app.py

import os
import random

from cs50 import SQL
from flask import Flask, flash, redirect, render_template, request, session
from flask_session import Session
from werkzeug.security import check_password_hash, generate_password_hash

from helpers import login_required, lookup

# Configure application
app = Flask(__name__)


# Configure session to use filesystem (instead of signed cookies)
app.config["SESSION_PERMANENT"] = False
app.config["SESSION_TYPE"] = "filesystem"
Session(app)

# Configure CS50 Library to use SQLite database
db = SQL("sqlite:///gymguide.db")


@app.after_request
def after_request(response):
    """Ensure responses aren't cached"""
    response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
    response.headers["Expires"] = 0
    response.headers["Pragma"] = "no-cache"
    return response


@app.route("/")
@login_required
def index():
    """ redirect to login if not logged in, otherwise """
    if not session.get("user_id"):
        return redirect("/login")
    return redirect("/dashboard")


@app.route("/register", methods=["GET", "POST"])
def register():
    """Register user"""
    session.clear()

    if request.method == "POST":

        if not request.form.get("username"):
            return "Kindly provide Username!", 400

        elif not request.form.get("password"):
            return "Kindly provide Password!", 400

        elif not request.form.get("confirmation"):
            return "Kindly confirm your Password!", 400

        elif request.form.get("password") != request.form.get("confirmation"):
            return "Passwords don't match!", 400

        rows = db.execute("SELECT * FROM users WHERE username = ?", request.form.get("username"))

        if len(rows) != 0:
            return "Username already exists!", 400

        db.execute("INSERT INTO users(username, hash) VALUES(?, ?)", request.form.get(
            "username"), generate_password_hash(request.form.get("password")))

        rows = db.execute("SELECT * FROM users WHERE username = ?", request.form.get("username"))

        session["user_id"] = rows[0]["id"]  # remember which user has registered

        flash("Registered successfully! Please log in.")
        return redirect("/login")

    else:
        return render_template("register.html")


@app.route("/login", methods=["GET", "POST"])
def login():
    """Log user in"""

    # Forget any user_id
    session.clear()

    # User reached route via POST (as by submitting a form via POST)
    if request.method == "POST":
        # Ensure username was submitted
        if not request.form.get("username"):
            return "must provide username", 400

        # Ensure password was submitted
        elif not request.form.get("password"):
            return "must provide password", 400

        # Query database for username
        rows = db.execute(
            "SELECT * FROM users WHERE username = ?", request.form.get("username")
        )

        # Ensure username exists and password is correct
        if len(rows) != 1 or not check_password_hash(
            rows[0]["hash"], request.form.get("password")
        ):
            return "invalid username and/or password", 400

        # Remember which user has logged in
        session["user_id"] = rows[0]["id"]

        # Redirect user to home page
        return redirect("/dashboard")

    # User reached route via GET (as by clicking a link or via redirect)
    else:
        return render_template("login.html")


@app.route("/logout")
def logout():
    """Log user out"""

    # Forget any user_id
    session.clear()

    flash("Logged out succesfully!")

    # Redirect user to login form
    return redirect("/")


@app.route("/dashboard")
@login_required
def dashboard():
    """display the dashboard with exercise data"""
    exercises = db.execute("SELECT id, day, exercise, sets, weight, reps FROM exercises WHERE user_id = ?", session["user_id"])

    quotes = [
        "Push harder than yesterday if you want a different tomorrow.",
        "No pain, no gain.",
        "The body achieves what the mind believes.",
        "Don’t limit your challenges. Challenge your limits.",
        "Sweat is fat crying.",
        "\"One More Time!!\" ~ Haikyuu!!",
        "\"A person becomes strong when they have someone they want to protect.\" ~ Naruto",
        "\"You should enjoy the little detours. To the fullest. Because that’s where you’ll find the things more important than what you want.\" ~ One Piece",
        "\"A lesson in resolve: Struggle now and reap rewards later.\" ~ Attack on Titan",
        "\"Nah, I'd still Win.\" ~ Jujutsu Kaisen"
    ]

    quote_of_the_day = random.choice(quotes)

    return render_template("dashboard.html", exercises=exercises, quote=quote_of_the_day)


@app.route("/add", methods=["GET", "POST"])
@login_required
def add():
    if request.method == "POST":
        day = request.form.get("day")
        exercise = request.form.get("exercise")
        sets = request.form.get("sets")
        weight = request.form.get("weight")
        reps = request.form.get("reps")

        if not day or not exercise or not sets or not weight or not reps:
            return "Kindly fill all fields!", 400

        if not sets.isdigit() or not weight.replace(".", "", 1).isdigit():
            return "Kindly enter the sets and weights in correct integer format!", 400

        db.execute("INSERT INTO exercises (user_id, day, exercise, sets, weight, reps) VALUES (?, ?, ?, ?, ?, ?)"
                   , session["user_id"], day, exercise, int(sets), float(weight), reps)

        flash("Exercise added succesfully!")

        return redirect("/dashboard")

    else:
        return render_template("add.html")


@app.route("/changepassword", methods=["GET", "POST"])
@login_required
def changepassword():

    if request.method == "POST":

        if not request.form.get("old password"):
            return "Kindly provide Old Password!", 400

        elif not request.form.get("new password"):
            return "Kindly provide New Password!", 400

        elif request.form.get("old password") == request.form.get("new password"):
            return "Passwords are Same!", 400

        db.execute("UPDATE users SET hash = ? WHERE id = ?", generate_password_hash(
            request.form.get("new password")), session["user_id"])

        flash("Your Password is changed successfully!")

        return redirect("/dashboard")

    else:
        return render_template("changepassword.html")


@app.route("/delete", methods=["GET", "POST"])
def delete():

    id = request.form.get("id")
    if id:
        db.execute("DELETE FROM exercises WHERE id = ?", id)
    return redirect("/dashboard")


@app.errorhandler(404)
def page_not_found():
    return render_template("404.html"), 404