Verifying username and passwordnow, enter creds in line 102 of backend to test

82192c4f · Santiago Guadiamos · 5e14e0ee · 82192c4f · 82192c4f · 82192c4f
Commit 82192c4f authored 1 year ago by Santiago Guadiamos
--- a/__pycache__/database_api.cpython-311.pyc
+++ b/__pycache__/database_api.cpython-311.pyc
--- a/crisis-react/src/login.jsx
+++ b/crisis-react/src/login.jsx
@@ -4,25 +4,23 @@ import './styles.css';

 //takes in signup information

-async function PostSignInfo(data)
-{
-
-    try 
-    {
-     const respone = await fetch("http://127.0.0.1:5000/login", {
-        method: "POST", // or 'PUT'
-        headers: {
-          "Content-Type": "application/json",
-        },
-        body: JSON.stringify(data),
-      });
-
-    
+async function PostSignInfo(data) {
+
+    try {
+        const respone = await fetch("http://127.0.0.1:5000/login", {
+            method: "POST", // or 'PUT'
+            headers: {
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify(data),
+        });
+
+
    }

    catch (error) {
        console.error("Could not upload signup information successfully", error);
-      }
+    }
 }


@@ -33,7 +31,7 @@ function Login() {
    const handleSubmit = (e) => {
        e.preventDefault();

-         PostSignInfo({ username, password });
+        PostSignInfo({ username, password });


    };
@@ -68,6 +66,9 @@ function Login() {


            </form>
+
+           
+
        </div>



--- a/crisis-react/src/styles.css
+++ b/crisis-react/src/styles.css
@@ -40,8 +40,8 @@ body {
  button {
    width: 100%;
    padding: 10px;
-    background-color: #007bff;
-    color: #fff;
+    background-color: #0068d6;
+    color: #868686;
    border: none;
    border-radius: 5px;
    cursor: pointer;

--- a/crisis_events.db
+++ b/crisis_events.db
--- a/crisis_events_database_metadata.json
+++ b/crisis_events_database_metadata.json
-{"Users": 0, "Collections": 0}
\ No newline at end of file
+{"Users": 1, "Collections": 0}
\ No newline at end of file
--- a/database_api.py
+++ b/database_api.py
@@ -23,6 +23,9 @@ class CrisisEventsDatabase:
    def create_user(self, username: str, password: str):
        raise "Not Implemented"
    
+    def get_user_by_username(self, username: str):
+         raise "Not Implemented"
+    
    def get_collection(self, collection_id:int, user_id: int):
        """
        Returns the collection data if the `user_id` matches in the corresponding `collection_id` entry.

--- a/database_implementation/__pycache__/sqlite_api.cpython-311.pyc
+++ b/database_implementation/__pycache__/sqlite_api.cpython-311.pyc
--- a/database_implementation/sqlite_api.py
+++ b/database_implementation/sqlite_api.py
@@ -67,6 +67,13 @@ class SqliteDatabaseAPI(database_api.CrisisEventsDatabase):
        self._disconnect(connection, cur)
        return user_id

+    def get_user_by_username(self, username: str):
+        connection, cur = self._connect()
+        cur.execute("SELECT * FROM users WHERE user_name == ?;", (username,))
+        result = cur.fetchone()
+        self._disconnect(connection, cur)
+        return result
+    
    def get_collection(self,collection_id:int, user_id: int):
        connection, cur = self._connect()
        cur.execute("SELECT * FROM event_collections WHERE collection_id == ? AND owner_id == ?;", (collection_id,user_id,))

--- a/flask_backend.py
+++ b/flask_backend.py
 from flask import Flask, request, abort
 from flask_cors import CORS
 from database_api import CrisisEventsDatabase
+#from database_implementation import sqlite_api
 from runtime_import import runtime_import
+import hashlib

 app = Flask(__name__)
 #pip install flask-cors
@@ -39,6 +41,29 @@ def login():
     
    data = request.json  # Retrieve JSON data from the request
    print(f'The login data: {data}')
+
+    if 'username' not in data or 'password' not in data:
+        abort(400)
+
+    username = data['username']
+    password = data ['password']
+
+    user_hash = hashlib.md5(password.encode()).digest().hex()
+
+    user_data = database.get_user_by_username(username)
+
+    if user_data is None:
+        #abort(401)  # Unauthorized if user does not exist
+        print(f'Username or password is incorrect: {data}')
+        return 'Username or password is incorrect', 401
+        
+    stored_hash = user_data[2]
+
+    if user_hash != stored_hash:
+        print(f'Password is incorrect: {data}')
+        return 'Incorrect Password', 401
+    
+
    return 'Login successful', 200  # Return a response to indicate success


@@ -74,7 +99,7 @@ def database_service():
 if __name__ == '__main__':
    database = runtime_import("database_implementation/")[0].IMPLEMENTATION()
    database.initialize()
-   # database.create_user("test_user","12345")
+    database.create_user("test_user","12345")
    #database.create_collection(0,"First Collection")
    #database.create_collection(0,"Second Collection")
    #database.create_collection(0,"Third Collection")