From e32a4aed80e853c54c2680c5d4400d83b94a3fe2 Mon Sep 17 00:00:00 2001
From: Anton <anton@hedvig.com>
Date: Tue, 1 Feb 2022 22:38:15 +0100
Subject: [PATCH] Lab 3: use request.get_json() instead of request.form

---
 lab3/twidder/database.db      | Bin 28672 -> 28672 bytes
 lab3/twidder/server.py        |  27 +++++++++--------
 lab3/twidder/static/client.js |  53 ++++++++++++++++++++--------------
 3 files changed, 47 insertions(+), 33 deletions(-)

diff --git a/lab3/twidder/database.db b/lab3/twidder/database.db
index 7f8b4c47c8b9224e9a2b10c3bee780fc3f53e50a..b46fceb8a2352e0276d2f3f4579482b0737cc090 100644
GIT binary patch
delta 1150
zcmZp8z}WDBae_2s^F$eE#^#L)OZY`NcuW}hJNa4o`uS9Nm+|WIY~V53*eJtOU&X<x
z*r+ZpEh;UXm{*dY=a8G2nWJK=Qj}ksmr`tNYHVs?V4z~+X_0H}k(T9?5@1l8T$rR%
z6&B)C;%MfY66oP%QsSPI<x%498g7wNT;LO^ACw%LXc(9o5R_OEW@!L6HX|{wxHvyA
zIkTiPIlnZoq^L4Ev80-vvtAj+a<Ezq+bew2Q}xQr3<JzllU(vklT<8n^0Px-!rjaZ
zQ-Vu;jUCG)Ox;YAy`7CJgCdjllM*XU6Z6ZHob-$%Ou!~$wY{8;Q@U}pk?bWVE)M<{
z2L8$X>-k$Yb19VZ%kwcSGJ-XNLxY2#SsBU&3$jmMte?m%!2NPEyMY|DGWW}kjR(2w
zEyS4>lfm*}P3ajfkwxw%&c*4vl^K~HLB)khVJYF^RauD!P66hIX|5r`9)V_NCB~lV
z7GfwmE6j4d%bf!wOmlrAOp1eCveE-84L#jT5)Ctw%q%PYJVN6$Qv%DJ(&7WnMVaNH
zc5cqFnaM2Az`!8D%gDgj$hVO%kar^QL4HC0g?x&94|xrFKk_nemUDQ>W1!ER%t(Us
z#3vj28t8*Gk>Ik;6MRdU)C9Th82GpIr}NA4o#3nG)8l>0yNuU~=ReOLo)#V(?%&+I
zxof!XHa3cI*V_oP`YI|4rzM%1B%4_zB^el|n3$QQT3DD^q!^|qnHd=-CmSW1Ap#h|
zDo@O@6#(fLHBK@#HcLxMOEOM1Hc7NhOEO9|H%?44GcZdtHB2)$N9aMYl8W++?D*?J
z`o%5GQw$7E%q`OlQd3L}EliRU4b6?x5>3r5k}b_mlTs175UldVoSZ~^K9GJ%gOpT*
zlvHC&vm|3nljLMGOG68b#1spQL}QaAV>2_X`tveUb8_-G+r*q;RuSawVc`AEzn#yO
zcOzdvzcT+FzAb$J_!M}r@lWFS;LGCA<?Y$5kdVSVSs{<5o={i`sxbR95(*LlkRn3<
U<_9T4_naWQ@Ax(=<UL>n0GkP6C;$Ke

delta 221
zcmZp8z}WDBae_2s#Y7or#)^#zOZWxYcy$^0JNa4o`uS9Nm+|UuR#cGW-K;Bnor#T&
ze=!69`ptX_W&9H-C{JFjpUBL|6FZsRK#p<7#zu3V&9OF1m}Pkr8Tfb&8TcCcHu44X
zPUJnvFUY@;Pm%8-uOaWp%?b_=c_vOUnr!H6z{0@5U@&=!jrQgVz9md@ygW7x{M-4{
z`Q`Xd@YV9^@jm5U#_PoMpJxwG3y;mlMk$`nHZdod<#_oN82GpIx$^b%EA!vs+rsyc
bPl10DzXx9ye=gt6&58>DcsDELJzxX?$WuQu

diff --git a/lab3/twidder/server.py b/lab3/twidder/server.py
index 3791a69..46d60a9 100644
--- a/lab3/twidder/server.py
+++ b/lab3/twidder/server.py
@@ -6,17 +6,17 @@ import secrets
 import database_helper
 import json
 import uuid
-
+import logging
 
 app = Flask(__name__, static_url_path="")
-
+app.logger.setLevel(logging.DEBUG)
 active_sockets = dict()
 
 """ Helper functions """
 
 
 def hash_password(pw):
-    hashed_pw = sha256_crypt.encrypt(pw)
+    hashed_pw = sha256_crypt.hash(pw)
     return hashed_pw
 
 
@@ -89,8 +89,9 @@ def root():
 
 @app.route("/sign-in", methods=["POST"])
 def sign_in():
-    email = request.form["email"]
-    password = request.form["password"]
+    data = request.get_json()
+    email = data["email"]
+    password = data["password"]
 
     if validate_user(email, password):
 
@@ -120,7 +121,7 @@ def sign_in():
 
 @app.route("/sign-up", methods=["POST"])
 def sign_up():
-    user_data = request.form
+    user_data = request.get_json()
     if not is_signup_form_valid(user_data):
         return create_response(
             success=False, message="One or more fields are incorrect"
@@ -162,14 +163,15 @@ def change_password():
     if user:
         email = user[0]
         hashed_pw = user[1]
-        if validate_password(request.form["oldPassword"], hashed_pw):
-
-            if len(request.form["newPassword"]) < 6:
+        data = request.get_json()
+        if validate_password(data["oldPassword"], hashed_pw):
+            data = request.get_json()
+            if len(data["newPassword"]) < 6:
                 return create_response(
                     success=False, message="Password must be at least 6 characters"
                 )
 
-            hashed_password = hash_password(request.form["newPassword"])
+            hashed_password = hash_password(data["newPassword"])
             database_helper.set_password(email, hashed_password)
             return create_response(success=True, message="Password has been changed")
 
@@ -270,15 +272,16 @@ def post_message():
     token = get_token()
     current_user = get_user_by_token(token)
     if current_user:
+        data = request.get_json()
         sender_email = current_user[0]
-        receiver_email = request.form["email"]
+        receiver_email = data["email"]
         receiver_email = receiver_email if receiver_email else sender_email
         msg_id = uuid.uuid4().hex
         database_helper.add_message(
             msg_id=msg_id,
             to_email=receiver_email,
             from_email=sender_email,
-            message=request.form["message"],
+            message=data["message"],
         )
         return create_response(success=True, message="Message sent")
     else:
diff --git a/lab3/twidder/static/client.js b/lab3/twidder/static/client.js
index 8c1c57e..3410338 100644
--- a/lab3/twidder/static/client.js
+++ b/lab3/twidder/static/client.js
@@ -136,7 +136,12 @@ function postUserMessage() {
   let email = document.getElementById("user-email").innerHTML.slice(7); // strip email clean
 
   let userToken = window.localStorage.getItem("token");
-  let params = "&email=" + email + "&message=" + message_form.value;
+
+  let params = {
+    email: email,
+    message: message_form.value,
+  };
+  
   let myCallback = function (res) {
     if (res.success) {
       message_form.value = null;
@@ -155,7 +160,11 @@ function postMessageToSelf() {
   }
 
   let userToken = window.localStorage.getItem("token");
-  let params = "&email" + "" + "&message=" + message_form.value;
+  let params = {
+    email: "",
+    message: message_form.value,
+  };
+
   let myCallback = function (res) {
     if (res.success) {
       message_form.value = null;
@@ -205,7 +214,10 @@ function handleLogin() {
 }
 
 function signIn(email, password) {
-  let params = "&email=" + email + "&password=" + password;
+  let params = {
+    email: email,
+    password: password,
+  };
   let myCallback = function (res) {
     if (res.success) {
       localStorage.setItem("token", res.data);
@@ -282,21 +294,16 @@ function handleSignUp() {
     country: document.forms["signup-form"]["country"].value,
   };
 
-  let params =
-    "firstname=" +
-    userData.firstname +
-    "&familyname=" +
-    userData.familyname +
-    "&gender=" +
-    userData.gender +
-    "&city=" +
-    userData.city +
-    "&country=" +
-    userData.country +
-    "&email=" +
-    userData.email +
-    "&password=" +
-    userData.password;
+  let params = {
+    firstname: userData.firstname,
+    familyname: userData.familyname,
+    gender: userData.gender,
+    city: userData.city,
+    country: userData.country,
+    email: userData.email,
+    password: userData.password,
+  };
+
 
   let myCallback = function (res) {
     if (res.success) {
@@ -319,7 +326,11 @@ function changePassword() {
     return;
   }
 
-  let params = "&oldPassword=" + oldPw + "&newPassword=" + newPw;
+  let params = {
+    oldPassword: oldPw,
+    newPassword: newPw,
+  };
+
   let myCallback = function (res) {
     showModal(res.message);
   };
@@ -399,7 +410,7 @@ function connectWebSocket() {
 function xmlOther(url, callback, params, token, requestType) {
   let xhttp = new XMLHttpRequest();
   xhttp.open(requestType, url, true);
-  xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+  xhttp.setRequestHeader("Content-type", "application/json");
   if (token) {
     xhttp.setRequestHeader("Authorization", "Bearer " + token);
   }
@@ -408,5 +419,5 @@ function xmlOther(url, callback, params, token, requestType) {
       callback(JSON.parse(xhttp.responseText));
     }
   };
-  xhttp.send(params);
+  xhttp.send(JSON.stringify(params));
 }
-- 
GitLab