From 8861a833a4cd746c45ef315baf818c6daf09540b Mon Sep 17 00:00:00 2001 From: Matt Soucy Date: Wed, 15 Dec 2021 22:51:12 -0500 Subject: [PATCH] Use POST for signing in and out instead of GET --- signinapp/static/qr.js | 10 +++++++--- signinapp/views.py | 9 +++++---- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/signinapp/static/qr.js b/signinapp/static/qr.js index 7b36e0b..591d019 100644 --- a/signinapp/static/qr.js +++ b/signinapp/static/qr.js @@ -27,7 +27,7 @@ function populateUsers(userdata) { function updateUserData() { const event = "training" - fetch(`/users/${event}`, { method: "GET" }) + fetch(`/users/${event}`) .then(data => data.json()) .then(json => { populateUsers(json) @@ -41,8 +41,12 @@ function onScanSuccess(decodedText, decodedResult) { setTimeout(function () { html5QrcodeScanner.resume() }, 2000); } const event = "training" - const b32name = encodeURIComponent(decodedText) - fetch(`/scan/${event}/${b32name}`, { method: "GET" }) + + let formData = new FormData(); + formData.append('name', decodedText); + formData.append('event', event); + + fetch(`/scan`, { method: "POST", body: formData}) .then(data => data.json()) .then(json => { toast(json['message']) diff --git a/signinapp/views.py b/signinapp/views.py index 015f009..e79c6c0 100644 --- a/signinapp/views.py +++ b/signinapp/views.py @@ -1,6 +1,6 @@ #!/usr/bin/env python -from flask import Flask, jsonify +from flask import jsonify, request from flask.templating import render_template from . import app @@ -12,10 +12,11 @@ def index(): return render_template("index.html") -@app.route("/scan//") -def scan(event, name): +@app.route("/scan", methods=['POST']) +def scan(): + event = request.values['event'] + name = request.values['name'] (human, sign) = model.scan(event, name) - print(f"'{name}' signed {sign} to event '{event}'") return jsonify({ 'stamp': sign,