WMGZON/controllers/web/user.py

from flask import Blueprint

from flask import render_template, redirect, request, session, flash
from controllers.database.user import UserController
from models.users.user import User
from models.users.customer import Customer
from models.users.seller import Seller
from hashlib import sha512

# Blueprint to append user endpoints to
blueprint = Blueprint("users", __name__)

### LOGIN FUNCTIONALITY
# Function responsible for delivering the Login page for the site
@blueprint.route('/login')
def display_login():
    return render_template('index.html', content="login.html")

# Function responsible for handling logins to the site
@blueprint.post('/login')
def login():
    database = UserController()
    user = database.read(request.form['username'])
    error = None

    # No user found
    if user == None:
        error = "No user found with the username " + request.form['username']
        flash(error)
        return redirect("/login")
    
    # Incorrect Password
    if sha512(request.form['password'].encode()).hexdigest() != user.password:
        error = "Incorrect Password"
        flash(error)
        return redirect("/login")

    session['user_id'] = user.id
    return redirect("/")


### SIGNUP FUNCTIONALITY
# Function responsible for delivering the Signup page for the site
@blueprint.route('/signup')
def display_signup():
    return render_template('index.html', content="signup.html")

# Function responsible for handling signups to the site
@blueprint.post('/signup')
def signup():
    database = UserController()

    # User already exists
    if database.read(request.form['username']) != None:
        error = "User, " + request.form['username'] + " already exists"
        flash(error)
        return redirect("/signup")

    # Signup as Seller or Customer
    if request.form.get('seller'):
        user = Seller(
            request.form['username'],
            sha512(request.form['password'].encode()).hexdigest(), # Hashed as soon as it is recieved on the backend
            request.form['firstname'],
            request.form['lastname'],
            request.form['email'],
            "123"
        )
    else:
        user = Customer(
            request.form['username'],
            sha512(request.form['password'].encode()).hexdigest(), # Hashed as soon as it is recieved on the backend
            request.form['firstname'],
            request.form['lastname'],
            request.form['email'],
            "123"
        )
        
    database.create(user)

    # Code 307 Preserves the original request (POST)
    return redirect("/login", code=307)


### SIGN OUT FUNCTIONALITY
# Function responsible for handling logouts from the site
@blueprint.route('/logout')
def logout():
    # Clear the current user from the session if they are logged in
    session.pop('user_id', None)
    return redirect("/")