Python Flask User DataBase Implementation

What is a Database?

To begin, let’s clarify what a database is and go over the most popular ones for different applications.

A database which most of you should know is just a place to store data. Some popular databses for diffrent types of programs include . . .

1. SQL (Structured Query Language) Databases:

A type of relational database that uses a structured query language for defining and manipulating data. Examples include:

  • MySQL: A widely used open-source relational database management system.
  • PostgreSQL: Known for its extensibility and support for advanced data types.

2. Databases for Application Development:

In application development, NoSQL databases are often favored for their flexibility and scalability. Examples include:

  • MongoDB: A document-oriented NoSQL database, ideal for handling JSON-like documents.
  • Cassandra: A distributed NoSQL database designed for handling large amounts of data across commodity servers.

3. Databases for Web Development:

Web development often involves databases that can efficiently manage dynamic content and user interactions. Two popular choices are:

  • Firebase: A cloud-based platform that includes a real-time NoSQL database, suitable for building web and mobile applications.
  • SQLite: A lightweight, embedded relational database often used in web development due to its simplicity and portability.

These databases cater to various needs in the development landscape, providing developers with options based on the specific requirements of their projects. Whether it’s relational databases for structured data or NoSQL databases for flexibility, the choice of a database depends on factors such as data structure, scalability, and the nature of the application being developed.

-- code

-- MySQL

CREATE TABLE users (
  id INT PRIMARY KEY,
  username VARCHAR(50),
  email VARCHAR(100)
);

-- post sql

CREATE TABLE products (
  product_id SERIAL PRIMARY KEY,
  product_name VARCHAR(100),
  price DECIMAL
);

-- Biggest diffrence is postsql supports more and is more intensive

// MongoDb

db.users.insert({
    username: "john_doe",
    email: "john.doe@example.com"
  });

-- cql

CREATE TABLE user_profiles (
    user_id UUID PRIMARY KEY,
    first_name TEXT,
    last_name TEXT,
    email TEXT
  );


-- Cassandra Query Language (CQL) is a query language designed for Apache Cassandra, 
-- a highly scalable and distributed NoSQL database. Unlike SQL, which is relational, 
-- CQL is specifically tailored for managing and querying non-relational, decentralized data storage in Cassandra.
// Firebase

const ref = firebase.database().ref('users');
ref.on('value', (snapshot) => {
  console.log(snapshot.val());
});

For this Lesson we will be covering SQL and User Logins.

IF You want to follow along in your own flask feel free to code along otherwise its more than ok to just listen and ask questions.

PS: To code along a SQL DB link or file is needed


from flask import Flask
from flask_sqlalchemy import SQLAlchemy

# Setup of key Flask object (app)
app = Flask(__name__)
# Setup SQLAlchemy object and properties for the database (db)
database = 'sqlite:///sqlite.db'  # path and filename of database
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False  # Configures Mods
app.config['SQLALCHEMY_DATABASE_URI'] = database  # Configurs the URI of the databse
app.config['SECRET_KEY'] = 'SECRET_KEY'  # Adds in a KEY, think of API keys
db = SQLAlchemy()  # Calls the function


# This belongs in place where it runs once per project
db.init_app(app)

Explaining the Setup and Imports

To begin we always need to import what we are using. We start off with a basic flask setup and then add in the specalized SQL imports needed.

Then the URI/file path is stored in database.

This is then called in the app.config.

Finnaly we call db=SQLAlechemy() This is the key line needed to allow python interactions( makes your life easier)

Now lets look into Models

No need to type all of this RN.

""" 
Database dependencies to support SQLite examples 
"""

import datetime
from datetime import datetime
import json

from sqlalchemy.exc import IntegrityError
from werkzeug.security import generate_password_hash, check_password_hash

''' 
Tutorial: https://www.sqlalchemy.org/library.html#tutorials, try to get into a Python shell and follow along 
'''

# Define the User class to manage actions in the 'users' table
# -- Object-Relational Mapping (ORM) is the key concept of SQLAlchemy
# -- a.) db.Model is like an inner layer of the onion in ORM
# -- b.) User represents data we want to store, something that is built on db.Model
# -- c.) SQLAlchemy ORM is layer on top of SQLAlchemy Core, then SQLAlchemy engine, SQL
class User(db.Model):
    __tablename__ = 'users'  # table name is plural, class name is singular

    # Define the User schema with "vars" from object
    id = db.Column(db.Integer, primary_key=True)
    _name = db.Column(db.String(255), unique=False, nullable=False)
    _uid = db.Column(db.String(255), unique=True, nullable=False)
    _password = db.Column(db.String(255), unique=False, nullable=False)
    _dob = db.Column(db.Date)

    # constructor of a User object, initializes the instance variables within object (self)
    def __init__(self, name, uid, password="123qwerty", dob=datetime.today()):
        self._name = name    # variables with self prefix become part of the object
        self._uid = uid
        self.set_password(password)
        if isinstance(dob, str):  # not a date type     
            dob = date=datetime.today()
        self._dob = dob

    # a name getter method, extracts name from object
    @property
    def name(self):
        return self._name
    
    # a setter function, allows name to be updated after initial object creation
    @name.setter
    def name(self, name):
        self._name = name
    
    # a getter method, extracts uid from object
    @property
    def uid(self):
        return self._uid
    
    # a setter function, allows uid to be updated after initial object creation
    @uid.setter
    def uid(self, uid):
        self._uid = uid
        
    # check if uid parameter matches user id in object, return boolean
    def is_uid(self, uid):
        return self._uid == uid
    
    @property
    def password(self):
        return self._password[0:10] + "..." # because of security only show 1st characters

    # update password, this is conventional method used for setter
    def set_password(self, password):
        """Create a hashed password."""
        self._password = generate_password_hash(password, method='sha256')

    # check password parameter against stored/encrypted password
    def is_password(self, password):
        """Check against hashed password."""
        result = check_password_hash(self._password, password)
        return result
    
    # dob property is returned as string, a string represents date outside object
    @property
    def dob(self):
        dob_string = self._dob.strftime('%m-%d-%Y')
        return dob_string
    
    # dob setter, verifies date type before it is set or default to today
    @dob.setter
    def dob(self, dob):
        if isinstance(dob, str):  # not a date type     
            dob = date=datetime.today()
        self._dob = dob
    
    # age is calculated field, age is returned according to date of birth
    @property
    def age(self):
        today = datetime.today()
        return today.year - self._dob.year - ((today.month, today.day) < (self._dob.month, self._dob.day))
    
    # output content using str(object) is in human-readable form
    # output content using json dumps, this is ready for API response
    def __str__(self):
        return json.dumps(self.read())

    # CRUD create/add a new record to the table
    # returns self or None on error
    def create(self):
        try:
            # creates a person object from User(db.Model) class, passes initializers
            db.session.add(self)  # add prepares to persist person object to Users table
            db.session.commit()  # SqlAlchemy "unit of work pattern" requires a manual commit
            return self
        except IntegrityError:
            db.session.remove()
            return None

    # CRUD read converts self to dictionary
    # returns dictionary
    def read(self):
        return {
            "id": self.id,
            "name": self.name,
            "uid": self.uid,
            "dob": self.dob,
            "age": self.age,
        }

    # CRUD update: updates user name, password, phone
    # returns self
    def update(self, name="", uid="", password=""):
        """only updates values with length"""
        if len(name) > 0:
            self.name = name
        if len(uid) > 0:
            self.uid = uid
        if len(password) > 0:
            self.set_password(password)
        db.session.add(self) # performs update when id exists
        db.session.commit()
        return self

    # CRUD delete: remove self
    # None
    def delete(self):
        db.session.delete(self)
        db.session.commit()
        return None

Simplifying the Code

Imagine you have a cool app where users can sign up, log in, and do all sorts of fun stuff. Now, to keep track of these users and their information, we use something called a “model.” Think of a model like a blueprint or a design for how we want to organize and store information about each user.

In our app, we have a special model called the “User” model. This model knows exactly what kind of information we want to store for each user, like their name, username, password, and even their date of birth. It’s like a form we fill out for every user, and the User model helps us keep everything neat and organized.

But here’s the cool part – we don’t have to worry too much about the technical details of talking to a database (where we store all this user info). We have a friend called SQLAlchemy that helps us with that. SQLAlchemy is like a magic assistant that takes care of the communication between our app and the database. So, when a new user signs up, SQLAlchemy helps us save their info in the database.

The User model also has some superpowers. It can check if a password is correct, calculate a user’s age from their date of birth, and even update or delete user information when needed. All these actions are part of what we call CRUD – Create, Read, Update, and Delete.

In simple terms, the User model is like a superhero that helps our app manage and organize information about all the cool people who use it. It’s the backbone that keeps everything running smoothly, making sure our app knows who’s who and what they’re up to!

"""Database Creation and Testing """


# Builds working data for testing
def initUsers():
    with app.app_context():
        """Create database and tables"""
        db.create_all()
        """Tester data for table"""
        u1 = User(name='Thomas Edison', uid='toby', password='123toby', dob=datetime(1847, 2, 11))
        u2 = User(name='Nikola Tesla', uid='niko', password='123niko')
        u3 = User(name='Alexander Graham Bell', uid='lex', password='123lex')
        u4 = User(name='Eli Whitney', uid='whit', password='123whit')
        u5 = User(name='Indiana Jones', uid='indi', dob=datetime(1920, 10, 21))
        u6 = User(name='Marion Ravenwood', uid='raven', dob=datetime(1921, 10, 21))


        users = [u1, u2, u3, u4, u5, u6]

        """Builds sample user/note(s) data"""
        for user in users:
            try:
                '''add user to table'''
                object = user.create()
                print(f"Created new uid {object.uid}")
            except:  # error raised if object not created
                '''fails with bad or duplicate data'''
                print(f"Records exist uid {user.uid}, or error.")
                
initUsers()

What this Did

In the code above we set up 6 users and it only took us inputing a few fields like Name, UID, password etc. Look how much easier it is to just call the User() and add in paramas than it would be to hard code every user. Thats the power behind Models. It may be alot of code to start but it allows for incredibily quick user creation and allows us to edit features the users have very quickly.

Finding Users Using Our ID

Earlier we set up a few paramaters for the USER, but what do these let us do? A simple feature is finding the user by their ID. In code below we have a function called find_by_uid where the uid is passed in. Here we filter the query and then find the very first uid that matches the given uid. In simple words we just find the first ID that matches our desiered ID.

Then we can check if the password the user puts in is equal to the password saved for that ID. First we would find the data for the user who has that ID. Then we would find the password for that user and check if the password matches the given password.

# SQLAlchemy extracts single user from database matching User ID
def find_by_uid(uid):
    with app.app_context():
        user = User.query.filter_by(_uid=uid).first()
    return user # returns user object

# Check credentials by finding user and verify password
def check_credentials(uid, password):
    # query email and return user record
    user = find_by_uid(uid)
    if user == None:
        return False
    if (user.is_password(password)):
        return True
    return False
        
#check_credentials("indi", "123qwerty")

How to Make Users?

Making users is the most crucial part, but you may be thinking didn’t we already make our users earlier? Yes we did but that was with us hard coding it what if we wanted the user to input their own information like sign up pages do?. Well to do that we need to make a Create function.

# Inputs, Try/Except, and SQLAlchemy work together to build a valid database object
def create():
    # optimize user time to see if uid exists
    uid = input("Enter your user id:")
    user = find_by_uid(uid)
    try:
        print("Found\n", user.read())
        return
    except:
        pass # keep going
    
    # request value that ensure creating valid object
    name = input("Enter your name:")
    password = input("Enter your password")
    
    # Initialize User object before date
    user = User(name=name, 
                uid=uid, 
                password=password
                )
    
    # create user.dob, fail with today as dob
    dob = input("Enter your date of birth 'YYYY-MM-DD'")
    try:
        user.dob = datetime.strptime(dob, '%Y-%m-%d').date()
    except ValueError:
        user.dob = datetime.today()
        print(f"Invalid date {dob} require YYYY-mm-dd, date defaulted to {user.dob}")
           
    # write object to database
    with app.app_context():
        try:
            object = user.create()
            print("Created\n", object.read())
        except:  # error raised if object not created
            print("Unknown error uid {uid}")
        
create()

In the code above we have some basic functions. We ask the user various inputs and store the name, password etc. Then we call our User function and input these details. Then we check if theres any form errors. These are all the basic functionalitys that forms due but the cod ebehind them can be quite complex at some times. Thats why it is so important to study how these models, and functions work to ensure perfect app functionality.

Optional Hacks

-Add this to your website </br> -Create the delete and update user functions </br> -Create USer functionality i.e you return the id of the user who presses a certain button.