Commit 3595d87e authored by lueyuw's avatar lueyuw
Browse files

add user access limit

parents 436594a0 7d98ffb8
......@@ -94,6 +94,7 @@ def create_user():
data = request.get_json()
username = data['username']
print(data)
# make sure username does not exist in db
check_user = connection.execute(
"select * from users where username = ? ", (username,))
......@@ -116,7 +117,6 @@ def create_user():
json.dump(json_data, f)
connection.commit()
flask.redirect('/vue-admin-template/user/login')
return jsonify(True)
......@@ -153,15 +153,12 @@ def validate_login():
@app.route('/user/search', methods=["GET", "POST"])
def search_user():
username = request.args.get('username')
if username is not None:
connection = get_db()
cur = connection.execute(
"select userType from users where username = ?", (username,))
query = cur.fetchall()
print(query)
return jsonify({'userType': query[0]['userType']})
return jsonify(False)
json_data = {}
with open('info.json') as json_file:
json_data = json.load(json_file)
userType = json_data['userType']
return jsonify({'userType': userType})
@ app.route('/message', methods=["POST"])
......@@ -270,30 +267,29 @@ def get_info():
def get_login():
# an example of how to use encryption and decryption on the backend
encrypted_obj = encryptInfo("thisPassword")
decrypted_str = decryptInfo(encrypted_obj[0], encrypted_obj[1])
print(decrypted_str.decode("utf-8"))
# encrypted_obj = encryptInfo("thisPassword")
# decrypted_str = decryptInfo(encrypted_obj[0], encrypted_obj[1])
# print(decrypted_str.decode("utf-8"))
# test
connection = get_db()
username = 'dsbenton'
user_type = 'Patient'
fullname = 'Dejanae Benton'
dob = '07/08/2000'
email = 'dsbenton@umich.edu'
family_admin = 'Rebecca Benton'
filename = ''
password = '111111'
breakpoint()
connection.execute(
"INSERT INTO users VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
(username, user_type, fullname, dob,
email, family_admin, filename, password)
)
test = connection.execute(
"SELECT * FROM users WHERE username=?",
('dsbenton',)
)
return 'Get_login triggered!' + test
# connection = get_db()
# username = 'dsbenton'
# user_type = 'Patient'
# fullname = 'Dejanae Benton'
# dob = '07/08/2000'
# email = 'dsbenton@umich.edu'
# family_admin = 'Rebecca Benton'
# filename = ''
# password = '111111'
# connection.execute(
# "INSERT INTO users VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
# (username, user_type, fullname, dob,
# email, family_admin, filename, password)
# )
# test = connection.execute(
# "SELECT * FROM users WHERE username=?",
# ('dsbenton',)
# )
return 'Get_login triggered!'
if __name__ == '__main__':
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment