diff --git a/.gitignore b/.gitignore index 2af45df..0b07ba6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ venv links.db +password.txt /.vs -/.vscode \ No newline at end of file +/.vscode diff --git a/backend/data.json b/backend/data.json new file mode 100644 index 0000000..9943cb4 --- /dev/null +++ b/backend/data.json @@ -0,0 +1,22 @@ +[ + { + "url": "http://csclub.uwaterloo.ca/", + "name": "CS Club Website" + }, + { + "url": "https://www.instagram.com/uwcsclub/", + "name": "Instagram" + }, + { + "url": "https://www.facebook.com/uw.computerscienceclub", + "name": "Facebook" + }, + { + "url": "http://twitch.tv/uwcsclub", + "name": "Twitch" + }, + { + "url": "http://bit.ly/uwcsclub-yt", + "name": "YouTube" + } +] diff --git a/backend/main.py b/backend/main.py index 3755558..e69b06d 100644 --- a/backend/main.py +++ b/backend/main.py @@ -1,15 +1,22 @@ from flask import Flask, request -app = Flask(__name__) - +from flask_httpauth import HTTPBasicAuth +from werkzeug.security import generate_password_hash, check_password_hash import json import sqlite3 import os DB_PATH = os.path.join(os.path.dirname(__file__), 'links.db') -@app.route('/') -def hello_world(): - return 'Hello from backend!' - +app = Flask(__name__) +auth = HTTPBasicAuth() + +f = open("password.txt","r") +pwd = f.readline().rstrip("\n") +f.close() + +users = { + "admin": generate_password_hash(pwd), +} + def regen_JSON(): """Gets links from DB and outputs them in JSON""" con = sqlite3.connect(DB_PATH) @@ -26,6 +33,47 @@ def regen_JSON(): con.close() return links_json +@auth.verify_password +def verify_password(username, password): + if username in users and \ + check_password_hash(users.get(username), password): + return username + +@app.route('/editor/links', methods = ['POST']) +@auth.login_required +def update_links(): + con = sqlite3.connect(DB_PATH) + cur = con.cursor() + try: + cur.execute("begin") + cur.execute('DELETE FROM links') + + links = [] + data = request.json['links'] + items = 'url', 'name', 'clicks', 'position' + for i in range(len(data)): + if not(all(e in data[i] for e in items)): + return "Bad request, some items missing from link object", 400 + + url = data[i]['url'] + name = data[i]['name'] + clicks = data[i]['clicks'] + position = data[i]['position'] # TODO + + newlink = (url, name, clicks, position) + links.append(newlink) + + cur.executemany('INSERT INTO links VALUES (?,?,?,?)', links) + con.commit() + data = regen_JSON() + outfile = open('data.json', 'w') + print(data, file=outfile) + f.close() + + except: + cur.execute("rollback") + return "done updating links" + @app.route('/clicks', methods=['POST']) def update_clicks(): if ('url' not in request.json or 'name' not in request.json): @@ -41,4 +89,4 @@ def update_clicks(): return 'ok' if __name__ == "__main__": - app.run(debug=True) \ No newline at end of file + app.run(debug=True) diff --git a/backend/requirements.txt b/backend/requirements.txt index 8eb46bc..bc89faa 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -17,3 +17,4 @@ types-typing-extensions==3.7.2 types-Werkzeug==0.1.1 Werkzeug==1.0.1 wrapt==1.12.1 +Flask-HTTPAuth==4.2.0 \ No newline at end of file