shopr

Check-in [68cb1d9d07]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Work up DB design for authen
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:68cb1d9d07877581f9ce95fc724f0df0a155d178385e58cb48e62c4cb338f70c
User & Date: vandys 2019-06-19 16:01:31
Context
2019-06-20
16:23
More workup for DB design, acct/list/item org, start building out REST ops. check-in: d3092a3ba5 user: vandys tags: trunk
2019-06-19
16:01
Work up DB design for authen check-in: 68cb1d9d07 user: vandys tags: trunk
2019-06-18
23:00
Clean "fs extras" check-in: 462da1bee0 user: vandys tags: trunk
Changes
Hide Diffs Unified Diffs Show Whitespace Changes Patch

Changes to get.py.

1
2
3
4
5
6
7

8
9
10
11
12
13
14
..
28
29
30
31
32
33
34
















35
36
37
38
39
40
41
#
# get.py
#	Mixin to implement HTML GET operations
#
#	One page webapp
#
import sys

import items

# The GET part of our handling
class GET_mixin(object):

    def __init__(self):

................................................................................
    def send_lists(self):
	if not self.path_match("lists.json"):
	    return False,None

	if not self.authenticated():
	    return True,self.send_error(403)

















    # /<listname>.json[?gen=<number>]
    #
    # Get <listname>'s contents, waiting for new contents if
    #  nothing newer than generation <number> exists yet.
    def send_list(self):
	pp = self.paths
	if (len(pp) != 3) or (pp[0] != 'l'):







>







 







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
..
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#
# get.py
#	Mixin to implement HTML GET operations
#
#	One page webapp
#
import sys
import sqlite3
import items

# The GET part of our handling
class GET_mixin(object):

    def __init__(self):

................................................................................
    def send_lists(self):
	if not self.path_match("lists.json"):
	    return False,None

	if not self.authenticated():
	    return True,self.send_error(403)

	# Assemble all list names
	# (Each will be added for each item; I doubt this will
	#  ever become noticeable, but if so I'll add a distinct
	#  DB table to enumerate lists (and ownership, and members,
	#  and...)
	approot = self.server.approot
	db = sqlite3.connect(approot.dbname)
	c = db.cursor()
	c.execute("select list from items")
	lists = set()
	for tup in c:
	    lists.add(tup[0])

	# Here they are
	return True,self.send_json(lists)

    # /<listname>.json[?gen=<number>]
    #
    # Get <listname>'s contents, waiting for new contents if
    #  nothing newer than generation <number> exists yet.
    def send_list(self):
	pp = self.paths
	if (len(pp) != 3) or (pp[0] != 'l'):

Changes to main.py.

1
2
3
4
5

6
7
8
9
10
11
12
..
13
14
15
16
17
18
19


























20
21
22
23
24
25
26
#
# main.py
#	Main driver for list/swiping service
#
import sys

import chore
from get import GET_mixin
from post import POST_mixin
from put import PUT_mixin
import items

# Tie our various handlers together
................................................................................
class App_Handler(chore.handlers.Chore_Handler,
	GET_mixin, POST_mixin, PUT_mixin):
    def __init__(self, conn, tup, approot):
	chore.handlers.Chore_Handler.__init__(self, conn, tup, approot,
	    (GET_mixin.__init__,
	     POST_mixin.__init__,
	     PUT_mixin.__init__,) )



























# Root of our app server
class App(chore.server.Server):

    def __init__(self, dbn):
	# sqlite3 database file
	self.dbname = dbn





>







 







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







1
2
3
4
5
6
7
8
9
10
11
12
13
..
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
#
# main.py
#	Main driver for list/swiping service
#
import sys
import sqlite3
import chore
from get import GET_mixin
from post import POST_mixin
from put import PUT_mixin
import items

# Tie our various handlers together
................................................................................
class App_Handler(chore.handlers.Chore_Handler,
	GET_mixin, POST_mixin, PUT_mixin):
    def __init__(self, conn, tup, approot):
	chore.handlers.Chore_Handler.__init__(self, conn, tup, approot,
	    (GET_mixin.__init__,
	     POST_mixin.__init__,
	     PUT_mixin.__init__,) )

    # We just use user/pw as args on URL
    #
    # Return True on success, and fill in self.user with this
    #  authenticated name.
    #
    # Yes, passwords in the clear.  This is a personal service, and
    #  I need to recover passwords often, and don't really care if
    #  somebody breaks into the FS and discovers the passwords.
    def authenticated(self):
	self.user = None
	if not self.vals:
	    return False
	u = vals.get("user")
	pw = vals.get("pw")
	if (not u) or (not pw):
	    return False
	db = sqlite3.connect(self.approot.dbname)
	c = cursor()
	c.execute("select uid from users where name=? and pw=?",
	    (u, pw))
	tup = c.find_one()
	if not tup:
	    return False
	self.user = name
	return True

# Root of our app server
class App(chore.server.Server):

    def __init__(self, dbn):
	# sqlite3 database file
	self.dbname = dbn

Changes to mkdb.sql.

1
2
3
4
5
6
7







8
9
10
11
12
13
14
create table users(
    uid integer primary key autoincrement,
    name text,
    pw text,
    unique(name)
);








create table items(
    list text,
    name text,
    idx integer,
    gen integer,
    unique(list,name)
);







>
>
>
>
>
>
>

|





1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
create table users(
    uid integer primary key autoincrement,
    name text,
    pw text,
    unique(name)
);

create table lists(
    lid integer primary key autoincrement,
    owner integer,
    name text,
    unique(owner,name)
);

create table items(
    list integer,
    name text,
    idx integer,
    gen integer,
    unique(list,name)
);