app: render and serve proper web pages

18 files changed, 1016 insertions, 26 deletions

diff --git a/app/app.py b/app/app.py
index 3bf0337..b22b3cd 100644
--- a/app/app.py
+++ b/app/app.py
@@ -3,6 +3,7 @@
 # Licence: EUPL-1.2
 
 from fastapi import FastAPI, status
+from fastapi.staticfiles import StaticFiles
 import app_sessions
 import app_account
 import app_wallet
@@ -15,3 +16,6 @@ main.add_middleware(app_sessions.SessionManager)
 # Register our request handlers
 main.include_router(app_account.router)
 main.include_router(app_wallet.router)
+
+# Handler for static resource files (CSS, JS, ...)
+main.mount('/', StaticFiles(directory='./static/'), name='static')
diff --git a/app/app_account.py b/app/app_account.py
index 3f4869d..e3d6433 100644
--- a/app/app_account.py
+++ b/app/app_account.py
@@ -3,6 +3,7 @@
 # Licence: EUPL-1.2
 
 from fastapi import APIRouter, Depends, Request, Form, status
+from fastapi.responses import RedirectResponse, HTMLResponse
 
 from passlib.context import CryptContext
 import re
@@ -10,8 +11,9 @@ import re
 from embrace.exceptions import IntegrityError
 from psycopg2.errors import UniqueViolation
 
-from app_sessions import UserSession
+from app_sessions import UserSession, FlashMessageQueue
 from app_database import db_transaction
+from app_templating import TemplateRenderer
 
 
 # Password hashing context.
@@ -20,42 +22,51 @@ password_ctx = CryptContext(schemes=['bcrypt'], deprecated='auto')
 
 username_pattern = re.compile(r'^[a-zA-Z0-9-_]{4,16}$')
 
+to_homepage = RedirectResponse('/', status_code=status.HTTP_303_SEE_OTHER)
+to_wallet = RedirectResponse('/wallet', status_code=status.HTTP_303_SEE_OTHER)
+
 router = APIRouter()
 
 
-@router.get('/')
+@router.get('/', response_class=HTMLResponse)
 def homepage(
     session: UserSession=Depends(UserSession),
+    render: TemplateRenderer=Depends(TemplateRenderer),
 ):
     if session.is_logged_in():
-        return 'Welcome!'
+        return to_wallet
 
-    return 'Homepage here.'
+    return render('homepage.html.jinja')
 
 
 @router.post('/account/register')
 def account_register(
     session: UserSession=Depends(UserSession),
+    messages: FlashMessageQueue=Depends(FlashMessageQueue),
     username: str=Form(...),
     password: str=Form(...),
 ):
     try:
         if username_pattern.match(username) is None:
-            return 'error: Invalid username format.'
+            messages.add('error', 'Invalid username format.')
+            return to_homepage
 
         if not 4 <= len(password) <= 32:
-            return 'error: Invalid password length.'
+            messages.add('error', 'Invalid password length.')
+            return to_homepage
 
         hash = password_ctx.hash(password)
         with db_transaction() as tx:
             user = tx.create_account(username=username, password_hash=hash)
 
         session.login(user.id)
-        return 'Account succesfully created. Welcome!'
+        messages.add('success', 'Account succesfully created. Welcome!')
+        return to_wallet
 
     except IntegrityError as exception:
         if isinstance(exception.__cause__, UniqueViolation):
-            return 'error: This username is already taken.'
+            messages.add('error', 'This username is already taken.')
+            return to_homepage
         else:
             raise exception
 
@@ -63,6 +74,7 @@ def account_register(
 @router.post('/account/login')
 def session_login(
     session: UserSession=Depends(UserSession),
+    messages: FlashMessageQueue=Depends(FlashMessageQueue),
     username: str=Form(...),
     password: str=Form(...),
 ):
@@ -71,17 +83,20 @@ def session_login(
 
     if user is not None and password_ctx.verify(password, user.password_hash):
         session.login(user.id)
-        return 'Welcome back!'
+        messages.add('info', 'Welcome back!')
+        return to_wallet
     else:
-        return 'error: Invalid credentials.'
+        messages.add('error', 'Invalid credentials.')
+        return to_homepage
 
 
 @router.post('/account/logout')
 def session_logout(
     session: UserSession=Depends(UserSession),
+    messages: FlashMessageQueue=Depends(FlashMessageQueue),
 ):
     if session.is_logged_in():
         session.logout()
-        return 'You have been successfully logged out.'
+        messages.add('info', 'You have been successfully logged out.')
 
-    return 'Nothing to do'
+    return to_homepage
diff --git a/app/app_sessions.py b/app/app_sessions.py
index 89521fb..7a931d5 100644
--- a/app/app_sessions.py
+++ b/app/app_sessions.py
@@ -15,6 +15,33 @@ cookie_key = environ['COOKIE_SECRET_KEY']
 SessionManager = partial(SessionMiddleware, secret_key=cookie_key)
 
 
+class FlashMessageQueue:
+    """
+    Session decorator for managing session flash messages to be displayed to
+    the user from one page to another. This suits confirmation and error
+    messages. Messages are stored in the session cookie, which is limited in
+    size to about 4kb.
+    """
+
+    def __init__(self, request: Request):
+        if 'messages' not in request.session:
+            request.session['messages'] = []
+
+        self._messages = request.session['messages']
+
+    def add(self, class_: str, message: str):
+        self._messages.append((class_, message))
+
+    def __iter__(self):
+        return self
+
+    def __next__(self):
+        if not self._messages:
+            raise StopIteration
+
+        return self._messages.pop(0)
+
+
 class UserSession:
     """
     Session decorator for managing user login sessions.
diff --git a/app/app_templating.py b/app/app_templating.py
new file mode 100644
index 0000000..427170b
--- /dev/null
+++ b/app/app_templating.py
@@ -0,0 +1,51 @@
+# UGE / L2 / Intro to relational databases / Python project prototype
+# Author: Pacien TRAN-GIRARD
+# Licence: EUPL-1.2
+
+from typing import Optional, NamedTuple