Finished exercise

wesweb01/todo2021/app.rb

@@ -1,19 +1,116 @@
+#!/usr/bin/ruby -w
 require 'sinatra'
 require 'slim'
 require 'sqlite3'
 require 'bcrypt'
 
 #1. Skapa ER + databas som kan hålla användare och todos. Fota ER-diagram, 
-#	 lägg i misc-mapp
+#	 lägg i misc-mapp [x]
-#2. Skapa ett formulär för att registrerara användare.
+#2. Skapa ett formulär för att registrerara användare. [x]
 #3. Skapa ett formulär för att logga in. Om användaren lyckas logga	
-#	 in: Spara information i session som håller koll på att användaren är inloggad
+#	 in: Spara information i session som håller koll på att användaren är inloggad [x]
-#4. Låt inloggad användare skapa todos i ett formulär (på en ny sida ELLER på sidan som visar todos.).
+#4. Låt inloggad användare skapa todos i ett formulär (på en ny sida ELLER på sidan som visar todos.). [x]
-#5. Låt inloggad användare updatera och ta bort sina formulär.
+#5. Låt inloggad användare updatera och ta bort sina formulär. [x]
 #6. Lägg till felhantering (meddelande om man skriver in fel user/lösen)
 
+enable :sessions
+
+def create_db_handle
+	SQLite3::Database.new("db/todo.db")
+end
 
 
 get "/" do
-	slim(:register)
+	slim :register
+end
+
+
+get "/showlogin" do
+	slim :login
+end
+
+get "/todos" do
+	id = session[:id].to_i
+	db = create_db_handle
+	db.results_as_hash = true
+
+	todos = db.execute "SELECT * FROM Todos WHERE user_id = ?", id
+
+	slim :"todos/index", locals: {todos: todos}
+end
+
+get "/todos/:tid/edit" do
+	tid = params[:tid].to_i
+
+	db = create_db_handle
+	db.results_as_hash = true
+	todo = db.execute("SELECT * FROM Todos WHERE id = ?", tid).first  
+
+	if( todo["user_id"] == session[:id] ) then
+		slim :"todos/edit", locals: {todo: todo}
+	else
+		"401, access denied!"
+	end
+end
+
+post "/todos/:tid/update" do
+	tid = params[:tid].to_i	
+	new_content = params[:content]
+
+	db = create_db_handle
+	db.execute "UPDATE Todos SET content = ? WHERE id = ?", new_content, tid
+
+	redirect "/todos"
+end
+
+post "/todos/:tid/delete" do
+	tid = params[:tid].to_i
+
+	db = create_db_handle
+	db.execute "DELETE FROM Todos WHERE id = ?", tid 
+
+	redirect "/todos"
+end
+
+post "/todos/new" do
+	id = params[:id].to_i
+	content = params[:content]
+
+	db = create_db_handle
+	db.execute "INSERT INTO Todos (user_id, content) VALUES (?, ?)", id, content
+
+	redirect "/todos"	
+end
+
+post "/users/new" do
+	username = params[:username]
+	password = params[:password]
+	password2 = params[:password_confirm]
+
+	if( password == password2 ) then
+		pwdigest = BCrypt::Password.create(password)
+		db = create_db_handle
+		db.execute("INSERT INTO Users (username, pwdigest) VALUES (?, ?)", username, pwdigest)
+
+		redirect "/"
+	else
+		"Passwords does not match..."
+	end
+end
+
+post "/users/login" do
+	username = params[:username]
+	password = params[:password]
+
+	db = create_db_handle
+	db.results_as_hash = true
+	user_info = db.execute("SELECT * FROM Users WHERE username = ?", username).first
+
+	dbpass = BCrypt::Password.new(user_info["pwdigest"])
+	if( dbpass == password ) then
+		session[:id] = user_info["id"]
+		redirect "/todos"
+	else
+		"WRONG PASSWORD!"
+	end
 end

wesweb01/todo2021/misc/todo_er.xml

@@ -0,0 +1 @@
+<mxfile host="app.diagrams.net" modified="2022-01-19T08:59:02.610Z" agent="5.0 (X11)" etag="PiVFU_WCTCR91cyxY9Ob" version="16.3.0" type="device"><diagram id="veyYhuRtbIGMNOb6CXEn" name="Page-1">7VlNc5swEP01XDqTDuLDsY+J7bQzbaaHtPk4ZRSkgBqBGCGMnV9fyQgDJnGoa0dOmpOlt5JA+/attNhyx/H8C4dpdM4QppZjo7nlTizHAZ5jyx+FLErkeOCXQMgJ0oNq4II8Yg3qeWFOEM5aAwVjVJC0DQYsSXAgWhjknBXtYfeMtp+awhB3gIsA0i56RZCISnTo2zX+FZMwqp4MbG2JYTVYA1kEESsakDu13DFnTJSteD7GVDmv8ks57+wZ6+rFOE5EnwkJjS/no/Tq/Cg/mT64Z7PB5bcjTUYmFtWGMZL7113GRcRClkA6rdFTzvIEYbWqLXv1mO+MpRIEEvyNhVhoMmEumIQiEVNtxXMirvV01b5R7c++7k3mDdNkUXUSwRfX1QKq05iluvW0Za+eh05UGMhuwhJcImeEUm0v9682/axbNZSxnAd4gy+r8IQ8xGLDOHdFvlQNZjGW7yvncUyhILP2e0AdvuFqXM2wbGiS/4LwSldmGAfbMG6/ecaHRhkv151Bmusn/cowzzphUJOsWCoiIvBFCpf7L2RubxOq18Rc4PlmN3a3rSesEqM+GdwqpxZ1nj3WUNRIsZ69J0cdG82FKzXcNCwvKaMWw01LC8aV4fRUxjMh8jrKcDrKkMM7MUCpvGvglyVxzxJRBYu3E334bX3YXX0MntCHuy99uB135TKRJDDG2zttB34C3noe8c36aXA4ecTeKo+Aw8kj3lvII5Xaa2FYzoDK1z1FZCaboWqmBSIhzkRlkk9qWI0qaP0k9oDhTANA1x8fl9QtJTTsKaGRSQkN+0joR5FkPeXDIxbf5dmryMcdHthFFpit6t/XCTTqewI5JvUDjBYv7yxj9qbc6JecUSdl/mSIma/r/UOr68Fh13n+ep1n/PbVLfQCuWe1HZO31EEnrgzXeeCj0NtdzgV9Kz2j11TQLfXUN5Dbf8kne0gh5gu4Xvd50PMyLx0j2j6DlISJbAfSQZhLQLmPBJCeaENMECr1hjPyCO+WS6mQTRlJxHK7/qnlT9RaUmJZqTa1dCY4e8BjRhmvw/5exvwatAPaVl/0NpyUzhO0OXujrXun+PTfsOGNXo0N2a3/913aGv+eu9M/</diagram></mxfile>

wesweb01/todo2021/public/css/style.css

@@ -1,12 +1,17 @@
 nav {
-  font-family: Arial, Helvetica, sans-serif;
+	font-family: Arial, Helvetica, sans-serif;
-  text-transform: uppercase;
+	text-transform: uppercase;
-  text-decoration: none;
+	text-decoration: none;
-  font-size: 1.2em;
+	font-size: 1.2em;
-  font-weight:800;
+	font-weight:800;
-  background: lightsalmon;
+	background: #aaf;
-  height: 10vh;
+	height: 10vh;
-  display:flex;
+	display:flex;
-  justify-content:space-around;
+	justify-content:space-around;
-  align-items:center;
+	align-items:center;
-}
+}
+
+.inline {
+	display: inline-block;
+	margin: 8px;
+}

wesweb01/todo2021/views/layout.slim

@@ -9,6 +9,8 @@ html lang="en"
     nav
       a href="/" Register
       a href="/showlogin" Login
+      - if( session[:id] != nil ) then
+      		a href="/todos" Todos
     h1 Welcome to Todos!
 
-    == yield
+    == yield

wesweb01/todo2021/views/login.slim

@@ -0,0 +1,5 @@
+label Login
+form action="/users/login" method="post"
+  input type="text" name="username" placeholder="Username"
+  input type="password" name="password" placeholder="Password"
+  input type="submit" value="Login"

wesweb01/todo2021/views/register.slim

@@ -0,0 +1,6 @@
+label Register
+form action="/users/new" method="post"
+  input type="text" name="username" placeholder="Username"
+  input type="password" name="password" placeholder="Password"
+  input type="password" name="password_confirm" placeholder="Confirm password"
+  input type="submit" value="Register"

wesweb01/todo2021/views/todos/edit.slim

@@ -0,0 +1,3 @@
+form action="/todos/#{todo["id"]}/update" method="post"
+  input type="text" name="content" placeholder="New TODO text..."
+  input type="submit" value="Update TODO"

wesweb01/todo2021/views/todos/index.slim

@@ -0,0 +1,19 @@
+h2 Create TODO:
+form action="/todos/new" method="post"
+  input type="text" name="content" placeholder="I need to do..."
+  input type="hidden" name="id" value="#{session[:id]}"
+  input type="submit" value="Submit"
+
+h2 Your TODOS:
+ol
+  - todos.each do |todo|
+      li 
+        label = todo["content"]
+
+        form.inline action="todos/#{todo["id"]}/edit" method="get"
+          input type="submit" value="Edit"
+
+        form.inline action="todos/#{todo["id"]}/delete" method="post"
+          input type="hidden" name="user_id" value="#{session[:id]}"
+          input type="hidden" name="todo_id" value="#{todo["id"]}"
+          input type="submit" value="Remove"