From 0d6e59c4c43ccfcb8805b85517eb4b80f68bd5e4 Mon Sep 17 00:00:00 2001
From: Tanveer Hossain <thoss003@gold.ac.uk>
Date: Fri, 29 Mar 2019 16:42:09 +0000
Subject: [PATCH] Update README.md

---
 README.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index b345cd0..3697302 100644
--- a/README.md
+++ b/README.md
@@ -18,14 +18,14 @@ Password : 123123
 | it includes one or more forms	| yes, line: 8, 12, 17 on  forms.py	|
 | the forms have some validation	| yes, line : 9, 10, 13, 15, 18, 19, 20 on forms.py	|
 | there are useful feedback messages to the user	| yes, line : 21 on forms.py	|
-| it has a database backend that implements CRUD operations (the database can be mysql or mongodb)	| create, read, apdate, delete 	|
-| the create & update operations take input data from a form or forms	| 	|
-| there is user authentication (i.e. logins)	| 	|
-| the login process uses sessions	| 	|
-| passwords should be stored as hashes	| 	|
-| there is a way to logout	| 	|
-| there is a basic api i.e. content can be accessed as json via http methods 	| 	|
-| it should be clear how to access the api (this could include comments in code)	| 	|
+| it has a database backend that implements CRUD operations (the database can be mysql or mongodb)	| create, read, update, delete all dbhelper.py cotain CRUD operations	|
+| the create & update operations take input data from a form or forms	|  for exemeple line 71 to 74 on mytwits_mysql.py	|
+| there is user authentication (i.e. logins)	| line 77 "login_user(user) " on mytwits_mysql.py	|
+| the login process uses sessions	| line :77 on mytwits_mysql.py "login_user(user)"	|
+| passwords should be stored as hashes	| hashed =  hashlib.sha512((salt + password).encode('utf-8')).hexdigest()  db.add_user(username,password,salt,hashed) on mytwits_mysql.py 	|
+| there is a way to logout	| line: 97	on mytwits_mysql.py |
+| there is a basic api i.e. content can be accessed as json via http methods 	| can be accessed using the route '/api'     @app.route('/api/<username>')	|
+| it should be clear how to access the api (this could include comments in code)	| # with / <username> you can see for single users' api and without you see all the apis "@app.route('/api') @app.route('/api/<username>')"	|
 | commit history | https://gitlab.doc.gold.ac.uk/thoss003/term-2-lab/commits/master |
 |  |  |
 | ## Links |  |
-- 
GitLab