diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f89b800 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.venv +db.sqlite +**/__pycache__/ \ No newline at end of file diff --git a/README.md b/README.md index 19ae1d2..59bcd54 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,10 @@ Execute in Terminal "python3 -m venv .venv", for the virtual enviroment activate Note: This are early stages of this project listed are missing and planed. + +### DB Delete + +To delete db simple add first_startup = True in Options.ini and remove db.sqlite # To Does --- Must have features / fixes diff --git a/Server/DB/querys.py b/Server/DB/querys.py index a42532f..36911e4 100644 --- a/Server/DB/querys.py +++ b/Server/DB/querys.py @@ -12,9 +12,13 @@ config.read('Options.ini') class compare: + def is_user_pass_valid(username, password): - session_username = session.query(User).filter(User.username == username).one() - session.commit() + try: #check if username in db + session_username = session.query(User).filter(User.username == username).one() + session.commit() + except: + return False print(session_username.hashed_password) if bcrypt.hashpw(password.encode('utf-8'), session_username.salt) == session_username.hashed_password.encode('utf-8'): return True @@ -39,17 +43,21 @@ class compare: OUT: True, False if succeded adding to db ''' - - if compare.verifie_order(ordered_list): #products = Product() - order = Order(desk) - session.add(order) - session.commit() + order = Order(desk) + if compare.verifie_order(ordered_list): + is_emtpy = True #check if nothing in prouduct if True dont commit. for product in ordered_list: if int(product[0]) > 0: #dont add not ordered to list + if is_emtpy: #first time enter in loop + session.add(order) + session.commit() productDB = Product(quantity=int(product[0]),name=product[1],order_id = order.id) - - session.add(productDB) + session.add(productDB) + is_emtpy = False + if is_emtpy: + return False + session.commit() logger.success("Order at desk "+ str(desk) +" resived") # add a new ordered_list to the database @@ -126,11 +134,10 @@ class get: def all_orders(): # All unfinished orders (finished is False or string "False") result = [] - desk = 1 orders = session.query(Order).filter(Order.finished == 0).all() session.commit() for order in orders: - products = session.query(Product).filter(Product.order_id == order.id , Order.desk_number == desk).all() + products = session.query(Product).filter(Product.order_id == order.id).all() session.commit() list_products = [] for p in products: diff --git a/Server/Host/flaskApp.py b/Server/Host/flaskApp.py index 0b22e59..b5db8f5 100644 --- a/Server/Host/flaskApp.py +++ b/Server/Host/flaskApp.py @@ -69,8 +69,7 @@ def login(): form = LoginForm() if form.validate_on_submit(): user = user_loader(form.username.data) - #TODO if username not in User: - #TODO return if username or pass wrong a red textbox in ui... + if user and compare.is_user_pass_valid(form.username.data, form.password.data): login_user(user) # store user id in session @@ -82,8 +81,9 @@ def login(): #next = request.args.get('next') is written in documentaion FLASK #return redirect(next, url_for('orders')) # redirect to orders page return redirect(url_for('orders')) # redirect to orders page + #return wrong_user_pass.html a indexer for wrong pass or username + return render_template('partials/_wrong_user_pass.html', form=form) return render_template('login.html', form=form) - @app.route("/logout") #TODO make a button @login_required def logout(): @@ -95,23 +95,27 @@ def logout(): def orders(): #TODO on new orderGet refresh orders list if request.method == 'POST': order_id = request.form.get('order_id') - action = request.form.get('action') # 'finish' or 'undo' + action = request.form.get('action') # 'refresh', 'finish' or 'undo' - order = session.get(Order, int(order_id)) - if order: #SQL error handeling just in case - if action == 'finish': - order.finished = True - elif action == 'undo': - order.finished = False + if action == 'finish': + order = session.get(Order, int(order_id)) + order.finished = True session.commit() return jsonify(success=True) + elif action == 'undo': + order = session.get(Order, int(order_id)) + order.finished = False + session.commit() + return jsonify(success=True) + elif action == 'refresh': + html = render_template('partials/_order_rows.html', orders=get.all_orders()) + return jsonify(success=True, html=html) return jsonify(success=False) return render_template('orders.html', orders=get.all_orders()) @app.route("/order_get", methods=['GET','POST']) def order_get(): - desk= 1 global config #POST order if request.method == 'POST' and config['SETTINGS']['lockqrcode_whit_secret'] == 'True': @@ -127,8 +131,11 @@ def order_get(): # Adding order to DB if compare.process_main(ordered_list, desk): return '

your order got ressived!

' + else: + #TODO IF nothing ordered send back to main and say something in a txt box + return '

You have selected nothing try again

' return '

your order coudnt be ressived try again Error:SQL

' - + # Veriefie if auth or not from GET elif request.method == 'GET': desk = int(request.args['desk']) @@ -137,11 +144,9 @@ def order_get(): return render_template('index.html', desk=desk, MAX_DESKS=int(config['DEFAULT']['max_desks']), orderableItems = get.valid_products(get_json_=True)) elif config['SETTINGS']['lockqrcode_whit_secret'] == 'False': return render_template('index.html', desk=desk, MAX_DESKS=int(config['DEFAULT']['max_desks']),orderableItems = get.valid_products(get_json_=True)) - else: - return '

Somethign went wrong try again.

' #TODO Make the HTML prettier for all - return '

404 wrong Secret?

' #TODO Make the HTML prettier for all - elif config['SETTINGS']['lockqrcode_whit_secret'] == 'True': - return '

your LOCKQRCODE is invalid.

' + elif config['SETTINGS']['lockqrcode_whit_secret'] == 'True': + return '

your LOCKQRCODE is invalid.

' + return '

Something went wrong went wrong, Try again.

' #TODO Make the HTML prettier for all else: return render_template('index.html',desk=desk, MAX_DESKS=int(config['DEFAULT']['max_desks']),orderableItems = get.valid_products(get_json_=True)) diff --git a/Server/Host/templates/index.html b/Server/Host/templates/index.html index 2fbb5e8..80934de 100644 --- a/Server/Host/templates/index.html +++ b/Server/Host/templates/index.html @@ -7,7 +7,7 @@ Document -
+
  • Tisch Nummer
    diff --git a/Server/Host/templates/login.html b/Server/Host/templates/login.html index 462a86a..c94edd5 100644 --- a/Server/Host/templates/login.html +++ b/Server/Host/templates/login.html @@ -20,4 +20,4 @@ - \ No newline at end of file + diff --git a/Server/Host/templates/orders.html b/Server/Host/templates/orders.html index 8fbc6aa..dabf3a8 100644 --- a/Server/Host/templates/orders.html +++ b/Server/Host/templates/orders.html @@ -35,26 +35,31 @@ Action Order-Nr +
    + Last refreshed: 0s ago +
    + {% for order in orders%} - - {{ order[0] }} - -
      - {% for product in order[1] %} -
    • {{ product }}
      • - {% endfor %} -
    - - - - - order {{ order[2] }} - + + {{ order[0] }} + +
      + {% for product in order[1] %} +
    • {{ product }}
      • + {% endfor %} +
    + + + + + order {{ order[2] }} + {% else %} No open orders. {% endfor %} + \ No newline at end of file diff --git a/Server/Host/templates/partials/_order_rows.html b/Server/Host/templates/partials/_order_rows.html new file mode 100644 index 0000000..f77f5d0 --- /dev/null +++ b/Server/Host/templates/partials/_order_rows.html @@ -0,0 +1,22 @@ + +{% for order in orders%} + + {{ order[0] }} + +
      + {% for product in order[1] %} +
    • {{ product }}
      • + {% endfor %} +
    + + + + + order {{ order[2] }} + +{% else %} +No open orders. +{% endfor %} + \ No newline at end of file diff --git a/Server/Host/templates/partials/_wrong_user_pass.html b/Server/Host/templates/partials/_wrong_user_pass.html new file mode 100644 index 0000000..f9e6baf --- /dev/null +++ b/Server/Host/templates/partials/_wrong_user_pass.html @@ -0,0 +1,52 @@ + + + + Login Page + + + +

    Login Page

    +
    Invalid User or Password
    +
    + {{ form.csrf_token }} + {{ form.username.label }} + {{ form.username }} +
    +
    + {{ form.password.label }} + {{ form.password }} +
    +

    {{ form.remember_me }} {{ form.remember_me.label }}

    +
    + {{ form.submit }} +
    + + + diff --git a/Tools/__pycache__/qrGenerator.cpython-312.pyc b/Tools/__pycache__/qrGenerator.cpython-312.pyc new file mode 100644 index 0000000..3749a6d Binary files /dev/null and b/Tools/__pycache__/qrGenerator.cpython-312.pyc differ diff --git a/app.py b/app.py index 0e0feda..0901344 100644 --- a/app.py +++ b/app.py @@ -20,7 +20,7 @@ you want async logging. def run(): #TODO: sys.stderr back to a file log?? logger.add(sys.stderr, format="{time} {level} {message}", filter="startup", level="INFO") logger.add(sys.stderr, backtrace=True, diagnose=config['OTHER']['log_diagnose']) - app.run(debug=False) + app.run(debug=False, host="0.0.0.0") if __name__ == "__main__": #First startup is handled in DB/handler