Spaces:
Sleeping
Sleeping
File size: 3,371 Bytes
720df53 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 | from flask import Flask, render_template, request, redirect, url_for, session, make_response
import sqlite3
from datetime import timedelta
# Flask app setup
app = Flask(__name__)
app.secret_key = "supersecretkey" # Change this to a secure key in production
app.permanent_session_lifetime = timedelta(days=7)
# Helper function to connect to SQLite database
def get_db_connection():
conn = sqlite3.connect("users.db")
conn.row_factory = sqlite3.Row
return conn
# Initialize database with users table
def init_db():
conn = get_db_connection()
conn.execute("""
CREATE TABLE IF NOT EXISTS users (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT UNIQUE NOT NULL,
password TEXT NOT NULL
)
""")
conn.commit()
conn.close()
# Initialize DB at startup
init_db()
# Home page — only accessible if logged in
@app.route("/")
def home():
if "username" in session:
username = session["username"]
last_visit = request.cookies.get("last_visit", "First time visiting!")
return render_template("home.html", username=username, last_visit=last_visit)
return redirect(url_for("login"))
# Signup page
@app.route("/signup", methods=["GET", "POST"])
def signup():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
conn = get_db_connection()
try:
conn.execute("INSERT INTO users (username, password) VALUES (?, ?)", (username, password))
conn.commit()
conn.close()
return redirect(url_for("login"))
except sqlite3.IntegrityError:
return "Username already exists! Try another."
return render_template("signup.html")
# Login page
@app.route("/login", methods=["GET", "POST"])
def login():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
remember = request.form.get("remember")
conn = get_db_connection()
user = conn.execute(
"SELECT * FROM users WHERE username=? AND password=?",
(username, password)
).fetchone()
conn.close()
if user:
session.permanent = (remember == "on")
session["username"] = username
resp = make_response(redirect(url_for("portfolio")))
resp.set_cookie("last_visit", "Welcome back, " + username,
max_age=(7*24*60*60 if remember == "on" else None))
return resp
else:
return "Invalid username or password. Try again."
return render_template("login.html")
# Portfolio page - accessible only if logged in
@app.route("/portfolio")
def portfolio():
username = session.get("username")
if not username:
return redirect(url_for("login"))
return render_template("portfolio.html", username=username)
# Logout route
@app.route("/logout")
def logout():
session.pop("username", None)
resp = make_response(redirect(url_for("login")))
resp.set_cookie("last_visit", "", expires=0)
return resp
# Run the app
if __name__ == "__main__":
app.run(debug=True, host="0.0.0.0", port=5000)
|