import json from flask import render_template, url_for, flash, redirect, session, jsonify, Response, request, current_app, Blueprint, send_file from project.models import db, Game, Player, Object, Image, User, SingleplayerGame, get_game_images, reset_db, \ ActionCard, GoalCard, CharacterCard from PIL import Image as PImage from flask_login import LoginManager, login_user, logout_user from project.forms import LoginForm from flask_limiter import Limiter from flask_limiter.util import get_remote_address from pathlib import Path from werkzeug.utils import secure_filename from base64 import b64encode from io import BytesIO from flask_login import login_required import os import glob limiter = Limiter( get_remote_address, default_limits=["20 per second"] ) api = Blueprint('api', __name__) limiter.limit('20/second')(api) singleplayer = Blueprint('singleplayer', __name__) limiter.limit('20/second')(singleplayer) login_manager = LoginManager() def __is_game_closed(gameid): game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return True return game.closed # DONE check whether players are claimed before relevant functions # DONE restrict interaction with closed games (needed?) """ #################### MULTIPLAYER #################### """ @api.route("/create_game", methods=['POST']) @limiter.exempt def create_game(): """ POST like this { players: # numberof players location: } returns game instance number(used to refer to game instance in other calls) """ # extract values and check validity try: # content = request.get_json() # players = content["players"] # location = content["location"] players = request.form.get("players") location = request.form.get("location") except KeyError: return "Missing Data", 400 if (players is None) or (location is None): return "Missing Data", 400 players = int(players) # create Player objects player_list = [] for i in range(0, players): p = Player( player_number=i + 1, ) player_list.append(p) # create game object game = Game( number_of_players=players, location=location, players=player_list ) # save game to db db.session.add(game) db.session.commit() # create a response json response = { 'data': game.id, 'message': f'Game {game.id} created successfully' } return response, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route("/is_player_available//", methods=['GET']) @limiter.exempt def is_player_available(gameid=None, playerid=None): """ :param gameid: game id :param playerid:game-specific player id :return: "True" or "False" as str """ if gameid is None or playerid is None: return "Missing game id or player id", 400 result = db.session.query(Player.is_taken).filter(Player.game_id == gameid, Player.player_number == playerid).first() if result is None: return "No such Game or Player", 400 return str(not result[0]), 200 @api.route("/select_player", methods=['POST']) @limiter.exempt def select_player(): """ POST like this { game: # game id player: # player id in game } """ # extract values and check validity try: # content = request.get_json() # playerid = content["player"] # gameid = content["game"] playerid = request.form.get("player") gameid = request.form.get("game") except KeyError: return "Missing Data", 400 if (playerid is None) or (gameid is None): return "Missing Data", 400 playerid = int(playerid) gameid = int(gameid) # check if game is closed. if yes or not found ignore request if __is_game_closed(gameid): return "Game is closed or does not exist", 400 player = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == playerid).first() # no player found / player already taken if player is None: return "Game or Player does not exist", 400 elif player.is_taken: return f"Player {playerid} is already taken", 400 player.is_taken = True db.session.commit() return "Player claimed successfully", 200 @api.route("/add_object", methods=['POST']) @limiter.exempt def add_object(): """ POST like this { game: # game id player: # player id in game points: # how many points? oid: # id of object } """ # extract values and check validity try: # content = request.get_json() # gameid = content["game"] # playerid = content["player"] # points = content["points"] # oid = content["oid"] gameid = request.form.get("game") playerid = request.form.get("player") points = request.form.get("points") oid = request.form.get("oid") longitude = request.form.get("longitude") # optional latitude = request.form.get("latitude") # optional name = request.form.get("name") # optional except KeyError: return "Missing Data", 400 if (playerid is None) or (gameid is None) or (points is None) or (oid is None): return "Missing Data", 400 gameid = int(gameid) playerid = int(playerid) points = int(points) oid = int(oid) # check if game is closed. if yes or not found ignore request if __is_game_closed(gameid): return "Game is closed or does not exist", 400 # query player player = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == playerid).first() # no player found if player is None: return "Game or Player does not exist", 400 # if player is not taken error if not player.is_taken: return "Player is not taken!", 400 # it is not the players turn # if not player.is_player_turn: # return "Other players turn", 400 # check whether object already in play already_in_play = db.session.query(Object).filter(Object.game_id == gameid, Object.object_type == oid).first() is not None if already_in_play: return f"Object {oid} is already in play", 400 # create and add object to db obj = Object( game_id=gameid, player_number=playerid, object_type=oid, object_points=points, latitude=latitude, longitude=longitude, object_name=name, ) db.session.add(obj) # add points to player player.points = player.points + points db.session.commit() return "Object played successfully", 200 @api.route("/object_in_play//", methods=['GET']) @limiter.exempt def object_in_play(gameid=None, objectid=None): # extract and validate if gameid is None or objectid is None: return "Missing game id or object id", 400 # query object result = db.session.query(Object).filter(Object.game_id == gameid, Object.object_type == objectid).first() return str(result is not None), 200 @api.route("/get_all_objects_in_game/", methods=['GET']) @limiter.limit("1/2minute", override_defaults=True) def get_all_objects_in_game(gameid=None): objects = db.session.query(Object).filter(Object.game_id == gameid).all() obj_json = {} for [key, obj] in enumerate(objects): obj_json[key] = obj.to_json() response = json.dumps(obj_json) return response, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route("/delete_object", methods=['POST']) @limiter.exempt def delete_object(): """ POST like this //TODO only take game and oid { game: # game id oid: # id/type of object } """ # extract values and check validity try: # content = request.get_json() # gameid = content["game"] # playerid = content["player"] # points = content["points"] # oid = content["oid"] gameid = request.form.get("game") oid = request.form.get("oid") except KeyError: return "Missing Data", 400 if (gameid is None) or (oid is None): return "Missing Data", 400 gameid = int(gameid) oid = int(oid) # check if game is closed. if yes or not found ignore request if __is_game_closed(gameid): return "Game is closed or does not exist", 400 obj = db.session.query(Object).filter(Object.game_id == gameid, Object.object_type == oid).first() if obj is None: return f"Game {gameid} has no Object with type {oid}", 400 # query player player = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == obj.player_number).first() # no player found if player is None: return "Player does not exist", 400 # if player is not taken error if not player.is_taken: return "Player is not taken!", 400 player.points = player.points - obj.object_points db.session.delete(obj) db.session.commit() return "Object deleted successfully", 200 """ @api.route("/set_turn_to_next_player", methods=['POST']) def set_turn_to_next_player(): try: # content = request.get_json() # gameid = content["game"] gameid = request.form.get("game") except KeyError: return "Missing Data", 400 gameid = int(gameid) if type(gameid) is not int: return "Wrong Data", 400 game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return f"Game {gameid} does not exist", 400 # no longer current player's turn player_curr = db.session.query(Player).filter(Player.game_id == gameid, Player.is_player_turn).first() # who's turn is it next? number_of_player = game.number_of_players next_player = game.current_player + 1 if next_player > number_of_player: next_player = 1 # set turn to next players in Game and Player Objects game.current_player = next_player player_next = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == next_player).first() if not player_next.is_taken: return "Next player is not taken!", 400 player_curr.is_player_turn = False player_next.is_player_turn = True db.session.commit() return f"Game {gameid}: Turn switched successfully", 200 """ """@api.route("/get_current_player_turn/", methods=['GET']) def get_current_player_turn(gameid=None): if gameid is None: return "Missing game id", 400 game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return f"Game {gameid} does not exist", 400 current_player = game.current_player # create a response json response = { 'data': current_player, 'message': f"Game {game.id}: Player {current_player}'s turn" } return response, 200, {'Content-Type': 'application/json; charset=utf-8'}""" @api.route("/get_all_player_points/", methods=['GET']) @limiter.exempt def get_all_player_points(gameid=None): """ :param gameid: game id :return: { 1: 20 : 2: 15 3: 12 } """ if gameid is None: return "Missing game id", 400 players = db.session.query(Player).filter(Player.game_id == gameid).all() if len(players) == 0: return f"Game {gameid} does not exist", 400 players_points = {} for player in players: players_points[f'{player.player_number}'] = player.points return players_points, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route("/get_total_number_of_players/", methods=['GET']) @limiter.exempt def get_total_number_of_players(gameid=None): if gameid is None: return "Missing game id", 400 game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return f"Game {gameid} does not exist", 400 # create a response json response = { 'data': game.number_of_players, 'message': f"Game {game.id} has {game.number_of_players} Players" } return response, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route("/get_cards_in_game/", methods=['GET']) @limiter.exempt def get_cards_in_game(gameid=None): """ :param gameid: game id :return: { 1: 20 : 2: 15 3: 12 } """ if gameid is None: return "Missing game id", 400 players = db.session.query(Player).filter(Player.game_id == gameid).all() if len(players) == 0: return f"Game {gameid} does not exist", 400 players_goal = {} for player in players: players_goal[f'{player.player_number}'] = player.goal_card_id return players_goal, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route("/add_card_to_player", methods=['POST']) @limiter.exempt def add_card_to_player(): """ POST like this { game: # game id player: # player id in game cid: # id of card } """ try: # content = request.get_json() # gameid = content["game"] # playerid = content["player"] # cid = content["cid"] gameid = request.form.get("game") playerid = request.form.get("player") cid = request.form.get("cid") except KeyError: return "Missing Data", 400 if (gameid is None) or (playerid is None) or (cid is None): return "Missing Data", 400 gameid = int(gameid) playerid = int(playerid) cid = int(cid) # check if game is closed. if yes or not found ignore request if __is_game_closed(gameid): return "Game is closed or does not exist", 400 player = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == playerid).first() # no player found if player is None: return "Game or Player does not exist", 400 goal_card = db.session.query(GoalCard).filter(GoalCard.card_id == cid).first() # no such char card exists if goal_card is None: return f"There is no goal card with the id {cid}", 400 # assign goal card goal_card.players.append(player) # player.goal_card_id = cid db.session.commit() return "Goal Card saved successfully", 200 @api.route("/add_char_card_to_player", methods=['POST']) @limiter.exempt def add_char_card_to_player(): """ Adds the specified character card id to the specified player of a specified game POST like this { game: # game id player: # player id in game charid: # id of character card } """ try: # content = request.get_json() # gameid = content["game"] # playerid = content["player"] # cid = content["cid"] gameid = request.form.get("game") playerid = request.form.get("player") charid = request.form.get("charid") except KeyError: return "Missing Data", 400 if (gameid is None) or (playerid is None) or (charid is None): return "Missing Data", 400 gameid = int(gameid) playerid = int(playerid) charid = int(charid) # check if game is closed. if yes or not found ignore request if __is_game_closed(gameid): return "Game is closed or does not exist", 400 player = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == playerid).first() # no player found if player is None: return "Game or Player does not exist", 400 char_card = db.session.query(CharacterCard).filter(CharacterCard.card_id == charid).first() # no such char card exists if char_card is None: return f"There is no character card with the id {charid}", 400 # assign char card char_card.players.append(player) # player.character_card_id = charid db.session.commit() return "Character Card saved successfully", 200 @api.route("/add_action_card_to_player", methods=['POST']) @limiter.exempt def add_action_card_to_player(): """ Adds the specified action card to the specified player of a specified game POST like this { game: # game id player: # player id in game actionCardID: # id of character card } """ try: # content = request.get_json() # gameid = content["game"] # playerid = content["player"] # cid = content["cid"] gameid = request.form.get("game") playerid = request.form.get("player") actionid = request.form.get("actionCardID") except KeyError: return "Missing Data", 400 if (gameid is None) or (playerid is None) or (actionid is None): return "Missing Data", 400 gameid = int(gameid) playerid = int(playerid) actionid = int(actionid) # check if game is closed. if yes or not found ignore request if __is_game_closed(gameid): return "Game is closed or does not exist", 400 player = db.session.query(Player).filter(Player.game_id == gameid, Player.player_number == playerid).first() # no player found if player is None: return "Game or Player does not exist", 400 action_card = db.session.query(ActionCard).filter(ActionCard.card_id == actionid).first() # no such char card exists if action_card is None: return f"There is no action card with the id {actionid}", 400 # assign char card player.drawn_action_cards.append(action_card) # player.character_card_id = charid db.session.commit() return "Action Card assigned successfully", 200 @api.route("/get_char_cards_in_game/", methods=['GET']) @limiter.exempt def get_char_cards_in_game(gameid=None): """ returns a dictionary listing the character card id for every player of a game :param gameid: game id :return: { 1: 20 : 2: 15 3: 12 } """ if gameid is None: return "Missing game id", 400 players = db.session.query(Player).filter(Player.game_id == gameid).all() if len(players) == 0: return f"Game {gameid} does not exist", 400 players_char = {} for player in players: players_char[f'{player.player_number}'] = player.character_card_id return players_char, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route("/add_action_card", methods=["POST"]) @limiter.exempt() @login_required def add_action_card(): """ Add an action card to the game database POST like this { cardid: # id of action card action: # description of the action img: file # img file } """ try: cardid = request.form.get('cardid') action = request.form.get('action') img = request.files['img'] except KeyError: return "Missing data or wrong key name", 400 if (cardid is None) or (action is None) or (img.content_type is None): return "Missing data or wrong key name", 400 cardid = int(cardid) action_card = db.session.query(ActionCard).filter(ActionCard.card_id == cardid).first() if action_card is not None: return "An action card with this id already exists", 400 filename = f"actioncard_{cardid}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images/", filename) img.save(img_path) ac = ActionCard( card_id=cardid, action=action, img_path=img_path ) db.session.add(ac) db.session.commit() return "Action card added successfully", 200 @api.route("/delete_action_card", methods=["POST"]) @limiter.exempt() @login_required def delete_action_card(): """ Add an action card to the game database POST like this { cardid: # id of action card action: # description of the action img: file # img file } """ try: cardid = request.form.get('cardid') except KeyError: return "Missing data or wrong key name", 400 if (cardid is None): return "Missing data or wrong key name", 400 cardid = int(cardid) action_card = db.session.query(ActionCard).filter(ActionCard.card_id == cardid).first() if action_card is None: return "An action card with this id does not exists", 400 filename = f"actioncard_{cardid}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images/", filename) os.remove(img_path) db.session.delete(action_card) db.session.commit() return "Action card deleted successfully", 200 @api.route("/add_goal_card", methods=["POST"]) @limiter.exempt() @login_required def add_goal_card(): """ Add a goal card to the game database POST like this { cardid: # id of goal card goal: # description of the action img: file # img file } """ try: cardid = request.form.get('cardid') goal = request.form.get('goal') img = request.files['img'] except KeyError: return "Missing data or wrong key name", 400 if (cardid is None) or (goal is None) or (img.content_type is None): return "Missing data or wrong key name", 400 cardid = int(cardid) goal_card = db.session.query(GoalCard).filter(GoalCard.card_id == cardid).first() if goal_card is not None: return "A goal card with this id already exists", 400 filename = f"goalcard_{cardid}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images/", filename) img.save(img_path) gc = GoalCard( card_id=cardid, goal=goal, img_path=img_path ) db.session.add(gc) db.session.commit() return "Goal card added successfully", 200 @api.route("/delete_goal_card", methods=["POST"]) @limiter.exempt() @login_required def delete_goal_card(): """ Delete a Goal Card from the database POST like this { cardid: # id of goal card } """ try: cardid = request.form.get('cardid') except KeyError: return "Missing data or wrong key name", 400 if (cardid is None): return "Missing data or wrong key name", 400 cardid = int(cardid) goal_card = db.session.query(GoalCard).filter(GoalCard.card_id == cardid).first() if goal_card is None: return "A goal card with this id does not exists", 400 filename = f"goalcard_{cardid}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images/", filename) os.remove(img_path) db.session.delete(goal_card) db.session.commit() return "Goal card deleted successfully", 200 @api.route("/add_char_card", methods=["POST"]) @limiter.exempt() @login_required def add_char_card(): """ Add a character card to the game database POST like this { cardid: # id of character card img: file # img file } """ try: cardid = request.form.get('cardid') name = request.form.get('name') age = request.form.get('age') role = request.form.get('role') interest = request.form.get('interest') quote = request.form.get('quote') img = request.files['img'] except KeyError: return "Missing data or wrong key name", 400 if (cardid is None) or (name is None) or (age is None) or (role is None) or (interest is None) or ( quote is None) or (img.content_type is None): return "Missing data or wrong key name", 400 cardid = int(cardid) char_card = db.session.query(CharacterCard).filter(CharacterCard.card_id == cardid).first() if char_card is not None: return "A character card with this id already exists", 400 filename = f"charactercard_{cardid}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images/", filename) img.save(img_path) cc = CharacterCard( card_id=cardid, name=name, age=age, role=role, interest=interest, quote=quote, img_path=img_path ) db.session.add(cc) db.session.commit() return "Character card added successfully", 200 @api.route("/delete_char_card", methods=["POST"]) @limiter.exempt() @login_required def delete_char_card(): """ delete a char card from the game database POST like this { cardid: # id of action card } """ try: cardid = request.form.get('cardid') except KeyError: return "Missing data or wrong key name", 400 if (cardid is None): return "Missing data or wrong key name", 400 cardid = int(cardid) char_card = db.session.query(CharacterCard).filter(CharacterCard.card_id == cardid).first() if char_card is None: return "A character card with this id does not exists", 400 filename = f"charactercard_{cardid}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images/", filename) os.remove(img_path) db.session.delete(char_card) db.session.commit() return "Action card deleted successfully", 200 @api.route('/get_card_image/', methods=['GET']) @limiter.exempt() @login_required def get_card_image(subpath): # Here you would dynamically serve the file based on subpath # For demonstration purposes, let's assume all images are in /static/images/ img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images", subpath) return send_file(img_path) @api.route("/add_image_to_game", methods=['POST']) @limiter.exempt def add_image_to_game(): """ send data as form-data, otherwise wont work 2 keys: 'game' which should contain game id 'img' the image file """ try: gameid = request.form.get('game') img = request.files['img'] except KeyError: return "Missing data or wrong key name", 400 if gameid is None or img.content_type is None: return "Missing data or wrong key name", 400 gameid = int(gameid) # does game exist? game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return f"Game {gameid} does not exist", 400 if game.closed: return f"Game {gameid} is closed", 400 # how many images are there already? image_count = db.session.query(Image).filter(Image.game_id == gameid).count() # if there are already 5 discard request if image_count >= 5: return f"Game {gameid} already has 5 images saved.", 400 # else save image to path and create db entry # img = PImage.open(img) # this_folder = Path(__file__).parent.resolve() # img_path = str(this_folder / f"images/{gameid}_{image_count + 1}.png") ## img_path = f'/server/images/{gameid}_{image_count + 1}.png' # img.save(img_path) filename = f"{gameid}_{image_count + 1}.png" img_path = os.path.join(f"{os.getenv('APP_FOLDER')}/project/images", filename) img.save(img_path) image = Image( game_id=gameid, img_path=img_path ) db.session.add(image) db.session.commit() return "Image saved successfully", 200 @api.route("/get_next_game_id", methods=['GET']) @limiter.exempt def get_next_game_id(): game = db.session.query(Game.id).order_by(Game.id.desc()).first() if game is None: return "1", 200 next_id = game[0] + 1 return f"{next_id}", 200 @api.route("/close_game", methods=['POST']) @limiter.exempt def close_game(): """ POST like this { game: # game id to close } """ try: # content = request.get_json() # gameid = content["game"] gameid = request.form.get("game") except KeyError: return "Missing data or wrong key name", 400 if gameid is None: return "Missing Data", 400 gameid = int(gameid) game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return "Game does not exist", 400 if game.closed: return "Game already closed", 400 game.closed = True db.session.commit() return f"Game {gameid} closed successfully", 200 @api.route("/is_game_closed/", methods=['GET']) @limiter.exempt def is_game_closed(gameid=None): if gameid is None: return "game id is missing", 400 game = db.session.query(Game).filter(Game.id == gameid).first() if game is None: return "Game does not exist", 400 return f"{game.closed}", 200 @api.route("/get_object_owner//", methods=['GET']) @limiter.exempt def get_object_owner(gameid=None, oid=None): """ :param gameid: id of game :param oid: object id :return: number of player who owns object """ if gameid is None or oid is None: return "game id or object id is missing", 400 owner = db.session.query(Object).filter(Object.game_id == gameid, Object.object_type == oid).first() if owner is None: return f"No player has played object {oid}", 400 return f"{owner.player_number}", 200 @api.route('/get_images/', methods=["GET"]) @limiter.exempt @login_required def get_images(id=None): if id is None: return "Attribute is None", 400 imgs = get_game_images(id) images = {} for img in imgs: if f"{img.game_id}" not in images: images[f"{img.game_id}"] = [] image = PImage.open(img.img_path) image_io = BytesIO() image.save(image_io, 'PNG') images[f"{img.game_id}"].append('data:image/png;base64,' + b64encode(image_io.getvalue()).decode('ascii')) return {'data': images}, 200, {'Content-Type': 'application/json; charset=utf-8'} @api.route('/reset_database', methods=["POST"]) @limiter.exempt @login_required def reset_database(): """ Deletes every entry in database apart from User. Game ID sequence will not be resetted Also dleets all images from the file system :return: """ try: content = request.get_json() password = content["password"] except KeyError: return "Missing data or wrong key name", 400 user = db.session.query(User).first() if not user.verify_password(password): return "Wrong Password", 401 db.session.query(Game).delete() db.session.query(SingleplayerGame).delete() db.session.query(Player).delete() db.session.query(Object).delete() db.session.query(CharacterCard).delete() db.session.query(GoalCard).delete() db.session.query(ActionCard).delete() files = glob.glob(f"{current_app.config['MEDIA_FOLDER']}/*") for f in files: print(f) os.remove(f) db.session.query(Image).delete() db.session.commit() # This resets the Primary Key sequence for Game table such that the game ids start with 1 again. # Alternatively one can also continue the ids however this is a problem when retrieving the last_value of the sequence # This is because for the 1st and 2nd interation of the sequence last_value returns 2, since nextval() does not increment on first call db.engine.execute("ALTER SEQUENCE game_id_seq RESTART WITH 1") return "DB is empty again", 200 """ #################### SINGLEPLAYER #################### """ @singleplayer.route("/new_game", methods=["POST"]) @limiter.exempt def new_game(): game = SingleplayerGame() db.session.add(game) db.session.commit() return f"{game.id}", 200 @singleplayer.route("/add_point_information", methods=["POST"]) @limiter.exempt def add_point_information(): """ POST like this { game: # game id player: # player id in game 1-5 points: # how many points? } """ # extract values and check validity try: gameid = request.form.get("game") playerid = request.form.get("player") points = request.form.get("points") except KeyError: return "Missing Data", 400 if (gameid is None) or (playerid is None) or (points is None): return "Missing Data", 400 gameid = int(gameid) playerid = int(playerid) points = int(points) if playerid < 1 or playerid > 5: return f"Player {playerid} does not exist.", 400 game = db.session.query(SingleplayerGame).filter(SingleplayerGame.id == gameid).first() if game is None: return f"Game {gameid} does not exist", 400 setattr(game, f"player_{playerid}_points", getattr(game, f"player_{playerid}_points") + points) db.session.commit() return f"Successfully added {points} points to player {playerid}.", 200 @singleplayer.route("/get_point_information/", methods=['GET']) @limiter.exempt def get_point_information(gameid=None): game = db.session.query(SingleplayerGame).filter(SingleplayerGame.id == gameid).first() if game is None: return f"Game {gameid} does not exist", 400 response_json = { 'player1': str(game.player_1_points), 'player2': str(game.player_2_points), 'player3': str(game.player_3_points), 'player4': str(game.player_4_points), 'player5': str(game.player_5_points) } return Response(json.dumps(response_json), status=200, mimetype='application/json') """ #################### AUTHENTICATION #################### """ auth = Blueprint('auth', __name__) limiter.limit('20/second')(auth) @login_manager.user_loader def get_user(user_id): return db.session.get(User, user_id) @auth.route("/login", methods=["GET", "POST"]) @limiter.exempt def login(): form = LoginForm() username = form.username.data password = form.password.data if form.validate_on_submit(): user = User.query.filter_by(username=username).first() if user and user.verify_password(password): login_user(user) flash("logged in!") return redirect(url_for('index')) else: flash("login failed!") else: print(form.errors) return render_template('login.html', form=form) @auth.route('/logout') @limiter.exempt def logout(): logout_user() return redirect(url_for('auth.login'))