GitLab now enforces expiry dates on tokens that originally had no set expiration date. Those tokens were given an expiration date of one year later. Please review your personal access tokens, project access tokens, and group access tokens to ensure you are aware of upcoming expirations. Administrators of GitLab can find more information on how to identify and mitigate interruption in our documentation.
| it includes one or more forms | yes, line: 8, 12, 17 on forms.py |
| the forms have some validation | yes, line : 9, 10, 13, 15, 18, 19, 20 on forms.py |
| there are useful feedback messages to the user | yes, line : 21 on forms.py |
| it has a database backend that implements CRUD operations (the database can be mysql or mongodb) | create, read, apdate, delete |
| the create & update operations take input data from a form or forms | |
| there is user authentication (i.e. logins) | |
| the login process uses sessions | |
| passwords should be stored as hashes | |
| there is a way to logout | |
| there is a basic api i.e. content can be accessed as json via http methods | |
| it should be clear how to access the api (this could include comments in code) | |
| it has a database backend that implements CRUD operations (the database can be mysql or mongodb) | create, read, update, delete all dbhelper.py cotain CRUD operations |
| the create & update operations take input data from a form or forms | for exemeple line 71 to 74 on mytwits_mysql.py |
| there is user authentication (i.e. logins) | line 77 "login_user(user) " on mytwits_mysql.py |
| the login process uses sessions | line :77 on mytwits_mysql.py "login_user(user)" |
| passwords should be stored as hashes | hashed = hashlib.sha512((salt + password).encode('utf-8')).hexdigest() db.add_user(username,password,salt,hashed) on mytwits_mysql.py |
| there is a way to logout | line: 97 on mytwits_mysql.py |
| there is a basic api i.e. content can be accessed as json via http methods | can be accessed using the route '/api' @app.route('/api/<username>') |
| it should be clear how to access the api (this could include comments in code) | # with / <username> you can see for single users' api and without you see all the apis "@app.route('/api') @app.route('/api/<username>')" |
| commit history | https://gitlab.doc.gold.ac.uk/thoss003/term-2-lab/commits/master |
