Master Securite IT Et Big Data 2024/2025: Python Avance
Master Securite IT Et Big Data 2024/2025: Python Avance
Python Avance
Atelier 5
Partie 2 :Flask………………………………………………………………………………..
2.1.Home page………………………………………………………………………………………………..
2.2.Authentification JWT……………………………………………………………………………………
2.3.Page d’utilisateur…………………………………………………………………………………….
2.4.Ajouter commande…………………………………………………………………………………….
2
Partie I :Mysql
1.1.Transaltion de diagramme de classe en code source python
Class User :
class User:
def __init__(self,nom:str,login:str,password:str,id_user=None):
self._nom=nom
self._login=login
self._password=password
self._id_user=id_user
def getPassword(self):
return self._password
def getIdUser(self):
return self._id_user
def getNom(self):
return self._nom
def getLogin(self):
return self._login
def __repr__(self):
return f'[{self._nom} - {self._login} - {self.getPassword()}]'
3
Class Client
class Client(User):
def __init__(self,numero:str,nom:str,login:str,password:str,id_user=None):
super().__init__(nom,login,password,id_user)
self.__numero=numero
self.cmds=[]
def ajouterCmd(self,ref:int,date:str):
cmd = Commande(ref,date)
self.cmds.append(cmd)
def getNumero(self):
return self.__numero
def __repr__(self):
return 'user info:' + super().__repr__() + f' numero {self.__numero}'
Class Commande
class Commande :
def __init__(self,reference:int,date:str,id_client:int,id_cmd:int=None):
self.id_cmd=id_cmd
self.__reference=reference
self.date = date
self.id_client=id_client # foreign key
self.produits=[]
def ajouterProd(self,prod):
self.produits.append(prod)
def __repr__(self):
return f'id_cmd :{self.id_cmd} - ref {self.__reference} - date {self.date} -
id_client {self.id_client}'
def getReference(self):
return self.__reference
4
Class Produit
class Produit :
def __init__(self,libelle:str,prix:float,id_prod:int=None):
self.id_prod=id_prod
self.libelle=libelle
self.prix=prix
self.cmds=[]
def ajouterCmd(self,cmd):
self.cmds.append(cmd)
def trierProduit(self,ls):
sorted_ls=sorted(ls,key=lambda p : (p.libelle,p.prix))
return sorted_ls
def Operator_(self,pr):
pass
def __repr__(self):
return f'prod : {self.libelle} - {self.prix} dh'
class Lign_cmd:
def __repr__(self):
return f'lign cmd : {self.produit} - {self.cmd} - {self.qte}'
5
1.2.Translation de diagramme de classe en schéma de bdd
class DAO(ABC):
def __init__(self) -> None:
super().__init__()
self._connection =
mysql.connector.connect(host='localhost',user='root',password='',database='store')
@abstractmethod
def create(self,obj):
pass
@abstractmethod
def readOne(self,id) :
pass
@abstractmethod
def readAll(self, obj) -> list:
pass
@abstractmethod
def update(self,obj):
pass
@abstractmethod
def delete(self,obj):
pass
6
1.3.2. class USERDAO
from dao import DAO
from entities import *
class USERDAO(DAO):
def __init__(self):
super().__init__()
self.mycursor= self._connection.cursor()
7
def verifieLogin(self,username,password):
sql='select * from user where login=%s and password=%s'
val=(username,password)
self.mycursor.execute(sql,val)
user=self.mycursor.fetchone()
if user :
return True
return False
def getidUser(self,username,password):
sql='select id_user from user where login=%s and password=%s'
val=(username,password)
self.mycursor.execute(sql,val)
id_user=self.mycursor.fetchone()
return id_user
class CLIENTDAO(DAO):
def __init__(self):
super().__init__()
self.mycursor= self._connection.cursor()
8
def update(self, obj: Client):
sql = 'UPDATE client SET numero = %s WHERE id_client = %s'
val = (obj.getNumero(),obj.getIdUser())
self.mycursor.execute(sql, val)
self._connection.commit()
class PRODUITDAO(DAO):
def __init__(self):
super().__init__()
self.mycursor= self._connection.cursor()
9
def update(self, obj: Produit):
sql = 'UPDATE produit SET prix=%s WHERE id_prod = %s'
val = (obj.prix,obj.id_prod)
self.mycursor.execute(sql, val)
self._connection.commit()
class COMMANDEDAO(DAO):
def __init__(self):
super().__init__()
self.mycursor= self._connection.cursor()
10
def update(self, obj: Commande):
sql = 'UPDATE produit SET date=%s WHERE id_cmd = %s'
val = (obj.date,obj.id_cmd)
self.mycursor.execute(sql, val)
self._connection.commit()
def readCmdClient(self,id):
sql='select * from commande where client_id=%s'
val=(id,)
self.mycursor.execute(sql,val)
cmds=self.mycursor.fetchall()
client_cmds=[]
for cmd in cmds:
client_cmds.append(Commande(cmd[1],cmd[2],cmd[3],cmd[0]))
return client_cmds
class LIGNCOMMANDEDAO(DAO):
def __init__(self):
super().__init__()
self.mycursor= self._connection.cursor()
11
def readOne(self, id) -> Lign_cmd:
sql='select * from lign_cmd where commande_id = %s'
val = (id,)
self.mycursor.execute(sql,val)
l_cmd =self.mycursor.fetchone()
return Lign_cmd(l_cmd[3],l_cmd[2],l_cmd[1],l_cmd[0])
12
Partie 2 :Flask
Backend Flask
from flask import Flask , render_template,redirect, url_for,request,flash,make_response
from flask_wtf.csrf import CSRFProtect
from forms import *
storeapp = Flask(__name__)
storeapp.config['SECRET_KEY'] = '12345678'
storeapp.config['JWT_SECRET_KEY'] = '67584654233287'
csrf = CSRFProtect(storeapp)
jwt = JWTManager(storeapp)
# Home page
@storeapp.route('/')
def home():
return render_template('home.html' , pagetitle='Home')
#login
@storeapp.route('/login', methods=['GET', 'POST'])
def login():
form = LoginForm()
userdao=USERDAO()
if form.validate_on_submit():
username = str(form.username.data).strip()
password = str(form.password.data).strip()
13
# user page after connection
@storeapp.route('/user_page', methods=['GET'])
def user_page():
token = request.args.get('token') # Récupérer le token transmis dans l'URL
id_user = request.args.get('id_user') # Récupère l'ID utilisateur de l'URL
username=request.args.get('username')
return render_template('user_page.html',
token=token,id_user=id_user,username=username,pagetitle='User Page')
# user commande
@storeapp.route('/cmd_client/<id>')
def affiche_cmd_client(id):
cmddao=COMMANDEDAO()
client_cmd=cmddao.readCmdClient(id)
return render_template('client_cmd.html',pagetitle='Client Commands',client_cmds=client_cmd)
# ajouter commande
if form.validate_on_submit():
# Ici vous pouvez ajouter la logique pour enregistrer la commande dans la base de
données
reference = form.reference.data
date = str(form.date.data)
client_id = form.client_id.data
commandedao.create(Commande(reference,date,client_id))
# Rediriger vers une page de confirmation ou d'affichage
return redirect(url_for('confirmation'))
# Page de confirmation
@storeapp.route('/confirmation')
def confirmation():
return "Commande ajoutée avec succès!"
14
@storeapp.route('/logout', methods=['GET'])
# @jwt_required() # Assurez-vous que l'utilisateur est authentifié pour se déconnecter
def logout():
# Créer une réponse de redirection vers la page de connexion
response = make_response(redirect(url_for('login')))
return response
if __name__=='__main__':
storeapp.run(debug=True,port=4400)
2.1.Home page
C’est le premier page apparait apres l’execution de l’application , ou l’utilisateur peut connecter en cliquant sur
login
2.2.Authentification JWT
apres l’utilisateur click sur login , cette page sera apparait, en utilisant l’authentification JWT , on peut generer le
tocken associe au l’utilisateur authentifie :
15
2.3.Page d’utilisateur
Apres avoir authentifie , l’utilisateur doit rediriger vers son page ou il a la possibilité de ajouter des commandes,
Voir son commandes , ou logout
2.4.Ajouter commande
L’utilisateur peur ajouter des commandes en specifiant la reference , la date du commande et l’ID du client
16
2.5.Voir les commandes
Le client peut voir les commandes a été effectue par lui-même :
17