aji/costapy
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: aji:981192ad69f6c46e043541e40cf8bf174562dec0
Branches Tags
aji:master
aji:system/highlight
aji:system/authsquare
aji:system/bruno
aji:template/sbmodernbiz
aji:system/invlab
aji:template/kiddy
aji:template/prime
aji:bottle
aji:cherrypy
..
compare: aji:6fd242e4c63e834d56a53fb36eb52726254d433d
Branches Tags
aji:system/highlight
aji:system/authsquare
aji:system/bruno
aji:template/sbmodernbiz
aji:master
aji:system/invlab
aji:template/kiddy
aji:template/prime
aji:bottle
aji:cherrypy

No commits in common. "981192ad69f6c46e043541e40cf8bf174562dec0" and "6fd242e4c63e834d56a53fb36eb52726254d433d" have entirely different histories.
981192ad69 ... 6fd242e4c6

18 changed files with 68 additions and 589 deletions
Show Stats Expand all files Collapse all files

82
README.md
View File

@ -1,5 +1,5 @@
# CostaPy
a Python WSGI Web Framework. Build with Bottle and Mako.
Python Web Framework. Build with Bottle and Mako.
## License
@ -20,65 +20,69 @@ GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see https://www.gnu.org/licenses/.
# Getting Starter
## Requirement & Installation
## Requirement
### Clone the repository
You need a `git`, `python`, `pip`, and `venv` before using CostaPy.
Clone the repository with `--recursive` when cloning the repo.
Install them using the following commands on your `Debian` or `Ubuntu` system.
git clone https://gitea.ditaajipratama.net/aji/costapy.git --recursive
```bash
sudo apt update
sudo apt install git python3 python3-venv python3-pip
```
Note that if you forgot the `--recursive` flag you can do:
or you can use the following command to install similar packages using `brew`, the package manager for `macOS`:
git submodule update --init
```bash
brew install git python3
```
Installs Python 3 with `brew`, which includes `python3`, `pip3`, and the `venv` module. If you don't have Homebrew installed on your `macOS`, you can install it first.
Note that when submodules have other submodules you need recursive option.
or go to the [git downloads page](https://git-scm.com/downloads) and a [Python downloads page](https://www.python.org/downloads/) and download the latest version of git Python for `Windows`.
git submodule update --init --recursive
## Installation
### Dependencies
Download from repository
```bash
git clone https://gitea.ditaajipratama.net/aji/costapy.git
```
You need this libraries to use CostaPy:
- bottle
- gunicorn
- beaker
- mako
Go to the directory and install with this command:
You can install it with run this command
```bash
cd costapy
bash install.sh
```
sh install.sh
Use `cat install.sh` if you want to see a completed command.
Here is the completed command
sudo apt-get install -y python3-pip
pip install --upgrade pip
pip install bottle
pip install gunicorn
pip install beaker
pip install mako
## Usage
Use this command below to start the web service and it will run on port `11000` by default
```bash
.venv/bin/python3 costa.py costapy-welcome
```
Here, `costapy-welcome` is the label of your service. You can replace it with any name you prefer.
Use this command to start the web service
## Trivia
python3 costa.py
- Why must `venv`?
You can use nohup too and running it in the background like this
`venv` is a module in Python that provides support for creating lightweight, isolated Python environments, known as virtual environments. Each virtual environment has its own installation directories and can have its own versions of Python packages, independent of the system-wide Python environment.
nohup python3 costa.py &
When deploying a Python application, using a virtual environment ensures that only the required packages (and their specific versions) are bundled. This reduces the risk of deploying unnecessary packages or incompatible versions that could lead to runtime errors.
## Configuration
Using `venv` is a widely accepted best practice in the Python community. It encourages good habits in dependency management, ensuring that projects are self-contained and reducing the potential for "dependency hell."
### Global Variable (config/globalvar.py)
When a project is no longer needed, deleting its virtual environment is straightforward and does not affect other projects or the system's Python environment.
`globalvar.py` is the place for storing your Global Variable.
- Why I add `venv` on my `gitignore`?
`baseurl` </br>
Is the variable for your base URL (without `/` in the end).
Committing `venv` to Git is gross. Virtual environments can contain thousands of files and their size can be in gigabytes. Committing them to Git can overload and clutter your source code repo with unnecessary files and cause confusion for anyone trying to clone and run the source code on their machine.
`title` </br>
Is the variable for your web title.
### Directory (config/directory.py)
`directory.py` is the place for storing your path. It is useful to calling the path more efficiently.
## Handling the modules
Handling the module is in `handler.py`.

11
core/html.py
View File

@ -1,3 +1,4 @@
import sys
import os
class main:
@ -7,10 +8,10 @@ class main:
def get_html(location):
html_dict = {}
html_page_list = os.listdir(location)
html_page_list = os.listdir( location )
for html_page in html_page_list:
full_path = os.path.join(location, html_page)
if os.path.isfile(full_path): # Ensure it's a file, not a directory
with open(full_path, 'r') as html_handle:
html_dict[html_page] = html_handle.read()
full_path = location + "/" + html_page
html_handle = open( full_path , 'r' )
html_raw = html_handle.read()
html_dict[html_page] = html_raw
return html_dict

57
handler.py
View File

@ -14,10 +14,6 @@ import templates.plain.main as template_public
import templates.postcard.main as template_email
import modules.public.home as public_home
import modules.public.register as public_register
import modules.public.notme as public_notme
import modules.public.verify as public_verify
import modules.public.login as public_login
import modules.api.auth as api_auth
@ -32,43 +28,6 @@ def index():
}
return public_home.main().html(params)
@app.route('/register/<roles>')
def index(roles):
params = {
"roles" :roles,
"mako" :{
"website" : template_public.main(directory.page["public"], "register")
}
}
return public_register.register().html(params)
@app.route('/notme', method='GET')
def index():
params = {
"mako" : {
"website" : template_public.main(directory.page["public"], "notme")
}
}
return public_notme.notme().html(params)
@app.route('/verify', method='GET')
def index():
params = {
"mako" : {
"website" : template_public.main(directory.page["public"], "verify")
}
}
return public_verify.verify().html(params)
@app.route('/login')
def index():
params = {
"mako" : {
"website" : template_public.main(directory.page["public"], "login")
}
}
return public_login.login().html(params)
@app.route('/api/auth/register/<roles>', method=['OPTIONS', 'POST'])
def index(roles):
try:
@ -104,33 +63,37 @@ def index():
print(str(e),flush=True)
return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/notme', method=['OPTIONS', 'POST'])
@app.route('/api/auth/notme', method='GET')
def index():
try:
if request.method == 'OPTIONS':
return None
else:
response.content_type = 'application/json'
params = request.json
params["mako" ] = {
params = {
"token" : request.query.token,
"mako" : {
"email" : template_email.main(directory.page["email"], "message")
}
}
return json.dumps(api_auth.auth().notme(params), indent = 2).encode()
except Exception as e:
print(str(e),flush=True)
return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/verify', method=['OPTIONS', 'POST'])
@app.route('/api/auth/verify', method='GET')
def index():
try:
if request.method == 'OPTIONS':
return None
else:
response.content_type = 'application/json'
params = request.json
params["mako" ] = {
params = {
"token" : request.query.token,
"mako" : {
"email" : template_email.main(directory.page["email"], "message")
}
}
return json.dumps(api_auth.auth().verify(params), indent = 2).encode()
except Exception as e:
print(str(e),flush=True)

19
modules/public/home.py
View File

@ -1,8 +1,5 @@
from mako.template import Template
from config import globalvar
from scripts import loggorilla
import procedure.validation as procedure_validation
class main:
@ -10,23 +7,13 @@ class main:
pass
def html(self, params):
APIADDR = "/"
loggorilla.prcss(APIADDR, "Define page parameters")
active_page = "Home"
allowed_roles = [0,1,2,3]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
user = user_validation['data']
return Template(params["mako"]["website"]['index']).render(
title = globalvar.title,
header = globalvar.header,
header = "Welcome to CostaPy",
navbar = Template(params["mako"]["website"]['navbar']).render(
menu = globalvar.menu['public']['navbar'],
user_roles = user['profile']['roles'],
active_page = active_page
user_roles = ["guest"],
active_page = "Home"
),
footer = Template(params["mako"]["website"]['footer']).render(
copyright = globalvar.copyright,

35
modules/public/login.py
View File

@ -1,35 +0,0 @@
from mako.template import Template
from config import globalvar
from scripts import loggorilla
import procedure.validation as procedure_validation
class login:
def __init__(self):
pass
def html(self, params):
APIADDR = "/login"
loggorilla.prcss(APIADDR, "Define page parameters")
active_page = "Login"
allowed_roles = [0]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
user = user_validation['data']
return Template(params["mako"]["website"]['index']).render(
title = globalvar.title,
header = globalvar.header,
navbar = Template(params["mako"]["website"]['navbar']).render(
menu = globalvar.menu['public']['navbar'],
user_roles = user['profile']['roles'],
active_page = active_page
),
footer = Template(params["mako"]["website"]['footer']).render(
copyright = globalvar.copyright,
),
container = Template(params["mako"]["website"]['container']).render()
)

37
modules/public/notme.py
View File

@ -1,37 +0,0 @@
from mako.template import Template
from config import globalvar
from scripts import loggorilla
import procedure.validation as procedure_validation
class notme:
def __init__(self):
pass
def html(self, params):
APIADDR = "/notme"
loggorilla.prcss(APIADDR, "Define page parameters")
active_page = "Not Me"
allowed_roles = [0,1,2,3]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
user = user_validation['data']
return Template(params["mako"]["website"]['index']).render(
title = globalvar.title,
header = globalvar.header,
navbar = Template(params["mako"]["website"]['navbar']).render(
menu = globalvar.menu['public']['navbar'],
user_roles = user['profile']['roles'],
active_page = active_page
),
footer = Template(params["mako"]["website"]['footer']).render(
copyright = globalvar.copyright,
),
container = Template(params["mako"]["website"]['container']).render(
title = globalvar.title
)
)

41
modules/public/register.py
View File

@ -1,41 +0,0 @@
from mako.template import Template
from config import globalvar
from scripts import loggorilla
import procedure.validation as procedure_validation
class register:
def __init__(self):
pass
def html(self, params):
APIADDR = "/register"
loggorilla.prcss(APIADDR, "Define page parameters")
active_page = "Register"
allowed_roles = [0]
roles = params["roles"]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
user = user_validation['data']
return Template(params["mako"]["website"]['index']).render(
title = globalvar.title,
header = globalvar.header,
navbar = Template(params["mako"]["website"]['navbar']).render(
menu = globalvar.menu['public']['navbar'],
user_roles = user['profile']['roles'],
active_page = active_page
),
footer = Template(params["mako"]["website"]['footer']).render(
copyright = globalvar.copyright,
),
container = Template(params["mako"]["website"]['container']).render(
title = globalvar.title,
reCAPTCHA_client = globalvar.reCAPTCHA['client'],
roles = roles,
production = globalvar.production
)
)

35
modules/public/verify.py
View File

@ -1,35 +0,0 @@
from mako.template import Template
from config import globalvar
from scripts import loggorilla
import procedure.validation as procedure_validation
class verify:
def __init__(self):
pass
def html(self, params):
APIADDR = "/verify"
loggorilla.prcss(APIADDR, "Define page parameters")
active_page = "Verify"
allowed_roles = [0]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
user = user_validation['data']
return Template(params["mako"]["website"]['index']).render(
title = globalvar.title,
header = globalvar.header,
navbar = Template(params["mako"]["website"]['navbar']).render(
menu = globalvar.menu['public']['navbar'],
user_roles = user['profile']['roles'],
active_page = active_page
),
footer = Template(params["mako"]["website"]['footer']).render(
copyright = globalvar.copyright,
),
container = Template(params["mako"]["website"]['container']).render()
)

15
pages/public/login.html
View File

@ -1,15 +0,0 @@
<h1>Login</h1>
<script type="text/javascript" src="/js/carrack.js"></script>
<input required type="text" id="form-username" placeholder="Username" > <br>
<input required type="password" id="form-password" placeholder="Password" > <br>
<button type="button" onclick="onSubmit()">Login</button> <br>
<a href="/forgot">Forgot password</a>
<div id="alert-response" role="alert">
<b id="alert-status">Loading...</b> <span id="alert-desc">Please wait...</span>
</div>
<script type="text/javascript" src="/js/auth/login.js"></script>

14
pages/public/notme.html
View File

@ -1,14 +0,0 @@
<h1>Not me</h1>
<script type="text/javascript" src="/js/carrack.js"></script>
<p>I hereby declare that I have never registered with ${title} and will delete the data that uses my email</p>
<button id="notme-link" onclick="notme()">
Submit
</button>
<div id="alert-response" role="alert">
<b id="alert-status">Loading...</b> <span id="alert-desc">Please wait...</span>
</div>
<script type="text/javascript" src="/js/auth/notme.js"></script>

32
pages/public/register.html
View File

@ -1,32 +0,0 @@
<h1>Register</h1>
% if production:
<script type="text/javascript" src="https://www.google.com/recaptcha/api.js"></script>
% endif
<script type="text/javascript" src="/js/carrack.js"></script>
<!-- FORM -->
<input type="hidden" id="roles" value="${roles}">
<input required type="email" id="form-email" placeholder="Email" > <br>
<input required type="text" id="form-username" placeholder="Username" > <br>
<input required type="password" id="form-password" placeholder="Password" > <br>
% if production:
<button class="g-recaptcha" data-sitekey="${reCAPTCHA_client}" data-callback='onSubmit' data-action='submit'>Register</button>
% else:
<button onclick="onSubmit('dev')">Register</button>
% endif
<!-- RESPONSE -->
<div id="alert-response" role="alert">
<b id="alert-status">Loading...</b> <span id="alert-desc">Please wait...</span>
</div>
<!-- RESEND FORM -->
<div id="resend-div">
<input type="hidden" id="resend-email" value="">
<button id="resend-link" onclick="resending()">Resend verification</button>
<p id="resend-message">Message here</p>
</div>
<script type="text/javascript" src="/js/auth/register.js"></script>

9
pages/public/verify.html
View File

@ -1,9 +0,0 @@
<h1>Verify</h1>
<script type="text/javascript" src="/js/carrack.js"></script>
<div id="alert-response" role="alert">
<b id="alert-status">Loading...</b> <span id="alert-desc">Please wait...</span>
</div>
<script type="text/javascript" src="/js/auth/verify.js"></script>

4
procedure/validation.py
View File

@ -120,9 +120,9 @@ class validation():
session_not_found = False
cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.* FROM auth_profile_verification LEFT JOIN auth_profile ON auth_profile.id = auth_profile_verification.profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (r_session['token'],) )
r_profile = cursor.fetchone()
cursor.execute(f"SELECT roles FROM auth_profile_roles WHERE profile = %s ; ", (r_profile['id'],) )
cursor.execute(f"SELECT auth_roles FROM auth_profile_roles WHERE auth_profile = %s ; ", (r_profile['id'],) )
r_roles = cursor.fetchall()
r_profile['roles'] = [item['roles'] for item in r_roles]
r_profile['roles'] = [item['auth_roles'] for item in r_roles]
loggorilla.prcss(APIADDR, "Close DB")
cursor.close()

83
static/js/auth/login.js
View File

@ -1,83 +0,0 @@
function flushResponse() {
document.getElementById("alert-response" ).style.display = 'none';
document.getElementById("alert-response" ).classList.remove('alert-success' );
document.getElementById("alert-response" ).classList.remove('alert-danger' );
document.getElementById("alert-response" ).classList.remove('alert-primary' );
}
function loadingResponse() {
flushResponse();
document.getElementById("alert-status" ).innerHTML = "Loading...";
document.getElementById("alert-desc" ).innerHTML = "Please wait...";
document.getElementById("alert-response").classList.add('alert-primary');
document.getElementById("alert-response").style.display = 'block';
}
function responseSession(response) {
flushResponse();
const obj = JSON.parse(response);
document.getElementById("alert-status").innerHTML = obj.status;
if (obj.status == "success") {
document.getElementById("alert-desc" ).innerHTML = "Welcome!";
document.getElementById("alert-response").classList.add('alert-success');
document.getElementById("alert-response").style.display = 'block';
window.location.replace("/?msg=Welcome");
}
else {
document.getElementById("alert-desc" ).innerHTML = "Internal error";
document.getElementById("alert-response").classList.add('alert-danger');
document.getElementById("alert-response").style.display = 'block';
}
}
function setSession(jwt) {
var url = "/api/auth/session/set";
var payload = {
"jwt" : jwt
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
console.log("JSON Response:", response);
responseSession(response);
}
}, "application/json");
}
function responseAlert(response) {
flushResponse();
const obj = JSON.parse(response);
if (obj.status == "success") {
loadingResponse();
document.getElementById("alert-desc" ).innerHTML = "Set the session";
setSession(obj.data.jwt);
}
if (obj.status == "failed") {
document.getElementById("alert-response").classList.add('alert-danger');
document.getElementById("alert-status" ).innerHTML = obj.status;
document.getElementById("alert-desc" ).innerHTML = obj.desc;
document.getElementById("alert-response").style.display = 'block';
}
}
function onSubmit() {
loadingResponse();
var username = document.getElementById("form-username").value;
var password = document.getElementById("form-password").value;
var url = "/api/auth/login";
var payload = {
"username" : username,
"password" : password
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
console.log("JSON Response:", response);
responseAlert(response);
}
}, "application/json");
}
flushResponse();

45
static/js/auth/notme.js
View File

@ -1,45 +0,0 @@
function flushResponse() {
document.getElementById("alert-response" ).style.display = 'none';
document.getElementById("alert-response" ).classList.remove('alert-success' );
document.getElementById("alert-response" ).classList.remove('alert-danger' );
document.getElementById("alert-response" ).classList.remove('alert-primary' );
}
function loadingResponse() {
flushResponse();
document.getElementById("alert-status" ).innerHTML = "Loading...";
document.getElementById("alert-desc" ).innerHTML = "Please wait...";
document.getElementById("alert-response").classList.add('alert-primary');
document.getElementById("alert-response").style.display = 'block';
}
function responseAlert(response) {
flushResponse();
const obj = JSON.parse(response);
if (obj.status == "success" ) document.getElementById("alert-response").classList.add('alert-success' );
if (obj.status == "failed" ) document.getElementById("alert-response").classList.add('alert-danger' );
document.getElementById("alert-status" ).innerHTML = obj.status;
document.getElementById("alert-desc" ).innerHTML = obj.desc;
document.getElementById("alert-response").style.display = 'block';
}
function notme() {
document.getElementById("notme-link").style.display = 'none';
loadingResponse();
const queryString = window.location.search;
const urlParams = new URLSearchParams(queryString);
const token = urlParams.get('token');
var url = "/api/auth/notme";
var payload = {
"token" : token
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
console.log("JSON Response:", response);
responseAlert(response);
}
}, "application/json");
}
flushResponse();

68
static/js/auth/register.js
View File

@ -1,68 +0,0 @@
function flushResponse() {
document.getElementById("alert-response" ).style.display = 'none';
document.getElementById("resend-div" ).style.display = 'none';
document.getElementById("alert-response" ).classList.remove('alert-success' );
document.getElementById("alert-response" ).classList.remove('alert-danger' );
document.getElementById("alert-response" ).classList.remove('alert-primary' );
}
function loadingResponse() {
flushResponse();
document.getElementById("alert-status" ).innerHTML = "Loading...";
document.getElementById("alert-desc" ).innerHTML = "Please wait...";
document.getElementById("alert-response").classList.add('alert-primary');
document.getElementById("alert-response").style.display = 'block';
}
function responseAlert(response) {
flushResponse();
const obj = JSON.parse(response);
if (obj.status == "success" ) document.getElementById("alert-response").classList.add('alert-success' );
if (obj.status == "failed" ) document.getElementById("alert-response").classList.add('alert-danger' );
if (obj.desc == "check email for verification") {
document.getElementById("resend-email" ).value = document.getElementById("form-email").value;
document.getElementById("resend-message" ).innerHTML = obj.data.message;
document.getElementById("resend-link" ).setAttribute('href', obj.data.resend);
document.getElementById("resend-div" ).style.display = 'block';
}
document.getElementById("alert-status" ).innerHTML = obj.status;
document.getElementById("alert-desc" ).innerHTML = obj.desc;
document.getElementById("alert-response").style.display = 'block';
}
function onSubmit(token) {
loadingResponse();
var email = document.getElementById("form-email" ).value;
var username = document.getElementById("form-username" ).value;
var password = document.getElementById("form-password" ).value;
var roles = document.getElementById("roles" ).value;
var url = "/api/auth/register/"+roles;
var payload = {
"email" : email,
"username" : username,
"password" : password
};
payload.captcha = token; // Add response from reCAPTCHA
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
console.log("JSON Response:", response);
responseAlert(response);
}
}, "application/json");
}
function resending() {
loadingResponse();
var email = document.getElementById("resend-email").value;
var url = "/api/auth/resend?email="+email;
sendHttpRequest(url, "GET", null, function (error, response) {
if (error) console.error("Error:", error);
else {
console.log("JSON Response:", response);
responseAlert(response);
}
}, "multipart/form-data");
}
flushResponse();

44
static/js/auth/verify.js
View File

@ -1,44 +0,0 @@
function flushResponse() {
document.getElementById("alert-response" ).style.display = 'none';
document.getElementById("alert-response" ).classList.remove('alert-success' );
document.getElementById("alert-response" ).classList.remove('alert-danger' );
document.getElementById("alert-response" ).classList.remove('alert-primary' );
}
function loadingResponse() {
flushResponse();
document.getElementById("alert-status" ).innerHTML = "Loading...";
document.getElementById("alert-desc" ).innerHTML = "Please wait...";
document.getElementById("alert-response").classList.add('alert-primary');
document.getElementById("alert-response").style.display = 'block';
}
function responseAlert(response) {
flushResponse();
const obj = JSON.parse(response);
if (obj.status == "success" ) document.getElementById("alert-response").classList.add('alert-success' );
if (obj.status == "failed" ) document.getElementById("alert-response").classList.add('alert-danger' );
document.getElementById("alert-status" ).innerHTML = obj.status;
document.getElementById("alert-desc" ).innerHTML = obj.desc;
document.getElementById("alert-response").style.display = 'block';
}
function verify() {
loadingResponse();
const queryString = window.location.search;
const urlParams = new URLSearchParams(queryString);
const token = urlParams.get('token')
var url = "/api/auth/verify";
var payload = {
"token" : token
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error);
else {
console.log("JSON Response:", response);
responseAlert(response);
}
}, "application/json");
}
verify();

18
static/js/carrack.js
View File

@ -1,18 +0,0 @@
function sendHttpRequest(url, method, data, callback, contentType = "multipart/form-data") {
var xhr = new XMLHttpRequest();
xhr.open(method, url, true);
xhr.setRequestHeader("Content-Type", contentType);
xhr.onreadystatechange = function () {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
var response = xhr.responseText;
callback(null, response);
}
else callback(xhr.status, null);
}
};
var requestData;
if (contentType === "application/json") requestData = JSON.stringify(data);
else requestData = data;
xhr.send(requestData);
}