#!/usr/bin/env python3 # -*- coding: utf-8 -*- # Copyright 2025, School of Engineering and Architecture of Fribourg # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. from flask import request, Flask, url_for, render_template, redirect import operators import json __author__ = 'Michael Mader' __date__ = "2025-03-10" __version__ = "0.5" __email__ = "michael.maeder@hefr.ch" """ DevSecOps lab A little web application that offers API calls for arithmetic operations """ # creation of the Flask application app = Flask(__name__) app.config['SECRET_KEY'] = 'the-best-secret-ever' # super secure key against CSRF attacks # global variable containing the name of the login user global_data = {'username': 'no_user'} # incrementation route @app.route('/inc') def plus_one(): x = int(request.args.get('x', 1)) return json.dumps({'x': operators.addition(x, 1)}) # addition route, the parameters will be passed with 'x' and 'y' @app.route('/add') def plus_y(): x = int(request.args.get('x', 1)) y = int(request.args.get('y', 1)) return json.dumps({'result': operators.addition(x, y)}) # multiplication route, the parameters will be passed with 'x' and 'y' @app.route('/mul') def multiply_y(): x = int(request.args.get('x', 1)) y = int(request.args.get('y', 1)) return json.dumps({'result': operators.multiplication(x, y)}) # division route, the parameters will be passed with 'x' and 'y' @app.route('/div') def division_y(): x = int(request.args.get('x', 1)) y = int(request.args.get('y', 1)) return json.dumps({'result': operators.division(x, y)}) # help route, giving some information about the API @app.route('/help') def unused(): return "Super calculator API" # default route, just showing the main page @app.route('/') @app.route('/index') def index(): return render_template('index.html', title='Home', app_data=global_data, ) # login route, the given username will be used to welcome the user @app.route('/login', methods=['GET', 'POST']) def login(): # handle the POST request if request.method == 'POST': username = request.form["username"] print(f"got: {username}") global_data['username'] = request.form.get('username') return redirect(url_for('index')) # otherwise handle the GET request return render_template('login.html', title='Sign In',)