id = ident def check_password(self, password): return check_password_hash(self.pass_hash, password) def get_id(self): return self.id class Database: def __init__(self): self.USER_TABLE_FILE = 'USERS' self.ENTRY_TABLE_FILE = 'ENTRIES' self.DB_DIR = os.path.dirname("./data/") self.setup_db() def connect(self): """Connect to an existing database instance based on the object attributes. """ path = os.path.join(self.DB_DIR, "data.db") return sqlite3.connect(path) def setup_db(self): """Creates a database with tables.""" db = self.connect() crs = db.cursor() query = "CREATE TABLE IF NOT EXISTS " + self.USER_TABLE_FILE + \ "(id INTEGER PRIMARY KEY AUTOINCREMENT," + \ "name CHAR(32) NOT NULL UNIQUE," + \ "password CHAR(32) NOT NULL)" crs.execute(query) query = "CREATE TABLE IF NOT EXISTS " + self.ENTRY_TABLE_FILE + \ "(id INTEGER PRIMARY KEY AUTOINCREMENT," + \ "name CHAR(64) NOT NULL," + \ "date CHAR(4) NOT NULL," + \ "text TEXT NOT NULL," + \ "rating INTEGER NOT NULL," +\ "user_id INTEGER," +\ "reviewed CHAR(10) NOT NULL," +\ "FOREIGN KEY(user_id) REFERENCES " + self.USER_TABLE_FILE + "(id))" crs.execute(query) db.commit() def insert_user(self, user): """Insert a new user into the database. """ if self.check_user_name(user.name) and user.pass_hash is not None: db = self.connect() crs = db.cursor() query = "INSERT INTO " + self.USER_TABLE_FILE + \ "(`name`,`password`)" + \ "VALUES (?, ?) ON CONFLICT DO NOTHING" crs.execute(query, (user.name, user.pass_hash)) db.commit() return crs.lastrowid return None def insert_entry(self, name, date, text, rating, user_id=None): """Insert a new user into the database. """ db = self.connect() crs = db.cursor() reviewed = dt.today().strftime('%Y-%m-%d') query = "INSERT INTO " + self.ENTRY_TABLE_FILE + \ "(`name`,`date`, `text`, `rating`, `user_id`, `reviewed`)" + \ "VALUES (?, ?, ?, ?, ?, ?)" crs.execute(query, (name, date, text, rating, user_id, reviewed)) db.commit() return crs.lastrowid def get_entries(self): db = self.connect() crs = db.cursor() query = "SELECT * FROM " + self.ENTRY_TABLE_FILE crs.execute(query) return crs.fetchall() def check_user_name(self, name): if self.get_user_by_name(name) is None: return True return False def get_entry_by_id(self, ident): db = self.connect() crs = db.cursor() query = "SELECT * FROM " + self.ENTRY_TABLE_FILE + " WHERE id = ?" crs.execute(query, (ident, )) return crs.fetchone() def get_user_by_id(self, ident): db = self.connect() crs = db.cursor() query = "SELECT * FROM " + self.USER_TABLE_FILE + " WHERE id = ?" crs.execute(query, (ident, )) return crs.fetchone() def get_user_by_name(self, name): db = self.connect() crs = db.cursor() query = "SELECT * FROM " + self.USER_TABLE_FILE + " WHERE name = ?" crs.execute(query, (name, )) return crs.fetchone() def db_to_user(self, ident, name, pass_hash): user = User(name, pass_hash) user.set_id(ident) return user