create models for database operations

README.md

@@ -1,12 +1,13 @@
-Prerequisites
+# Simple python web application
 
-Python >= 3.5
+Python webpy application running on uswgi server with nginx using docker connected to another docker-runned mysql database.
 
-INSTALL
+Web Server image: https://github.com/tiangolo/uwsgi-nginx-docker
+webpy framework: http://webpy.org/
 
-pip install -r requirements.txt
 
-RUN
+### prerequisites:
+docker https://www.docker.com/
 
-python vulnapp 
- 
+### Run
+docker-compose up

src/app/model.py

@@ -0,0 +1,30 @@
+import mysql.connector
+
+# Access database using mysql connector package
+db = mysql.connector.connect(
+    user='root', 
+    password='root',
+    host='10.5.0.5',
+    database='db'
+)
+
+def get_users():
+    cursor = db.cursor()
+    query = ("SELECT userid, username from users")
+    cursor.execute(query)
+    users = cursor.fetchall()
+    cursor.close()
+    return users
+
+def match_user(username, password):
+    cursor = db.cursor()
+    query = ("SELECT userid, username from users where username = (%s) and password = (%s)")
+    cursor.execute(query, (username, password))
+    user = cursor.fetchall()
+    return user
+
+def register_user(username, password):
+    cursor = db.cursor()
+    query = ("INSERT INTO users VALUES (NULL, (%s), (%s))")
+    cursor.execute(query, (username, password))
+    cursor.close()

src/app/templates/register.html

@@ -14,4 +14,4 @@ $def with (register_form)
     </form>
 </body>
 
-<footer></footer>
+<footer></footer>

src/app/views.py

@@ -1,6 +1,6 @@
 import web
-import mysql.connector
 from forms import login_form, register_form
+import model
 
 # Define application routes
 urls = (
@@ -8,14 +8,6 @@ urls = (
     '/logout', 'logout',
     '/register', 'register',
 )
-
-# Access datavase using mysql connector package
-db = mysql.connector.connect(
-    user='root', 
-    password='root',
-    host='10.5.0.5',
-    database='db'
-)
                               
 # Initialize application using the web py framework
 app = web.application(urls, globals())
@@ -39,11 +31,7 @@ class index():
     def GET(self):
         # Show other registered users if the user is logged in
         if session.username:
-            cursor = db.cursor()
-            query = ("SELECT userid, username from users")
-            cursor.execute(query)
-            friends = cursor.fetchall()
-            cursor.close()
+            friends = model.get_users()
         else:
             friends = [[],[]]
         return render.index(login_form, friends)
@@ -51,21 +39,13 @@ class index():
     # Log In
     def POST(self):
         # Validate login credential with database query
-        cursor = db.cursor()
-        query = ("SELECT userid, username from users where username = (%s) and password = (%s)")
         data = web.input()
-        cursor.execute(query, (data.username, data.password))
-        friends = cursor.fetchall()
+        user = model.match_user(data.username, data.password)
         # If there is a matching user/password in the database the user is logged in
-        if len(friends) == 1:
-            query = ("SELECT userid, username from users")
-            cursor.execute(query)
-            friends = cursor.fetchall()
+        if len(user) == 1:
+            friends = model.get_users()
             session.username = data.username
-            cursor.close()
             return render.index(login_form, friends)
-        cursor.close()
-
 
 class register:
 
@@ -75,11 +55,8 @@ class register:
 
     # Register new user in database
     def POST(self):
-        cursor = db.cursor()
-        query = ("INSERT INTO users VALUES (NULL, (%s), (%s))")
         data = web.input()
-        cursor.execute(query, (data.username, data.password))
-        cursor.close()
+        model.register_user(data.username, data.password)
         return render.register(register_form)