org registration and error handling

52711fcc · aebopp · 49d66a1d · 52711fcc · 52711fcc · 52711fcc
Commit 52711fcc authored 4 years ago by aebopp
--- a/servicePoints/templates/accountNotFound.html
+++ b/servicePoints/templates/accountNotFound.html
+<!DOCTYPE html>
+<html>
+  <head>
+      <link rel="stylesheet" type="text/css" href="/css/style.css">
+      <title>ServicePoints</title>
+  </head>
+  <body>
+    <p>
+      The Username or Password You've Entered is Incorrect
+    </p>
+    <form action="/accounts/accountNotFound/" method="post" enctype="multipart/form-data">
+      <input type="submit" name="login" value="Return to Login"/>
+    </form>
+    <form action="/accounts/accountNotFound/" method="post" enctype="multipart/form-data">
+        <input type="submit" name="createAccount" value="Create Account"/>
+    </form>
+  </body>
+</html>
--- a/servicePoints/templates/create.html
+++ b/servicePoints/templates/create.html
@@ -2,9 +2,18 @@
 <html>
 <body>
 <title>ServicePoints</title>
+<p>
+  Want to register an organization with your new account account?
+<a href="/accounts/createOrg/">Register as organization leader</a>
+</p>
  <form action="/accounts/create/" method="post" enctype="multipart/form-data">
    <p>
-      Name
+      Student Organization
+    <input type="text" name="orgName"/>
+    </p>
+    <p>
+      Your Name
    <input type="text" name="fullname"/>
    </p>
    <p>
@@ -15,10 +24,6 @@
      Email
    <input type="text" name="email"/>
    </p>
-    <p>
-      Student Organization
-    <input type="text" name="orgName"/>
-    </p>
    <p>
      Password
    <input type="password" name="password"/>

--- a/servicePoints/templates/createOrg.html
+++ b/servicePoints/templates/createOrg.html
+<!DOCTYPE html>
+<html>
+<body>
+<title>ServicePoints</title>
+<p>
+  Don't want to register a new student organization?
+<a href="/accounts/create/">Register as organization member</a>
+</p>
+  <form action="/accounts/createOrg/" method="post" enctype="multipart/form-data">
+    <p>
+        New Student Organization Name
+      <input type="text" name="orgName"/>
+      </p>
+    <p>
+      Your Name
+    <input type="text" name="fullname"/>
+    </p>
+    <p>
+      Username
+    <input type="text" name="username"/>
+    </p>
+    <p>
+      Email
+    <input type="text" name="email"/>
+    </p>
+    <p>
+      Password
+    <input type="password" name="password"/>
+    </p>
+    <input type="submit" name="signup" value="sign up"/>
+  </form>
+  <p>
+    Have an account?
+  <a href="/accounts/login/">Log in</a>
+  </p>
+</body>
+</html>
--- a/servicePoints/templates/duplicateOrgName.html
+++ b/servicePoints/templates/duplicateOrgName.html
+<!DOCTYPE html>
+<html>
+  <head>
+      <link rel="stylesheet" type="text/css" href="/css/style.css">
+      <title>ServicePoints</title>
+  </head>
+  <body>
+    <p>
+      This organization already exists
+    </p>
+    <form action="/accounts/duplicateOrgName/{{prev}}" method="post" enctype="multipart/form-data">
+      <input type="submit" name="return" value="Return to Create Organization"/>
+    </form>
+  </body>
+</html>
--- a/servicePoints/templates/duplicateUsername.html
+++ b/servicePoints/templates/duplicateUsername.html
+<!DOCTYPE html>
+<html>
+  <head>
+      <link rel="stylesheet" type="text/css" href="/css/style.css">
+      <title>ServicePoints</title>
+  </head>
+  <body>
+    <p>
+      This username is taken
+    </p>
+    <form action="/accounts/duplicateUsername/{{prev}}" method="post" enctype="multipart/form-data">
+      <input type="submit" name="return" value="Return to Create Account"/>
+    </form>
+  </body>
+</html>
--- a/servicePoints/templates/incompleteForm.html
+++ b/servicePoints/templates/incompleteForm.html
+<!DOCTYPE html>
+<html>
+  <head>
+      <link rel="stylesheet" type="text/css" href="/css/style.css">
+      <title>ServicePoints</title>
+  </head>
+  <body>
+    <p>
+      Please fill out all fields of the form
+    </p>
+    <form action="/accounts/incompleteForm/{{prev}}" method="post" enctype="multipart/form-data">
+      <input type="submit" name="return" value="Return"/>
+    </form>
+  </body>
+</html>
--- a/servicePoints/templates/login.html
+++ b/servicePoints/templates/login.html
@@ -5,10 +5,12 @@
    <title>insta485</title>
 </head>
 <body>
-    <h1>
+    <p>
-        <a href="/">/ </a>
+        <a href="/accounts/create/">create student org member account</a>
-        <a href="/accounts/create/">create account</a>
+    </p>
-    </h1>
+    <p>
+        <a href="/accounts/createOrg/">create student org leader account</a>
+    </p>
 </body>

--- a/servicePoints/templates/orgNotFound.html
+++ b/servicePoints/templates/orgNotFound.html
+<!DOCTYPE html>
+<html>
+  <head>
+      <link rel="stylesheet" type="text/css" href="/css/style.css">
+      <title>ServicePoints</title>
+  </head>
+  <body>
+    <p>
+      The Student Organization You've Entered Does Not Exist
+    </p>
+    <form action="/accounts/orgNotFound/" method="post" enctype="multipart/form-data">
+        <input type="submit" name="registerOrg" value="Register Your Organization"/>
+    </form>
+    <form action="/accounts/orgNotFound/" method="post" enctype="multipart/form-data">
+      <input type="submit" name="login" value="Return To Login"/>
+    </form>
+  </body>
+</html>
--- a/servicePoints/views/__pycache__/accounts.cpython-36.pyc
+++ b/servicePoints/views/__pycache__/accounts.cpython-36.pyc
--- a/servicePoints/views/accounts.py
+++ b/servicePoints/views/accounts.py
@@ -22,7 +22,7 @@ def login():
                                    {"who": flask.request.form['username']})
        password_3 = password_1.fetchall()
        if not password_3:
-            flask.abort(403)
+            return flask.redirect(flask.url_for('accountNotFound'))
        password_2 = password_3[0]['password']
        password_4 = password_2.split('$')
        algorithm = password_4[0]
@@ -33,7 +33,7 @@ def login():
        hash_obj.update(password_salted.encode('utf-8'))
        password_hash = hash_obj.hexdigest()
        if p2word != password_hash:
-            flask.abort(403)
+            return flask.redirect(flask.url_for('accountNotFound'))
        flask.session['username'] = flask.request.form['username']
        return flask.redirect(flask.url_for('index'))
    context = {}
@@ -53,39 +53,100 @@ def create():
    if 'username' in flask.session:
        return flask.redirect(flask.url_for('index'))
    if flask.request.method == 'POST':
+        cursor = servicePoints.model.get_db().cursor()
+        name = str(flask.request.form['username'])
+        orgName = str(flask.request.form['orgName'])
+        password = str(flask.request.form['password'])
+        to_add = (name,)
+        to_join = (orgName,)
+        cursor.execute('SELECT * FROM users WHERE username=?', to_add)
+        if cursor.fetchone() is not None:
+            return flask.redirect(flask.url_for('duplicateUsername', prev='create'))
+        cursor.execute('SELECT * FROM orgs WHERE orgName=?', to_join)
+        if cursor.fetchone() is None:
+            return flask.redirect(flask.url_for('orgNotFound'))
+        # If a user tries to create an account with an empty string as the
+        # password, abort(400)
+        if password == '':
+            flask.abort(400)
-        # If a user tries to create an account with an existing username in
-        # the database, abort(409)
        flask.session['username'] = flask.request.form['username']
        flask.session['fullname'] = flask.request.form['fullname']
        flask.session['orgName'] = flask.request.form['orgName']
        flask.session['email'] = flask.request.form['email']
        flask.session['password'] = flask.request.form['password']
+        pw = hash_pass(flask.session['password'])
+        data = (flask.session['username'], flask.session['fullname'],
+                flask.session['email'], flask.session['orgName'],
+                pw)
+        cur = servicePoints.model.get_db()
+        cur.execute("INSERT INTO users(username, fullname, email, orgName, "
+                    "password) VALUES (?, ?, ?, ?, ?)", data)
+        return flask.redirect(flask.url_for('index'))
+    context = {}
+    return render_template('create.html', **context)
+@servicePoints.app.route('/accounts/createOrg/', methods=['GET', 'POST'])
+def createOrg():
+    """Render createOrg page."""
+    # If a user is already logged in, redirect to /accounts/edit/
+    if 'username' in flask.session:
+        return flask.redirect(flask.url_for('index'))
+    if flask.request.method == 'POST':
+        # If a user tries to create an account with an existing username in
+        # the database, abort(409)
        cursor = servicePoints.model.get_db().cursor()
-        name = str(flask.session['username'])
+        name = str(flask.request.form['username'])
+        orgName = str(flask.request.form['orgName'])
        to_add = (name,)
+        to_addOrg = (orgName,)
        cursor.execute('SELECT * FROM users WHERE username=?', to_add)
        if cursor.fetchone() is not None:
-            flask.abort(409)
+            return flask.redirect(flask.url_for('duplicateUsername', prev='createOrg'))
+        cursor.execute('SELECT * FROM orgs WHERE orgName=?', to_addOrg)
+        if cursor.fetchone() is not None:
+            return flask.redirect(flask.url_for('duplicateOrgName', prev='createOrg'))
        # If a user tries to create an account with an empty string as the
        # password, abort(400)
-        if flask.session['password'] == '':
+        if len(str(flask.request.form['password'])) is 0 or len(str(flask.request.form['fullname'])) is 0:
-            flask.abort(400)
+            return flask.redirect(flask.url_for('incompleteForm', prev="createOrg")) 
+        if len(str(flask.request.form['orgName'])) is 0 or len(str(flask.request.form['email'])) is 0:
+            return flask.redirect(flask.url_for('incompleteForm', prev="createOrg")) 
+        if len(str(flask.request.form['username'])) is 0:
+            return flask.redirect(flask.url_for('incompleteForm', prev="createOrg"))
+        flask.session['username'] = flask.request.form['username']
+        flask.session['fullname'] = flask.request.form['fullname']
+        flask.session['orgName'] = flask.request.form['orgName']
+        flask.session['email'] = flask.request.form['email']
+        flask.session['password'] = flask.request.form['password']
        pw = hash_pass(flask.session['password'])
        data = (flask.session['username'], flask.session['fullname'],
                flask.session['email'], flask.session['orgName'],
                pw)
+        orgData = (flask.session['username'], flask.session['orgName'])
        cur = servicePoints.model.get_db()
+        cur.execute("INSERT INTO orgs(username, orgName) VALUES (?, ?)", orgData)
        cur.execute("INSERT INTO users(username, fullname, email, orgName, "
                    "password) VALUES (?, ?, ?, ?, ?)", data)
        return flask.redirect(flask.url_for('index'))
    context = {}
-    return render_template('create.html', **context)
+    return render_template('createOrg.html', **context)
 @servicePoints.app.route('/', methods=['GET', 'POST'])
 def index():
@@ -116,6 +177,48 @@ def delete():
        flask.session.clear()
        cur.execute('DELETE FROM users WHERE username=?', to_add)
-        return flask.redirect(flask.url_for('create'))
+        return flask.redirect(flask.url_for('login'))
    context = {'username': flask.session['username']}
    return render_template('delete.html', **context)
\ No newline at end of file
+@servicePoints.app.route('/accounts/orgNotFound/', methods=['GET', 'POST'])
+def orgNotFound():
+    """Render delete page."""
+    if flask.request.method == 'POST':
+        if 'login' in flask.request.form:
+            return flask.redirect(flask.url_for('login'))
+        if 'registerOrg' in flask.request.form:
+            return flask.redirect(flask.url_for('createOrg'))
+    context = {}
+    return render_template('orgNotFound.html', **context)
+@servicePoints.app.route('/accounts/accountNotFound/', methods=['GET', 'POST'])
+def accountNotFound():
+    if flask.request.method == 'POST':
+        if 'login' in flask.request.form:
+            return flask.redirect(flask.url_for('login'))
+        if 'createAccount' in flask.request.form:
+            return flask.redirect(flask.url_for('create'))
+    context = {}
+    return render_template('accountNotFound.html', **context)
+@servicePoints.app.route('/accounts/duplicateUsername/<prev>', methods=['GET', 'POST'])
+def duplicateUsername(prev):
+    if flask.request.method == 'POST':
+        return flask.redirect(flask.url_for(prev))
+    context = {"prev": prev}
+    return render_template('duplicateUsername.html', **context)
+@servicePoints.app.route('/accounts/duplicateOrgName/', methods=['GET', 'POST'])
+def duplicateOrgName():
+    if flask.request.method == 'POST':
+        return flask.redirect(flask.url_for('createOrg'))
+    context = {}
+    return render_template('duplicateOrgName.html', **context)
+@servicePoints.app.route('/accounts/incompleteForm/<prev>', methods=['GET', 'POST'])
+def incompleteForm(prev):
+    if flask.request.method == 'POST':
+        return flask.redirect(flask.url_for(prev))
+    context = {"prev": prev}
+    return render_template('incompleteForm.html', **context)
--- a/sql/schema.sql
+++ b/sql/schema.sql
@@ -8,3 +8,9 @@ CREATE TABLE users(
 		password VARCHAR(256) NOT NULL,
 	  PRIMARY KEY(username)
 );
+CREATE TABLE orgs(
+	  username VARCHAR(20) NOT NULL,
+	  orgName VARCHAR(40) NOT NULL,
+	  PRIMARY KEY(orgName)
+);
\ No newline at end of file
--- a/var/servicePoints.sqlite3
+++ b/var/servicePoints.sqlite3