module.py

#!/usr/bin/python
# -*- coding: UTF-8 -*-

from datetime import timedelta
from hashlib import sha512
from uuid import uuid4
import os

from flask import Flask
from flask import jsonify
from flask import render_template, send_from_directory 
from flask import request
from flask import session
from flask import url_for
from flask_compress import Compress
from flask_session import Session
from werkzeug import redirect

from functions import pbkdf2
import config

################################################################################

app = Flask( __name__ )
app.config.from_pyfile( 'config.py' )

Compress( app )
Session( app )

debug = os.environ.get( "DEBUG", False )
baseurl = os.environ.get( "BASEURL", "" )

################################################################################
#    Generic routing

@app.route( baseurl + '/ping' )
def ping():
    return "pong"

################################################################################
#    App serving

@app.route( baseurl + '/app/<path>' )
def send_app_files( path ):
    return send_from_directory( 'app', path )

################################################################################
#    Sessions

@app.before_request
def renew_session():
    session.permanent = True
    app.permanent_session_lifetime = timedelta( seconds = config.session_timeout )

@app.route( baseurl + '/logout' )
def logout():
    session.clear()
    return redirect( url_for( 'home' ) )

@app.route( baseurl + '/login' )
def login():
    session.clear()
    
    return render_template( 
        "login.html",
        baseurl = baseurl,
        js = config.cdnjs,
        css = config.cdncss
    )

@app.route( baseurl + '/do_login', methods = [ 'POST' ] )
def do_login():
    q = config.db.query( 'SELECT * FROM users WHERE username = %s', ( request.form.get( "username" ), ) )
    user = q.fetchone()
    
    if user == None:
        return jsonify( {
            'error': False,
            'logged': False
        } )
    
    if pbkdf2( request.form.get( "password" ), user[ 'password' ] ):
        if not user[ 'active' ]:
            session.clear()
            return jsonify( {
                'error': False,
                'logged': False,
                'message': 'Your account is not activated. Please contact an administrator.'
            } )
        
        else:
            session[ 'logged' ] = True
            session[ 'session_id' ] = str( uuid4() )
            session[ 'username' ] = user[ 'username' ]
            return jsonify( {
                'error': False,
                'logged': True,
            } )
    
    else:
        session.clear()
        return jsonify( {
            'error': False,
            'logged': False,
        } )

################################################################################
#    Home page

@app.route( baseurl + '/' )
def home():
    if not 'session_id' in session:
        return redirect( url_for( 'login' ) )
    
    else:
        return render_template( 
            "index.html",
            baseurl = baseurl,
            js = config.cdnjs,
            css = config.cdncss,
            session_timeout = config.session_timeout
        )

################################################################################
#    Main startup

if __name__ == '__main__':
    app.run( debug = debug, host = "0.0.0.0", threaded = True )