fuhlig/ChatBot
1
0
Fork 0
Code Pull Requests Actions Packages Projects Releases Activity

To_DO: ERROR AFTER LOGGING IN

Browse Source
This commit is contained in:
florianuhlig
2025-10-03 15:03:18 +02:00
parent 70c85cb8be
commit 1554723ed4
27 changed files with 1484 additions and 273 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -2,3 +2,5 @@
/.idea/
testing.py
/databases/
.env

0
sqlLite/__init__.py → OLD/sqlLite/__init__.py
View File

0
sqlLite/auth.py → OLD/sqlLite/auth.py
View File

0
sqlLite/create.py → OLD/sqlLite/create.py
View File

0
sqlLite/get.py → OLD/sqlLite/get.py
View File

0
sqlLite/set.py → OLD/sqlLite/set.py
View File

0
standard/getter.py → OLD/standard/getter.py
View File

46
config/database.py Normal file
View File

@@ -0,0 +1,46 @@
import os
from typing import Dict, Any
class DatabaseConfig:
def __init__(self):
# Environment-basierte Konfiguration
self.db_type = os.getenv('DB_TYPE', 'sqlite')
self.config = self._load_config()
def _load_config(self) -> Dict[str, Any]:
if self.db_type.lower() == 'sqlite':
return {
'path': os.getenv('SQLITE_PATH', 'databases/chatbot.db')
}
elif self.db_type.lower() == 'mysql':
return {
'host': os.getenv('MYSQL_HOST', 'localhost'),
'port': int(os.getenv('MYSQL_PORT', '3306')),
'database': os.getenv('MYSQL_DATABASE', 'chatbot'),
'user': os.getenv('MYSQL_USER', 'root'),
'password': os.getenv('MYSQL_PASSWORD', ''),
'charset': 'utf8mb4'
}
elif self.db_type.lower() == 'mariadb':
return {
'host': os.getenv('MARIADB_HOST', 'localhost'),
'port': int(os.getenv('MARIADB_PORT', '3306')),
'database': os.getenv('MARIADB_DATABASE', 'chatbot'),
'user': os.getenv('MARIADB_USER', 'root'),
'password': os.getenv('MARIADB_PASSWORD', ''),
'charset': 'utf8'
}
elif self.db_type.lower() == 'postgresql':
return {
'host': os.getenv('POSTGRES_HOST', 'localhost'),
'port': int(os.getenv('POSTGRES_PORT', '5432')),
'database': os.getenv('POSTGRES_DATABASE', 'chatbot'),
'user': os.getenv('POSTGRES_USER', 'postgres'),
'password': os.getenv('POSTGRES_PASSWORD', ''),
}
else:
raise ValueError(f"Unsupported database type: {self.db_type}")
def get_database_config(self) -> tuple[str, Dict[str, Any]]:
return self.db_type, self.config

40
database/__init__.py Normal file
View File

@@ -0,0 +1,40 @@
import logging
from typing import Dict, Any
from .interface import DatabaseInterface
from .sqlite_db import SQLiteDatabase
logger = logging.getLogger(__name__)
class DatabaseFactory:
@staticmethod
def create_database(db_type: str, config: Dict[str, Any]) -> DatabaseInterface:
if db_type.lower() == 'sqlite':
if 'path' not in config:
raise ValueError("SQLite configuration requires 'path'")
return SQLiteDatabase(config['path'])
elif db_type.lower() == 'mysql':
# Für später: MySQL-Implementierung
# from .mysql_db import MySQLDatabase
# return MySQLDatabase(config)
raise NotImplementedError("MySQL support not yet implemented")
elif db_type.lower() == 'postgresql':
# Für später: PostgreSQL-Implementierung
# from .postgresql_db import PostgreSQLDatabase
# return PostgreSQLDatabase(config)
raise NotImplementedError("PostgreSQL support not yet implemented")
else:
raise ValueError(f"Unsupported database type: {db_type}")
# Convenience-Funktion für einfachen Zugriff
def get_database(db_type: str, config: Dict[str, Any]) -> DatabaseInterface:
db = DatabaseFactory.create_database(db_type, config)
db.connect()
db.create_user_table()
return db

38
database/flask_integration.py Normal file
View File

@@ -0,0 +1,38 @@
import logging
from flask import g, current_app
from .interface import DatabaseInterface
logger = logging.getLogger(__name__)
class FlaskDatabaseManager:
"""Flask-Integration für Thread-Safe Database Management"""
def __init__(self, database_factory_func):
self.database_factory_func = database_factory_func
def get_db(self) -> DatabaseInterface:
"""
Holt die Datenbank-Instanz für den aktuellen Request
Verwendet Flask's 'g' object für request-lokale Speicherung
"""
if 'database' not in g:
g.database = self.database_factory_func()
g.database.connect()
g.database.create_user_table()
logger.debug("Database instance created for request")
return g.database
def close_db(self, error=None):
"""
Schließt die Datenbank-Verbindung am Ende des Requests
"""
database = g.pop('database', None)
if database is not None:
database.disconnect()
logger.debug("Database connection closed for request")
def init_app(self, app):
"""Registriert die Database-Manager-Funktionen bei Flask"""
app.teardown_appcontext(self.close_db)

40
database/interface.py Normal file
View File

@@ -0,0 +1,40 @@
from abc import ABC, abstractmethod
from typing import Optional, List, Dict, Any
class DatabaseInterface(ABC):
@abstractmethod
def connect(self) -> None:
pass
@abstractmethod
def disconnect(self) -> None:
pass
@abstractmethod
def create_user_table(self) -> None:
pass
@abstractmethod
def create_user(self, username: str, email: str, password_hash: str) -> bool:
pass
@abstractmethod
def get_user_by_email(self, email: str) -> Optional[Dict[str, Any]]:
pass
@abstractmethod
def get_user_by_username(self, username: str) -> Optional[Dict[str, Any]]:
pass
@abstractmethod
def get_password_hash_by_email(self, email: str) -> Optional[str]:
pass
@abstractmethod
def update_user_password(self, email: str, new_password_hash: str) -> bool:
pass
@abstractmethod
def delete_user(self, email: str) -> bool:
pass

0
database/mysql_db.py Normal file
View File

0
database/postgresql_db.py Normal file
View File

189
database/sqlite_db.py Normal file
View File

@@ -0,0 +1,189 @@
import sqlite3
import logging
from threading import local
from typing import Optional, Dict, Any
from .interface import DatabaseInterface
logger = logging.getLogger(__name__)
class SQLiteDatabase(DatabaseInterface):
"""Thread-Safe SQLite-Implementierung der Database-Interface"""
def __init__(self, db_path: str):
self.db_path = db_path
# Thread-local storage für Verbindungen
self._local = local()
def _get_connection(self) -> sqlite3.Connection:
"""Holt oder erstellt eine thread-lokale Verbindung"""
if not hasattr(self._local, 'connection') or self._local.connection is None:
self._local.connection = sqlite3.connect(
self.db_path,
check_same_thread=False, # Erlaubt thread-übergreifende Nutzung
timeout=30.0,
detect_types=sqlite3.PARSE_DECLTYPES | sqlite3.PARSE_COLNAMES
)
self._local.connection.row_factory = sqlite3.Row
# Optimierungen für bessere Performance
self._local.connection.execute("PRAGMA journal_mode=WAL")
self._local.connection.execute("PRAGMA synchronous=NORMAL")
self._local.connection.execute("PRAGMA cache_size=1000")
self._local.connection.execute("PRAGMA temp_store=MEMORY")
logger.debug(f"New SQLite connection created for thread")
return self._local.connection
def connect(self) -> None:
"""Initialisiert die thread-lokale Verbindung"""
try:
conn = self._get_connection()
logger.info(f"Connected to SQLite database: {self.db_path}")
except Exception as e:
logger.error(f"Failed to connect to SQLite database: {e}")
raise
def disconnect(self) -> None:
"""Schließt die thread-lokale Verbindung"""
if hasattr(self._local, 'connection') and self._local.connection:
try:
self._local.connection.close()
self._local.connection = None
logger.debug("SQLite connection closed for thread")
except Exception as e:
logger.warning(f"Error closing SQLite connection: {e}")
def create_user_table(self) -> None:
"""User-Tabelle erstellen"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute("""
CREATE TABLE IF NOT EXISTS users
(
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT NOT NULL UNIQUE,
email TEXT NOT NULL UNIQUE,
password_hash TEXT NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP )
""")
conn.commit()
logger.info("User table created/verified")
except Exception as e:
logger.error(f"Failed to create user table: {e}")
raise
finally:
cursor.close()
def create_user(self, username: str, email: str, password_hash: str) -> bool:
"""Neuen User erstellen"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute(
"INSERT INTO users (username, email, password_hash) VALUES (?, ?, ?)",
(username, email, password_hash)
)
conn.commit()
logger.info(f"User created successfully: {email}")
return True
except sqlite3.IntegrityError as e:
logger.warning(f"User creation failed (duplicate): {e}")
conn.rollback()
return False
except Exception as e:
logger.error(f"Failed to create user: {e}")
conn.rollback()
raise
finally:
cursor.close()
def get_user_by_email(self, email: str) -> Optional[Dict[str, Any]]:
"""User anhand Email suchen"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute(
"SELECT id, username, email, password_hash, created_at FROM users WHERE email = ?",
(email,)
)
row = cursor.fetchone()
return dict(row) if row else None
except Exception as e:
logger.error(f"Failed to get user by email: {e}")
raise
finally:
cursor.close()
def get_user_by_username(self, username: str) -> Optional[Dict[str, Any]]:
"""User anhand Username suchen"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute(
"SELECT id, username, email, password_hash, created_at FROM users WHERE username = ?",
(username,)
)
row = cursor.fetchone()
return dict(row) if row else None
except Exception as e:
logger.error(f"Failed to get user by username: {e}")
raise
finally:
cursor.close()
def get_password_hash_by_email(self, email: str) -> Optional[str]:
"""Password-Hash für Email abrufen"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute(
"SELECT password_hash FROM users WHERE email = ?",
(email,)
)
row = cursor.fetchone()
return row if row else None
except Exception as e:
logger.error(f"Failed to get password hash by email: {e}")
raise
finally:
cursor.close()
def update_user_password(self, email: str, new_password_hash: str) -> bool:
"""Passwort aktualisieren"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute(
"UPDATE users SET password_hash = ?, updated_at = CURRENT_TIMESTAMP WHERE email = ?",
(new_password_hash, email)
)
conn.commit()
success = cursor.rowcount > 0
if success:
logger.info(f"Password updated for user: {email}")
return success
except Exception as e:
logger.error(f"Failed to update password: {e}")
conn.rollback()
raise
finally:
cursor.close()
def delete_user(self, email: str) -> bool:
"""User löschen"""
conn = self._get_connection()
cursor = conn.cursor()
try:
cursor.execute("DELETE FROM users WHERE email = ?", (email,))
conn.commit()
success = cursor.rowcount > 0
if success:
logger.info(f"User deleted: {email}")
return success
except Exception as e:
logger.error(f"Failed to delete user: {e}")
conn.rollback()
raise
finally:
cursor.close()

276
frontend/app.py
View File

@@ -1,79 +1,273 @@
from flask import Flask, render_template, request, redirect, url_for, flash
from datetime import datetime, timedelta # Add this line at the top
from flask import Flask, render_template, request, redirect, url_for, flash, session
import logging
from config.database import DatabaseConfig
from database import DatabaseFactory
from database.flask_integration import FlaskDatabaseManager
from services.user_service import UserService
from services.auth_service import AuthService
from utils.auth_decorators import login_required, logout_required, get_current_user
import hashlib
def hash_password(password):
return hashlib.sha512(password.strip().encode('utf-8')).hexdigest()
# Logging konfigurieren
logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(__name__)
app = Flask(__name__)
app.secret_key = 'your_secret_key'
app.secret_key = 'your-secret-key-change-this-in-production'
# Session-Konfiguration
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=24) # Session läuft nach 24h ab
app.config['SESSION_COOKIE_SECURE'] = False # Für Development - in Production auf True setzen
app.config['SESSION_COOKIE_HTTPONLY'] = True # Verhindert XSS-Angriffe
# Database Manager initialisieren
db_config = DatabaseConfig()
db_type, config = db_config.get_database_config()
def create_database():
"""Factory-Funktion für Datenbank-Instanzen"""
return DatabaseFactory.create_database(db_type, config)
db_manager = FlaskDatabaseManager(create_database)
db_manager.init_app(app)
# Template-Context für alle Templates
@app.context_processor
def inject_user():
"""Macht User-Daten in allen Templates verfügbar"""
return {'current_user': get_current_user()}
@app.route('/')
def home():
"""Startseite - Weiterleitung je nach Login-Status"""
if 'user_id' in session:
return redirect(url_for('dashboard'))
return redirect(url_for('login'))
@app.route('/register', methods=['GET', 'POST'])
@logout_required
def register():
import standard.getter as st_getter
import sqlLite.set as setter
"""Registrierung - nur für nicht eingeloggte User"""
if request.method == 'POST':
username = request.form['username']
email = request.form.get('email')
password = request.form.get('password')
pwd_confirm = request.form.get('confirm_password')
username = request.form.get('username', '').strip()
email = request.form.get('email', '').strip()
password = request.form.get('password', '')
confirm_password = request.form.get('confirm_password', '')
if not email or not password or not pwd_confirm or not username:
# Basis-Validierung
if not username or not email or not password or not confirm_password:
flash('Please fill out all fields', 'error')
return redirect(url_for('register'))
if password != pwd_confirm:
if password != confirm_password:
flash('Passwords do not match', 'error')
return redirect(url_for('register'))
try:
if st_getter.get_validate_email(email):
setter.set_login(username, email, password)
flash('Registration successful! Please log in.', 'success')
return redirect(url_for('login'))
else:
flash('Invalid email format', 'error')
return redirect(url_for('register'))
except Exception as e:
flash(f'Error: {str(e)}', 'error')
# Services mit request-lokaler DB-Instanz
database = db_manager.get_db()
user_service = UserService(database)
# User erstellen
success, errors = user_service.create_user(username, email, password)
if success:
flash('Registration successful! Please log in.', 'success')
logger.info(f"New user registered: {email}")
return redirect(url_for('login'))
else:
for error in errors:
flash(error, 'error')
return redirect(url_for('register'))
# For GET-requests:
return render_template('register.html')
@app.route('/login', methods=['GET', 'POST'])
@logout_required
def login():
"""Login - nur für nicht eingeloggte User"""
if request.method == 'POST':
enter_email = request.form.get('email')
enter_password = request.form.get('password')
import hashlib
import sqlLite.get as getter
import standard.getter as st_getter
email = request.form.get('email', '').strip()
password = request.form.get('password', '')
remember_me = request.form.get('remember_me') # Checkbox für "Remember Me"
stored_hash = getter.get_password_by_email(enter_email) # use email here
if not email or not password:
flash('Please enter email and password', 'error')
return redirect(url_for('login'))
if stored_hash is None:
flash("User not found!")
return redirect(url_for("login"))
# Services mit request-lokaler DB-Instanz
database = db_manager.get_db()
auth_service = AuthService(database)
hash_entered = st_getter.get_password_hash(enter_password)
# Authentifizierung
success, user_data, message = auth_service.authenticate(email, password)
if success:
# Session setzen
session['user_id'] = user_data['id']
session['username'] = user_data['username']
session['email'] = user_data['email']
session['login_time'] = datetime.utcnow().isoformat()
# Permanent session wenn "Remember Me" aktiviert
if remember_me:
session.permanent = True
flash(f'Welcome back, {user_data["username"]}!', 'success')
logger.info(f"User logged in: {email}")
# Weiterleitung zu ursprünglich angeforderte Seite (falls vorhanden)
next_page = request.args.get('next')
if next_page:
return redirect(next_page)
if hash_entered == stored_hash:
return redirect(url_for('dashboard'))
else:
flash('Invalid email or password', 'error')
print("Stored hash:", stored_hash)
print("Entered hash:", hash_entered)
flash(message, 'error')
return redirect(url_for('login'))
return render_template('login.html')
@app.route('/logout')
@login_required
def logout():
"""Logout - nur für eingeloggte User"""
user_email = session.get('email')
username = session.get('username')
# Session komplett löschen
session.clear()
flash(f'Goodbye, {username}! You have been logged out successfully.', 'info')
if user_email:
logger.info(f"User logged out: {user_email}")
return redirect(url_for('login'))
@app.route('/dashboard')
@login_required
def dashboard():
#return "Welcome to the dashboard! Login successful."
return render_template('dashboard.html')
"""Dashboard - nur für eingeloggte User"""
user = get_current_user()
# Zusätzliche Dashboard-Daten (optional)
dashboard_data = {
'total_users': 'N/A', # Könnte aus DB geholt werden
'last_login': session.get('login_time', 'Unknown'),
'session_expires': 'Never' if session.permanent else '24 hours'
}
logger.debug(f"Dashboard accessed by user: {user['email']}")
return render_template('dashboard.html',
user=user,
dashboard_data=dashboard_data)
@app.route('/profile')
@login_required
def profile():
"""User Profile - nur für eingeloggte User"""
user = get_current_user()
# Hier könnten zusätzliche User-Daten aus der DB geholt werden
database = db_manager.get_db()
full_user_data = database.get_user_by_email(user['email'])
return render_template('profile.html', user=full_user_data)
@app.route('/change-password', methods=['GET', 'POST'])
@login_required
def change_password():
"""Passwort ändern - nur für eingeloggte User"""
if request.method == 'POST':
current_password = request.form.get('current_password', '')
new_password = request.form.get('new_password', '')
confirm_password = request.form.get('confirm_password', '')
if not current_password or not new_password or not confirm_password:
flash('Please fill out all fields', 'error')
return redirect(url_for('change_password'))
if new_password != confirm_password:
flash('New passwords do not match', 'error')
return redirect(url_for('change_password'))
# Aktuelles Passwort verifizieren
user = get_current_user()
database = db_manager.get_db()
auth_service = AuthService(database)
success, _, message = auth_service.authenticate(user['email'], current_password)
if not success:
flash('Current password is incorrect', 'error')
return redirect(url_for('change_password'))
# Neues Passwort setzen
from utils.password_utils import PasswordUtils
new_password_hash = PasswordUtils.hash_password_simple(new_password)
if database.update_user_password(user['email'], new_password_hash):
flash('Password changed successfully', 'success')
logger.info(f"Password changed for user: {user['email']}")
return redirect(url_for('dashboard'))
else:
flash('Failed to change password', 'error')
return redirect(url_for('change_password'))
return render_template('change_password.html')
# Error Handlers
@app.errorhandler(404)
def not_found(error):
return render_template('404.html'), 404
@app.errorhandler(500)
def internal_error(error):
logger.error(f"Internal server error: {error}")
flash('An internal error occurred. Please try again.', 'error')
return redirect(url_for('home'))
# Session Timeout Check
@app.before_request
def check_session_timeout():
"""Prüft ob Session abgelaufen ist"""
from datetime import datetime
if 'user_id' in session:
# Prüfe ob Session zu alt ist (optional)
login_time = session.get('login_time')
if login_time:
try:
login_datetime = datetime.fromisoformat(login_time)
now = datetime.utcnow()
# Session nach 24h abgelaufen (falls nicht permanent)
if not session.permanent and (now - login_datetime).total_seconds() > 86400:
session.clear()
flash('Your session has expired. Please log in again.', 'warning')
return redirect(url_for('login'))
except (ValueError, TypeError):
# Ungültiger Zeitstempel - Session löschen
session.clear()
flash('Invalid session. Please log in again.', 'warning')
return redirect(url_for('login'))
if __name__ == '__main__':
app.run(debug=True, host='0.0.0.0', port=8080, threaded=True)

395
frontend/templates/dashboard.html
View File

@@ -1,119 +1,312 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Register</title>
<style>
/* Use the same styling as login.html for consistency */
@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@300;600&display=swap');
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Dashboard - ChatBot</title>
<style>
@import url('https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap');
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Poppins', sans-serif;
}
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Inter', sans-serif;
}
body {
height: 100vh;
background: linear-gradient(135deg, #6a11cb 0%, #2575fc 100%);
display: flex;
align-items: center;
justify-content: center;
padding: 20px;
}
body {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
padding: 20px;
}
.login-container {
background: white;
max-width: 400px;
width: 100%;
padding: 40px 30px 50px;
border-radius: 20px;
box-shadow: 0 20px 40px rgba(0,0,0,0.2);
text-align: center;
transition: transform 0.3s ease;
}
.dashboard-container {
max-width: 1200px;
margin: 0 auto;
}
.login-container:hover {
transform: translateY(-8px);
box-shadow: 0 30px 60px rgba(0,0,0,0.3);
}
.header {
background: white;
padding: 20px 30px;
border-radius: 15px;
box-shadow: 0 10px 30px rgba(0,0,0,0.1);
margin-bottom: 30px;
display: flex;
justify-content: space-between;
align-items: center;
}
h2 {
font-weight: 600;
color: #333;
margin-bottom: 30px;
font-size: 28px;
letter-spacing: 1.2px;
}
.welcome-message {
color: #333;
}
.input-group {
margin-bottom: 25px;
text-align: left;
}
.welcome-message h1 {
font-size: 28px;
font-weight: 600;
margin-bottom: 5px;
}
label {
display: block;
margin-bottom: 8px;
color: #555;
font-weight: 600;
font-size: 14px;
}
input[type="username"],
input[type="email"],
input[type="password"] {
width: 100%;
padding: 14px 18px;
font-size: 16px;
border-radius: 12px;
border: 2px solid #ddd;
transition: 0.3s border-color ease;
box-shadow: 0 2px 5px rgba(0,0,0,0.05);
}
.welcome-message p {
color: #666;
font-size: 16px;
}
input[type="email"]:focus,
input[type="password"]:focus {
border-color: #2575fc;
outline: none;
box-shadow: 0 0 12px rgba(37, 117, 252, 0.5);
}
.user-actions {
display: flex;
gap: 15px;
align-items: center;
}
button {
width: 100%;
padding: 16px 0;
margin-top: 10px;
background-color: #2575fc;
border: none;
border-radius: 14px;
color: white;
font-size: 18px;
font-weight: 700;
letter-spacing: 1px;
cursor: pointer;
box-shadow: 0 10px 20px rgba(37, 117, 252, 0.4);
transition: background-color 0.3s ease, box-shadow 0.3s ease;
}
.user-info {
background: #f8f9fa;
padding: 10px 15px;
border-radius: 10px;
font-size: 14px;
color: #555;
}
button:hover {
background-color: #1859d6;
box-shadow: 0 15px 25px rgba(24, 89, 214, 0.6);
}
.btn {
padding: 10px 20px;
border: none;
border-radius: 8px;
font-size: 14px;
font-weight: 500;
cursor: pointer;
text-decoration: none;
display: inline-block;
transition: all 0.3s ease;
}
.error-message {
margin-top: 20px;
color: #ff4d4f;
font-weight: 600;
font-size: 15px;
text-align: center;
background: #ffe6e6;
padding: 10px 15px;
border-radius: 10px;
box-shadow: 0 2px 6px rgba(255,77,79,0.3);
display: none;
}
</style>
.btn-primary {
background: #667eea;
color: white;
}
.btn-primary:hover {
background: #5a67d8;
transform: translateY(-1px);
}
.btn-secondary {
background: #e2e8f0;
color: #4a5568;
}
.btn-secondary:hover {
background: #cbd5e0;
}
.btn-danger {
background: #e53e3e;
color: white;
}
.btn-danger:hover {
background: #c53030;
transform: translateY(-1px);
}
.dashboard-content {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
gap: 30px;
margin-bottom: 30px;
}
.card {
background: white;
padding: 25px;
border-radius: 15px;
box-shadow: 0 10px 30px rgba(0,0,0,0.1);
transition: transform 0.3s ease;
}
.card:hover {
transform: translateY(-5px);
}
.card h3 {
color: #333;
font-size: 20px;
font-weight: 600;
margin-bottom: 15px;
}
.card p {
color: #666;
line-height: 1.6;
margin-bottom: 15px;
}
.stats {
display: flex;
justify-content: space-between;
margin: 15px 0;
}
.stat-item {
text-align: center;
}
.stat-value {
font-size: 24px;
font-weight: 700;
color: #667eea;
}
.stat-label {
font-size: 12px;
color: #666;
text-transform: uppercase;
letter-spacing: 1px;
}
.alert {
padding: 15px 20px;
margin: 20px 0;
border-radius: 10px;
font-weight: 500;
}
.alert-success {
background: #d4edda;
color: #155724;
border: 1px solid #c3e6cb;
}
.alert-error {
background: #f8d7da;
color: #721c24;
border: 1px solid #f5c6cb;
}
.alert-warning {
background: #fff3cd;
color: #856404;
border: 1px solid #ffeaa7;
}
.alert-info {
background: #cce7ff;
color: #004085;
border: 1px solid #b8daff;
}
.quick-actions {
background: white;
padding: 25px;
border-radius: 15px;
box-shadow: 0 10px 30px rgba(0,0,0,0.1);
grid-column: 1 / -1;
}
.quick-actions h3 {
margin-bottom: 20px;
color: #333;
}
.action-buttons {
display: flex;
gap: 15px;
flex-wrap: wrap;
}
@media (max-width: 768px) {
.header {
flex-direction: column;
gap: 20px;
text-align: center;
}
.user-actions {
flex-direction: column;
width: 100%;
}
.dashboard-content {
grid-template-columns: 1fr;
}
.action-buttons {
flex-direction: column;
}
}
</style>
</head>
<body>
<div class="dashboard-container">
<!-- Flash Messages -->
{% with messages = get_flashed_messages(with_categories=true) %}
{% if messages %}
{% for category, message in messages %}
<div class="alert alert-{{ 'error' if category == 'error' else category }}">
{{ message }}
</div>
{% endfor %}
{% endif %}
{% endwith %}
<!-- Header -->
<div class="header">
<div class="welcome-message">
<h1>Welcome, {{ user.username }}! 👋</h1>
<p>Here's your ChatBot dashboard overview</p>
</div>
<div class="user-actions">
<div class="user-info">
Logged in as: <strong>{{ user.email }}</strong>
</div>
<a href="{{ url_for('profile') }}" class="btn btn-secondary">Profile</a>
<a href="{{ url_for('logout') }}" class="btn btn-danger"
onclick="return confirm('Are you sure you want to log out?')">
Logout
</a>
</div>
</div>
<!-- Dashboard Content -->
<div class="dashboard-content">
<div class="card">
<h3>Account Information</h3>
<p><strong>Username:</strong> {{ user.username }}</p>
<p><strong>Email:</strong> {{ user.email }}</p>
<p><strong>User ID:</strong> #{{ user.id }}</p>
<p><strong>Last Login:</strong> {{ dashboard_data.last_login[:19] if dashboard_data.last_login != 'Unknown' else 'Unknown' }}</p>
<a href="{{ url_for('change_password') }}" class="btn btn-primary">Change Password</a>
</div>
<div class="card">
<h3>Session Information</h3>
<p><strong>Session Status:</strong> Active</p>
<p><strong>Session Type:</strong> {{ 'Persistent' if session.permanent else 'Temporary' }}</p>
<p><strong>Expires:</strong> {{ dashboard_data.session_expires }}</p>
<div class="stats">
<div class="stat-item">
<div class="stat-value">{{ user.id }}</div>
<div class="stat-label">User ID</div>
</div>
</div>
</div>
<div class="card">
<h3>ChatBot Status</h3>
<p>Your personal chatbot is ready to help you.</p>
<p><strong>Status:</strong> <span style="color: #28a745;">Active</span></p>
<p><strong>Total Users:</strong> {{ dashboard_data.total_users }}</p>
<a href="#" class="btn btn-primary">Start Chat</a>
</div>
<!-- Quick Actions -->
<div class="quick-actions">
<h3>Quick Actions</h3>
<div class="action-buttons">
<a href="#" class="btn btn-primary">Start New Conversation</a>
<a href="{{ url_for('profile') }}" class="btn btn-secondary">View Profile</a>
<a href="{{ url_for('change_password') }}" class="btn btn-secondary">Change Password</a>
<a href="#" class="btn btn-secondary">Settings</a>
</div>
</div>
</div>
</div>
</body>
</html>

293
frontend/templates/login.html
View File

@@ -1,141 +1,190 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Login</title>
<style>
@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@300;600&display=swap');
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Login - ChatBot</title>
<style>
/* Use your existing beautiful login CSS here */
@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@300;600&display=swap');
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Poppins', sans-serif;
}
/* Your existing login styles... */
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Poppins', sans-serif;
}
body {
height: 100vh;
background: linear-gradient(135deg, #6a11cb 0%, #2575fc 100%);
display: flex;
align-items: center;
justify-content: center;
padding: 20px;
}
body {
height: 100vh;
background: linear-gradient(135deg, #6a11cb 0%, #2575fc 100%);
display: flex;
align-items: center;
justify-content: center;
padding: 20px;
}
.login-container {
background: white;
max-width: 400px;
width: 100%;
padding: 40px 30px 50px;
border-radius: 20px;
box-shadow: 0 20px 40px rgba(0,0,0,0.2);
text-align: center;
transition: transform 0.3s ease;
}
.login-container {
background: white;
max-width: 400px;
width: 100%;
padding: 40px 30px 50px;
border-radius: 20px;
box-shadow: 0 20px 40px rgba(0,0,0,0.2);
text-align: center;
transition: transform 0.3s ease;
}
.login-container:hover {
transform: translateY(-8px);
box-shadow: 0 30px 60px rgba(0,0,0,0.3);
}
.login-container:hover {
transform: translateY(-8px);
box-shadow: 0 30px 60px rgba(0,0,0,0.3);
}
h2 {
font-weight: 600;
color: #333;
margin-bottom: 30px;
font-size: 28px;
letter-spacing: 1.2px;
}
h2 {
font-weight: 600;
color: #333;
margin-bottom: 30px;
font-size: 28px;
letter-spacing: 1.2px;
}
.input-group {
margin-bottom: 25px;
text-align: left;
}
.input-group {
margin-bottom: 25px;
text-align: left;
}
label {
display: block;
margin-bottom: 8px;
color: #555;
font-weight: 600;
font-size: 14px;
}
label {
display: block;
margin-bottom: 8px;
color: #555;
font-weight: 600;
font-size: 14px;
}
input[type="email"],
input[type="password"] {
width: 100%;
padding: 14px 18px;
font-size: 16px;
border-radius: 12px;
border: 2px solid #ddd;
transition: 0.3s border-color ease;
box-shadow: 0 2px 5px rgba(0,0,0,0.05);
}
input[type="email"],
input[type="password"] {
width: 100%;
padding: 14px 18px;
font-size: 16px;
border-radius: 12px;
border: 2px solid #ddd;
transition: 0.3s border-color ease;
box-shadow: 0 2px 5px rgba(0,0,0,0.05);
}
input[type="email"]:focus,
input[type="password"]:focus {
border-color: #2575fc;
outline: none;
box-shadow: 0 0 12px rgba(37, 117, 252, 0.5);
}
input[type="email"]:focus,
input[type="password"]:focus {
border-color: #2575fc;
outline: none;
box-shadow: 0 0 12px rgba(37, 117, 252, 0.5);
}
button {
width: 100%;
padding: 16px 0;
margin-top: 10px;
background-color: #2575fc;
border: none;
border-radius: 14px;
color: white;
font-size: 18px;
font-weight: 700;
letter-spacing: 1px;
cursor: pointer;
box-shadow: 0 10px 20px rgba(37, 117, 252, 0.4);
transition: background-color 0.3s ease, box-shadow 0.3s ease;
}
.checkbox-group {
display: flex;
align-items: center;
margin: 15px 0;
text-align: left;
}
button:hover {
background-color: #1859d6;
box-shadow: 0 15px 25px rgba(24, 89, 214, 0.6);
}
.checkbox-group input[type="checkbox"] {
margin-right: 8px;
}
.error-message {
margin-top: 20px;
color: #ff4d4f;
font-weight: 600;
font-size: 15px;
text-align: center;
background: #ffe6e6;
padding: 10px 15px;
border-radius: 10px;
box-shadow: 0 2px 6px rgba(255,77,79,0.3);
display: none;
}
</style>
.checkbox-group label {
margin: 0;
font-size: 14px;
color: #666;
}
button {
width: 100%;
padding: 16px 0;
margin-top: 10px;
background-color: #2575fc;
border: none;
border-radius: 14px;
color: white;
font-size: 18px;
font-weight: 700;
letter-spacing: 1px;
cursor: pointer;
box-shadow: 0 10px 20px rgba(37, 117, 252, 0.4);
transition: background-color 0.3s ease, box-shadow 0.3s ease;
}
button:hover {
background-color: #1859d6;
box-shadow: 0 15px 25px rgba(24, 89, 214, 0.6);
}
.register-link {
margin-top: 20px;
font-size: 14px;
color: #666;
}
.register-link a {
color: #2575fc;
text-decoration: none;
font-weight: 600;
}
.register-link a:hover {
text-decoration: underline;
}
.error-message {
margin-top: 20px;
color: #ff4d4f;
font-weight: 600;
font-size: 15px;
text-align: center;
background: #ffe6e6;
padding: 10px 15px;
border-radius: 10px;
box-shadow: 0 2px 6px rgba(255,77,79,0.3);
display: none;
}
</style>
</head>
<body>
<div class="login-container">
<h2>Login to Your Account</h2>
{% with messages = get_flashed_messages(with_categories=true) %}
{% if messages %}
<div class="error-message" style="display: block;">
{% for category, message in messages %}
{{ message }}
{% endfor %}
</div>
{% endif %}
{% endwith %}
<form method="POST" action="{{ url_for('login') }}">
<div class="input-group">
<label for="email">Email Address</label>
<input type="email" id="email" name="email" placeholder="you@example.com" required />
</div>
<div class="input-group">
<label for="password">Password</label>
<input type="password" id="password" name="password" placeholder="Your password" required />
</div>
<button type="submit">Log In</button>
</form>
</div>
<div class="login-container">
<h2>Login to Your Account</h2>
<!-- Flash Messages -->
{% with messages = get_flashed_messages(with_categories=true) %}
{% if messages %}
<div class="error-message" style="display: block;">
{% for category, message in messages %}
{{ message }}
{% endfor %}
</div>
{% endif %}
{% endwith %}
<form method="POST" action="{{ url_for('login') }}">
<div class="input-group">
<label for="email">Email Address</label>
<input type="email" id="email" name="email"
placeholder="you@example.com"
value="{{ request.form.email if request.form.email }}"
required />
</div>
<div class="input-group">
<label for="password">Password</label>
<input type="password" id="password" name="password"
placeholder="Your password" required />
</div>
<div class="checkbox-group">
<input type="checkbox" id="remember_me" name="remember_me" />
<label for="remember_me">Remember me</label>
</div>
<button type="submit">Log In</button>
<div class="register-link">
Don't have an account? <a href="{{ url_for('register') }}">Sign up here</a>
</div>
</form>
</div>
</body>
</html>

155
frontend/templates/profile.html Normal file
View File

@@ -0,0 +1,155 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Profile - ChatBot</title>
<style>
/* Use similar styles as dashboard */
@import url('https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap');
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Inter', sans-serif;
}
body {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
padding: 20px;
}
.profile-container {
max-width: 800px;
margin: 0 auto;
background: white;
border-radius: 15px;
box-shadow: 0 20px 40px rgba(0,0,0,0.1);
overflow: hidden;
}
.profile-header {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
padding: 40px;
text-align: center;
}
.profile-header h1 {
font-size: 36px;
margin-bottom: 10px;
}
.profile-header p {
font-size: 18px;
opacity: 0.9;
}
.profile-content {
padding: 40px;
}
.profile-info {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
gap: 30px;
margin-bottom: 30px;
}
.info-card {
background: #f8f9fa;
padding: 25px;
border-radius: 10px;
border-left: 4px solid #667eea;
}
.info-card h3 {
color: #333;
margin-bottom: 15px;
}
.info-card p {
color: #666;
margin-bottom: 10px;
}
.btn {
display: inline-block;
padding: 12px 24px;
background: #667eea;
color: white;
text-decoration: none;
border-radius: 8px;
font-weight: 500;
margin-right: 10px;
margin-bottom: 10px;
transition: all 0.3s ease;
}
.btn:hover {
background: #5a67d8;
transform: translateY(-2px);
}
.btn-secondary {
background: #e2e8f0;
color: #4a5568;
}
.btn-secondary:hover {
background: #cbd5e0;
}
.back-link {
margin-bottom: 20px;
}
.back-link a {
color: #667eea;
text-decoration: none;
font-weight: 500;
}
.back-link a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<div class="profile-container">
<div class="profile-header">
<h1>{{ user.username }}</h1>
<p>User Profile</p>
</div>
<div class="profile-content">
<div class="back-link">
<a href="{{ url_for('dashboard') }}">&larr; Back to Dashboard</a>
</div>
<div class="profile-info">
<div class="info-card">
<h3>Account Details</h3>
<p><strong>User ID:</strong> #{{ user.id }}</p>
<p><strong>Username:</strong> {{ user.username }}</p>
<p><strong>Email:</strong> {{ user.email }}</p>
</div>
<div class="info-card">
<h3>Account Status</h3>
<p><strong>Status:</strong> <span style="color: #28a745;">Active</span></p>
<p><strong>Created:</strong> {{ user.created_at[:19] if user.created_at else 'Unknown' }}</p>
<p><strong>Last Updated:</strong> {{ user.updated_at[:19] if user.updated_at else 'Unknown' }}</p>
</div>
</div>
<div style="text-align: center; margin-top: 30px;">
<a href="{{ url_for('change_password') }}" class="btn">Change Password</a>
<a href="{{ url_for('dashboard') }}" class="btn btn-secondary">Back to Dashboard</a>
</div>
</div>
</div>
</body>
</html>

30
main.py
View File

@@ -1,12 +1,28 @@
import sqlLite
import logging
import os
from frontend.app import app
sqlLite.set_db_name("databases/test.db")
# Logging konfigurieren
logging.basicConfig(
level=logging.INFO,
format='%(asctime)s - %(name)s - %(levelname)s - %(message)s'
)
import sqlLite.create as create
create.create_table_t_user()
logger = logging.getLogger(__name__)
if __name__ == '__main__':
app.run(debug=True, host='0.0.0.0', port=8080)
# Environment-Konfiguration
debug = os.getenv('FLASK_DEBUG', 'False').lower() == 'true'
host = os.getenv('FLASK_HOST', '0.0.0.0')
port = int(os.getenv('FLASK_PORT', '8080'))
logger.info(f"Starting ChatBot application on {host}:{port}")
logger.info(f"Debug mode: {debug}")
try:
app.run(debug=debug, host=host, port=port)
except KeyboardInterrupt:
logger.info("Application stopped by user")
except Exception as e:
logger.error(f"Application failed to start: {e}")
raise

0
models/user.py Normal file
View File

0
services/__init__.py Normal file
View File

50
services/auth_service.py Normal file
View File

@@ -0,0 +1,50 @@
import logging
from typing import Optional, Dict, Any
from database.interface import DatabaseInterface
from utils.password_utils import PasswordUtils
from utils.validation import ValidationUtils
logger = logging.getLogger(__name__)
class AuthService:
def __init__(self, database: DatabaseInterface):
self.db = database
def authenticate(self, email: str, password: str) -> tuple[bool, Optional[Dict[str, Any]], str]:
if not ValidationUtils.validate_email(email):
return False, None, "Invalid email format"
if not password:
return False, None, "Password is required"
try:
# User holen
user = self.db.get_user_by_email(email.lower())
if not user:
logger.warning(f"Authentication failed: user not found for email {email}")
return False, None, "Invalid email or password"
# Passwort prüfen
stored_hash = user.get('password_hash')
if not stored_hash:
logger.error(f"No password hash found for user {email}")
return False, None, "Authentication error"
# Einfacher Hash-Vergleich (für Rückwärtskompatibilität)
entered_hash = PasswordUtils.hash_password_simple(password)
if entered_hash == stored_hash:
logger.info(f"Authentication successful for user: {email}")
# Sensible Daten nicht zurückgeben
safe_user_data = {
'id': user['id'],
'username': user['username'],
'email': user['email'],
'created_at': user.get('created_at')
}
return True, safe_user_data, "Authentication successful"
else:
logger.warning(f"Authentication failed: wrong password for email {email}")
return False, None, "Invalid email or password"
except Exception as e:
logger.error(f"Authentication error for email {email}: {e}")
return False, None, "Authentication error"

73
services/user_service.py Normal file
View File

@@ -0,0 +1,73 @@
import logging
from typing import Optional, Dict, Any
from database.interface import DatabaseInterface
from utils.password_utils import PasswordUtils
from utils.validation import ValidationUtils
logger = logging.getLogger(__name__)
class UserService:
def __init__(self, database: DatabaseInterface):
self.db = database
def create_user(self, username: str, email: str, password: str) -> tuple[bool, list[str]]:
errors = []
# Validierung
if not ValidationUtils.validate_username(username):
errors.append("Invalid username format")
if not ValidationUtils.validate_email(email):
errors.append("Invalid email format")
password_valid, password_errors = ValidationUtils.validate_password(password)
if not password_valid:
errors.extend(password_errors)
if errors:
return False, errors
# Prüfe auf existierende User
if self.get_user_by_email(email):
errors.append("Email already registered")
if self.get_user_by_username(username):
errors.append("Username already taken")
if errors:
return False, errors
# Passwort hashen
password_hash = PasswordUtils.hash_password_simple(password)
# User erstellen
try:
success = self.db.create_user(username, email.lower(), password_hash)
if success:
logger.info(f"User created successfully: {email}")
return True, []
else:
logger.warning(f"Failed to create user: {email}")
return False, ["Failed to create user"]
except Exception as e:
logger.error(f"Error creating user: {e}")
return False, [f"Database error: {str(e)}"]
def get_user_by_email(self, email: str) -> Optional[Dict[str, Any]]:
if not ValidationUtils.validate_email(email):
return None
try:
return self.db.get_user_by_email(email.lower())
except Exception as e:
logger.error(f"Error getting user by email: {e}")
return None
def get_user_by_username(self, username: str) -> Optional[Dict[str, Any]]:
if not ValidationUtils.validate_username(username):
return None
try:
return self.db.get_user_by_username(username)
except Exception as e:
logger.error(f"Error getting user by username: {e}")
return None

0
utils/__init__.py Normal file
View File

43
utils/auth_decorators.py Normal file
View File

@@ -0,0 +1,43 @@
from functools import wraps
from flask import session, redirect, url_for, flash, request
import logging
logger = logging.getLogger(__name__)
def login_required(f):
"""
Decorator to protect routes that require authentication
"""
@wraps(f)
def decorated_function(*args, **kwargs):
if 'user_id' not in session or 'email' not in session:
flash('Please log in to access this page', 'warning')
logger.info(f"Unauthorized access attempt to {request.endpoint}")
return redirect(url_for('login'))
return f(*args, **kwargs)
return decorated_function
def logout_required(f):
"""
Decorator for routes that should only be accessible when NOT logged in
(e.g., login, register pages)
"""
@wraps(f)
def decorated_function(*args, **kwargs):
if 'user_id' in session:
flash('You are already logged in', 'info')
return redirect(url_for('dashboard'))
return f(*args, **kwargs)
return decorated_function
def get_current_user():
"""
Helper function to get current user info from session
"""
if 'user_id' in session:
return {
'id': session['user_id'],
'username': session['username'],
'email': session['email']
}
return None

27
utils/password_utils.py Normal file
View File

@@ -0,0 +1,27 @@
import hashlib
import secrets
import logging
logger = logging.getLogger(__name__)
class PasswordUtils:
@staticmethod
def hash_password(password: str, salt: str = None) -> tuple[str, str]:
if salt is None:
salt = secrets.token_hex(32)
password = password.strip()
salted_password = password + salt
hash_object = hashlib.sha512(salted_password.encode('utf-8'))
password_hash = hash_object.hexdigest()
logger.debug("Password hashed successfully")
return password_hash, salt
@staticmethod
def verify_password(password: str, stored_hash: str, salt: str) -> bool:
computed_hash, _ = PasswordUtils.hash_password(password, salt)
return secrets.compare_digest(computed_hash, stored_hash)
@staticmethod
def hash_password_simple(password: str) -> str:
password = password.strip()
return hashlib.sha512(password.encode('utf-8')).hexdigest()

56
utils/validation.py Normal file
View File

@@ -0,0 +1,56 @@
import re
import logging
logger = logging.getLogger(__name__)
class ValidationUtils:
@staticmethod
def validate_email(email: str) -> bool:
if not email or not isinstance(email, str):
return False
email = email.strip().lower()
pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
is_valid = bool(re.match(pattern, email))
if not is_valid:
logger.warning(f"Invalid email format: {email}")
return is_valid
@staticmethod
def validate_username(username: str) -> bool:
if not username or not isinstance(username, str):
return False
username = username.strip()
# Username-Regeln: 3-25 Zeichen, nur Buchstaben, Zahlen und Unterstrich
if len(username) < 3 or len(username) > 25:
logger.warning(f"Username length invalid: {len(username)}")
return False
pattern = r'^[a-zA-Z0-9_]+$'
is_valid = bool(re.match(pattern, username))
if not is_valid:
logger.warning(f"Invalid username format: {username}")
return is_valid
@staticmethod
def validate_password(password: str) -> tuple[bool, list[str]]:
errors = []
if not password or not isinstance(password, str):
errors.append("Password is required")
return False, errors
if len(password) < 4 or len(password) > 50:
errors.append("Password must be at least 4 characters long and must not exceed 128 characters")
if not re.search(r'[A-Z]', password):
errors.append("Password must contain at least one uppercase letter")
if not re.search(r'[a-z]', password):
errors.append("Password must contain at least one lowercase letter")
if not re.search(r'\d', password):
errors.append("Password must contain at least one digit")
if not re.search(r'[!@#$%^&*(),.?":{}|<>]', password):
errors.append("Password must contain at least one special character")
is_valid = len(errors) == 0
if not is_valid:
logger.warning(f"Password validation failed: {errors}")
return is_valid, errors