Searchinator Module

A web application for tracking inators.

This module contains route definitions for a web application. It uses the Flask microframework.

To run the application, install all package requirements listed in requirements.txt and run:

FLASK_APP=searchinator.py flask run

To run the application in debug mode, simply set the FLASK_DEBUG environment variable to 1

FLASK_APP=searchinator.py FLASK_DEBUG=1 flask run

Note that it is not suitable to run this application (or any web application) in debug mode if it is running in production. Customers get scared when they see tracebacks.

searchinator.list_inators(data)

List all inators.

This route renders a template that displays a sorted list of inators for the user.

It loads inator records from the data, sorts the records, then returns the sorted list in a template context.

Other details:

  • Route rule: /
  • Allowed HTTP methods: GET
  • Requires the user to be logged in
  • Template: list-inators.html
  • Flashed messages: None
  • Context: {'inators': [...]}
Parameters:data (dict) – The data dictionary loaded from the data path
Return dict:A template context containing a sorted list of inators
searchinator.add_inator(data)

Add a new inator.

This route renders a template that displays a form that the user can submit to create a new inator record.

This route responds to HTTP GET and HTTP POST requests.

  • If this route receives an HTTP GET, it returns an empty template context.
  • If this route receives an HTTP POST, it attempts to create a new inator record. If the condition form data cannot be used to construct a condition.Condition, a HTTP 400 Bad Request is raised via flask.abort(). Otherwise, the inator record is saved to data, a success message is flashed, and the user is redirected to /.

Other details:

  • Route rule: /add/
  • Allowed HTTP methods: GET, POST
  • Requires the user to be logged in
  • Template: add-inator.html
  • Flashed messages:
    • On creation of inator record (success)
  • Context:
    • GET: {}
    • POST: No context is returned. The user is redirected to / instead.
Parameters:data (dict) – The data dictionary loaded from the data path
Returns:An empty template context or redirect
searchinator.view_inator(data, ident)

View details of an inator.

This route renders a template that displays details about an inator for the user.

It loads a single inator record from data and returns it in a template context. If no such inator exists, redirects the user back to /.

Other details:

  • Route rule: /view/<ident>/
  • Allowed HTTP methods: GET
  • Requires the user to be logged in
  • Template: view-inator.html
  • Flashed messages:
    • If the requested inator doesn’t exist (danger)
  • Context: {'inator': {'ident': ..., 'name': ..., ...}
Parameters:
  • data (dict) – The data dictionary loaded from the data path
  • ident (str) – The UUID passed in the route rule
Returns:

A template context containing an inator record or a redirect

searchinator.delete_inator(data, ident)

Delete an existing inator.

This route renders a template that displays a form that the user can submit to delete an existing inator record.

This route responds to HTTP GET and HTTP POST requests as follows:

  • If this route receives an HTTP GET, it loads the specified inator record from data and returns it in a template context.
  • If this route receives an HTTP POST, it deletes the specified inator record from data, flashes a success message, and redirects the user to /.

Regardless which HTTP method was used, the ident in the route must correspond to an existing inator record. If it does not, this route flashes a danger message and redirects the user to /.

Other details:

  • Route rule: /delete/<ident>
  • Allowed HTTP methods: GET, POST
  • Requires the user to be logged in
  • Template: delete-inator.html
  • Flashed messages:
    • On deletion of inator record (success)
    • If the requested inator doesn’t exist (danger)
  • Context:
    • GET: {'inator': {'ident': ..., 'name': ..., ...}
    • POST: No context is returned. The user is redirected to / instead.
Parameters:
  • data (dict) – The data dictionary loaded from the data path
  • ident (str) – The UUID passed in the route rule
Returns:

A template context with an inator record or redirect

searchinator.login(data)

Login to the searchinator.

This route renders a template that displays a form that the user can submit to log in to the searchinator.

It loads loads username/password information from data and determines whether a user has entered valid credentials. Unlike a real world web application, we store password in plain text. Don’t ever, ever do that in a production setting. Ask your instructor.

We can tell if a user is logged in by checking their session. If the *session* dictionary-like object contains a “username” key, the user must be logged in. Otherwise, they aren’t.

Regardless which HTTP method is used, we start by checking if the user is logged in. If they are logged in, flash a warning message and redirect them to / .

If the user submitted an HTTP GET request, return an empty template context.

If the user submitted an HTTP POST request, this route performs several checks:

  1. If the entered username doesn’t exist, flash a danger message and redirect back to /login/.
  2. If the username is in data, but data doesn’t have a password for that user, flash a danger message and redirect to /login/.
  3. If the username exists and its corresponding password is in data, we compare the password in data to the entered password.
    • If the passwords match, we set the “username” key in the user’s session, flash a success message, and redirect them to /.
    • If the passwords don’t match, we flash a danger message and redirect them back to /login/.

Other details:

  • Route rule: /login/
  • Allowed HTTP methods: GET, POST
  • The user must not be logged in.
  • Template: login.html
  • Flashed messages:
    • If the user is already logged in (danger)
    • If the username doesn’t exist in data (danger)
    • If the username exists in data, but it doesn’t have a password stored with it (danger)
    • If the entered username/password combo matches a username/password combo in data (success)
    • If the entered username/password combo does not match a username/password combo in data (danger)
  • Context: {}
Parameters:data (dict) – The data dictionary loaded from the data path
Returns:An empty template context or a redirect
searchinator.logout()

Logout of the searchinator.

This route renders a template that displays a form that the user can submit to log out of the searchinator.

This route responds to HTTP GET and HTTP POST requests.

  • If this route receives an HTTP GET, it returns an empty template context.
  • If this route receives an HTTP POST, it removes the “username” key from the user’s session thereby logging them out. It then flashes a message and redirects the user to /login/

Other details:

  • Route rule: /logout/
  • Allowed HTTP methods: GET, GET
  • Requires the user to be logged in
  • Template: logout.html
  • Flashed messages:
    • On successful logout (success)
  • Context: {}
Return dict:An empty template context or a redirect