search

itsahsiao / breadcrumbs

A full-stack Flask web app that lets foodies search restaurants, track their eating history, while also connecting with friends
28 stars 10 forks source link

User login (multiple users) #13

Open itsahsiao opened 8 years ago

itsahsiao commented 8 years ago

To access all visits based on a user id and pass into JSON for Issue #6 , need to use session to get user id. Therefore, need to implement the user login feature and store the user id into session.

Requires the following:

Login

Registration for new user

itsahsiao commented 8 years ago

Added login form to nav bar in base template and using session, show "Log out" if user is logged in, and show "Sign up" or login form if user is not logged in.

Also added login form for /login route - When user provides incorrect credentials while logging in on the homepage, they are redirected to /login to login properly (similar to Facebook's user flow). However, there are now two login forms, when only one is needed.

Suggestions per Bonnie:

Asked about .first() and .one() for querying in database to check user's login credentials - We should be using .one() as there should only be one record in the database if user exists. .first() grabs the first record if there are multiple records, but this is not what we want. Use try/except for exception NoRecordFound OR nested if statements that checks if user exists in database, then checks if password matches. More Pythonic and cleaner code to do try/except. Added point to todo list above.

Using session to store user's email and id - Use nested dictionary for session[current_user], so that you don't need to create two (or more) sessions related to current user, and you can just delete one session when user logs out. Added point to todo list above.

Asked about meaningful url's for JSON route and passing in user id that way, instead of user id from session. Both work. No one sees the JSON route anyways, so can just use session. But need to think about user flows over the next week or two and hierarchal API design for other routes.

itsahsiao commented 8 years ago

Nested dictionary for session implemented: https://github.com/ashleyhsia0/hb-project-breadcrumbs/blob/master/server.py#L63-L68

itsahsiao commented 8 years ago

Tried using session for failed attempt at logging in, but unfortunately this causes the login form to disappear from all pages as session is stored for this failed attempt... Need to think further about user flow - keep user login in nav bar, have login form just on homepage, or ???

For now, removed login form from nav bar of base template and added "Log in" link to /login route.

itsahsiao commented 8 years ago

Used try/except for database querying and got code review - Removed unnecessary, repetitive code for if statement that was under try/except. As the "except NoResultFound" has a return, redirecting user to /login route again, the code below will never execute if the NoResultFound exception occurs. If the code under "try" is successful, then code below will execute (after the exception code).

itsahsiao commented 8 years ago

Created signup html - form to sign new users up. /signup route has methods GET to render signup html and POST to query/add user to database New user signup working

itsahsiao commented 8 years ago

The /login and /signup routes are kept as is, but I am thinking of implementing modal windows on /homepage, that when incorrect credentials are provided, the user is then routed to /login and /signup routes.

Example of this is seen on Twitter.