shopr

Check-in [68cb1d9d07]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Work up DB design for authen
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:68cb1d9d07877581f9ce95fc724f0df0a155d178385e58cb48e62c4cb338f70c
User & Date: vandys 2019-06-19 16:01:31
Context
2019-06-20
16:23
More workup for DB design, acct/list/item org, start building out REST ops. check-in: d3092a3ba5 user: vandys tags: trunk
2019-06-19
16:01
Work up DB design for authen check-in: 68cb1d9d07 user: vandys tags: trunk
2019-06-18
23:00
Clean "fs extras" check-in: 462da1bee0 user: vandys tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to get.py.

     1      1   #
     2      2   # get.py
     3      3   #	Mixin to implement HTML GET operations
     4      4   #
     5      5   #	One page webapp
     6      6   #
     7      7   import sys
            8  +import sqlite3
     8      9   import items
     9     10   
    10     11   # The GET part of our handling
    11     12   class GET_mixin(object):
    12     13   
    13     14       def __init__(self):
    14     15   
................................................................................
    28     29       def send_lists(self):
    29     30   	if not self.path_match("lists.json"):
    30     31   	    return False,None
    31     32   
    32     33   	if not self.authenticated():
    33     34   	    return True,self.send_error(403)
    34     35   
           36  +	# Assemble all list names
           37  +	# (Each will be added for each item; I doubt this will
           38  +	#  ever become noticeable, but if so I'll add a distinct
           39  +	#  DB table to enumerate lists (and ownership, and members,
           40  +	#  and...)
           41  +	approot = self.server.approot
           42  +	db = sqlite3.connect(approot.dbname)
           43  +	c = db.cursor()
           44  +	c.execute("select list from items")
           45  +	lists = set()
           46  +	for tup in c:
           47  +	    lists.add(tup[0])
           48  +
           49  +	# Here they are
           50  +	return True,self.send_json(lists)
           51  +
    35     52       # /<listname>.json[?gen=<number>]
    36     53       #
    37     54       # Get <listname>'s contents, waiting for new contents if
    38     55       #  nothing newer than generation <number> exists yet.
    39     56       def send_list(self):
    40     57   	pp = self.paths
    41     58   	if (len(pp) != 3) or (pp[0] != 'l'):

Changes to main.py.

     1      1   #
     2      2   # main.py
     3      3   #	Main driver for list/swiping service
     4      4   #
     5      5   import sys
            6  +import sqlite3
     6      7   import chore
     7      8   from get import GET_mixin
     8      9   from post import POST_mixin
     9     10   from put import PUT_mixin
    10     11   import items
    11     12   
    12     13   # Tie our various handlers together
................................................................................
    13     14   class App_Handler(chore.handlers.Chore_Handler,
    14     15   	GET_mixin, POST_mixin, PUT_mixin):
    15     16       def __init__(self, conn, tup, approot):
    16     17   	chore.handlers.Chore_Handler.__init__(self, conn, tup, approot,
    17     18   	    (GET_mixin.__init__,
    18     19   	     POST_mixin.__init__,
    19     20   	     PUT_mixin.__init__,) )
           21  +
           22  +    # We just use user/pw as args on URL
           23  +    #
           24  +    # Return True on success, and fill in self.user with this
           25  +    #  authenticated name.
           26  +    #
           27  +    # Yes, passwords in the clear.  This is a personal service, and
           28  +    #  I need to recover passwords often, and don't really care if
           29  +    #  somebody breaks into the FS and discovers the passwords.
           30  +    def authenticated(self):
           31  +	self.user = None
           32  +	if not self.vals:
           33  +	    return False
           34  +	u = vals.get("user")
           35  +	pw = vals.get("pw")
           36  +	if (not u) or (not pw):
           37  +	    return False
           38  +	db = sqlite3.connect(self.approot.dbname)
           39  +	c = cursor()
           40  +	c.execute("select uid from users where name=? and pw=?",
           41  +	    (u, pw))
           42  +	tup = c.find_one()
           43  +	if not tup:
           44  +	    return False
           45  +	self.user = name
           46  +	return True
    20     47   
    21     48   # Root of our app server
    22     49   class App(chore.server.Server):
    23     50   
    24     51       def __init__(self, dbn):
    25     52   	# sqlite3 database file
    26     53   	self.dbname = dbn

Changes to mkdb.sql.

     1      1   create table users(
     2      2       uid integer primary key autoincrement,
     3      3       name text,
     4      4       pw text,
     5      5       unique(name)
     6      6   );
            7  +
            8  +create table lists(
            9  +    lid integer primary key autoincrement,
           10  +    owner integer,
           11  +    name text,
           12  +    unique(owner,name)
           13  +);
     7     14   
     8     15   create table items(
     9         -    list text,
           16  +    list integer,
    10     17       name text,
    11     18       idx integer,
    12     19       gen integer,
    13     20       unique(list,name)
    14     21   );