rodvicj · rodvicj · Jul 29, 2024 · Jul 29, 2024 · Aug 1, 2024 · Aug 4, 2024
diff --git a/.flake8 b/.flake8
@@ -0,0 +1,15 @@
+[flake8]
+ignore = E501,E203,C101,I100,I201,W503,W504,A005,W391,E129
+exclude =
+    **/migrations/*,
+    .git,
+    .mypy_cache,
+    __pycache__,
+    .venv
+filename = *.py
+accept-encodings = utf-8
+inline-quotes = double
+max-complexity = 12
+max-linenumber = 500
+max-line-length = 119
+multiline-quotes = double
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,29 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+repos:
+  - repo: https://github.com/PyCQA/flake8
+    rev: 7.0.0
+    hooks:
+      - id: flake8
+        additional_dependencies:
+          - flake8-bugbear
+          - flake8-builtins
+          - flake8-coding
+          - flake8-import-order
+          - flake8-polyfill
+          - flake8-quotes
+  - repo: https://github.com/pycqa/isort
+    rev: 5.12.0
+    hooks:
+      - id: isort
+        name: isort (python)
+  - repo: https://github.com/pre-commit/mirrors-mypy
+    rev: 'v1.9.0'
+    hooks:
+      - id: mypy
+        additional_dependencies: [ types-requests, types-PyYAML, types-toml ]
+  - repo: https://github.com/google/yapf
+    rev: v0.43.0
+    hooks:
+      - id: yapf
+        additional_dependencies: [ toml ]
diff --git a/.prettierrc b/.prettierrc
@@ -0,0 +1,8 @@
+{
+  "bracketSpacing": false,
+  "endOfLine": "auto",
+  "printWidth": 120,
+  "semi": true,
+  "singleQuote": false,
+  "trailingComma": "all"
+}
diff --git a/.ropeproject/autoimport.db b/.ropeproject/autoimport.db
diff --git a/Makefile b/Makefile
@@ -39,4 +39,4 @@ export:
 	poetry export --without-hashes --format=requirements.txt > requirements.txt
 
 .PHONY: update
-update: install migrate install-pre-commit ;
+	update: install migrate install-pre-commit ;
diff --git a/TODO.md b/TODO.md
@@ -0,0 +1,51 @@
+
+create a basic authentication in google sheet like login/logout using just google sheet functions and based on the data within the google sheets as well, like user, password and account type.
+You can't create true login/logout authentication with *just* Google Sheets formulas.  Formulas react to changes in cell values, but they can't directly control user access or prevent viewing of the sheet.  Security and authentication require scripting (Apps Script).
+
+However, you can create a very basic, *simulated* login/logout experience using data validation, conditional formatting, and the `IF` function. This approach is **not secure** and should **not** be used for sensitive data.  It's more for a simple visual demonstration or very low-stakes situations.
+
+Here's how you could set it up:
+
+1. **Create a "Login" Sheet:**
+
+   - **Username (A1):**  Data validation (List from a range) where the list refers to your "Users" sheet (see below).
+   - **Password (B1):**  Plain text entry.
+   - **Login Button (C1):** Insert a drawing (e.g., a rectangle) and assign it the script `=IF(AND(VLOOKUP(A1,Users!A:C,2,FALSE)=B1,VLOOKUP(A1,Users!A:C,3,FALSE)="Admin"),"Logged in as Admin",IF(VLOOKUP(A1,Users!A:C,2,FALSE)=B1,"Logged in","Invalid Credentials"))`. This formula checks the username and password against the "Users" sheet and displays the login status.
+   - **Logout Button (D1):** Insert another drawing and assign it the script `="Log out"`.  This doesn't actually log out but can be used for visual feedback.
+   - **Status (E1):** `=C1` (This will show the login status).
+
+2. **Create a "Users" Sheet:**
+
+   - **Username (Column A):**  List of valid usernames.
+   - **Password (Column B):**  Corresponding passwords (plain text - **very insecure!**).
+   - **Account Type (Column C):**  "Admin" or "User" to simulate different roles.
+
+3. **Create a "Protected" Sheet (or any sheet you want to conditionally show/hide content on):**
+
+   - **Content:**  Your protected information.
+   - **Visibility Control (A1, for example):** `=IF('Login'!E1="Logged in as Admin" OR 'Login'!E1="Logged in", "Content visible", "")`  This formula shows "Content visible" if logged in (as Admin or regular user), or nothing if not logged in.  You can use this cell in combination with conditional formatting to show/hide other content.
+
+4. **Conditional Formatting on "Protected" Sheet:**
+
+   - Select the cells containing the protected content.
+   - Go to Format > Conditional formatting.
+   - Format rules: Custom formula is `='Login'!E1<>"Logged in as Admin"` AND `='Login'!E1<>"Logged in"`  (This checks if *not* logged in).
+   - Formatting style: Set the text color to white (or the same as the background) to effectively hide the content.
+
+
+**How to "Use" It:**
+
+- On the "Login" sheet, select a username from the dropdown.
+- Enter the corresponding password.
+- Clicking the "Login" button updates the status message.
+- Clicking the "Logout" button doesn't do anything functionally, but you could manually clear the password field to simulate a logout.
+- The "Protected" sheet will show/hide content based on the login status.
+
+
+**Limitations and Security Risks:**
+
+* **Passwords in Plain Text:**  Storing passwords directly in a sheet is extremely insecure.  Anyone with access to the sheet can see them.
+* **No Real Authentication:**  This is just a visual simulation.  Anyone can still access all sheets and data.
+* **Easily Bypassed:**  Users could easily modify the formulas or directly access the "Protected" sheet.
+
+<!-- TODO: fix poetry handling dependencies -->
diff --git a/db.sqlite3 b/db.sqlite3
diff --git a/final_project/__pycache__/settings.cpython-310.pyc b/final_project/__pycache__/settings.cpython-310.pyc
diff --git a/final_project/__pycache__/wsgi.cpython-310.pyc b/final_project/__pycache__/wsgi.cpython-310.pyc
diff --git a/final_project/asgi.py b/final_project/asgi.py
@@ -11,6 +11,6 @@
 
 from django.core.asgi import get_asgi_application
 
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'final_project.settings')
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "final_project.settings")
 
 application = get_asgi_application()
diff --git a/final_project/settings.py b/final_project/settings.py
@@ -15,112 +15,106 @@
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
 
-
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-bma!(&u$4h@8325v=%gc8^h^rd4yr@4z)9%=r64cqfbt2sgh+!'
+SECRET_KEY = "django-insecure-bma!(&u$4h@8325v=%gc8^h^rd4yr@4z)9%=r64cqfbt2sgh+!"
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
 
-ALLOWED_HOSTS = []
-
+ALLOWED_HOSTS = ["localhost", "127.0.0.1"]
 
 # Application definition
 
 INSTALLED_APPS = [
-    'vaccination_records',
-    'django.contrib.admin',
-    'django.contrib.auth',
-    'django.contrib.contenttypes',
-    'django.contrib.sessions',
-    'django.contrib.messages',
-    'django.contrib.staticfiles',
+    "vaccination_records",
+    "django.contrib.admin",
+    "django.contrib.auth",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.messages",
+    "django.contrib.staticfiles",
 ]
 
 MIDDLEWARE = [
-    'django.middleware.security.SecurityMiddleware',
-    'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.common.CommonMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
 ]
 
-ROOT_URLCONF = 'final_project.urls'
+ROOT_URLCONF = "final_project.urls"
 
 TEMPLATES = [
     {
-        'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
-        'APP_DIRS': True,
-        'OPTIONS': {
-            'context_processors': [
-                'django.template.context_processors.debug',
-                'django.template.context_processors.request',
-                'django.contrib.auth.context_processors.auth',
-                'django.contrib.messages.context_processors.messages',
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": [],
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
             ],
         },
     },
 ]
 
-WSGI_APPLICATION = 'final_project.wsgi.application'
-
+WSGI_APPLICATION = "final_project.wsgi.application"
 
 # Database
 # https://docs.djangoproject.com/en/4.1/ref/settings/#databases
 
 DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': BASE_DIR / 'db.sqlite3',
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": BASE_DIR / "db.sqlite3",
     }
 }
 
-AUTH_USER_MODEL = 'vaccination_records.User'
-
+AUTH_USER_MODEL = "vaccination_records.User"
 
 # Password validation
 # https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators
 
 AUTH_PASSWORD_VALIDATORS = [
     {
-        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
     },
 ]
 
-
 # Internationalization
 # https://docs.djangoproject.com/en/4.1/topics/i18n/
 
-LANGUAGE_CODE = 'en-us'
+LANGUAGE_CODE = "en-us"
 
-TIME_ZONE = 'UTC'
+TIME_ZONE = "UTC"
 
 USE_I18N = True
 
 USE_TZ = True
 
-
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/4.1/howto/static-files/
 
-STATIC_URL = 'static/'
+STATIC_URL = "static/"
 
 # Default primary key field type
 # https://docs.djangoproject.com/en/4.1/ref/settings/#default-auto-field
 
-DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
diff --git a/final_project/wsgi.py b/final_project/wsgi.py
@@ -11,6 +11,6 @@
 
 from django.core.wsgi import get_wsgi_application
 
-os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'final_project.settings')
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "final_project.settings")
 
 application = get_wsgi_application()
diff --git a/note.md b/note.md
@@ -0,0 +1,4 @@
+<!-- NOTE: for zed editor, to detect venv path -->
+# [tool.pyright]
+# venvPath = "."
+# venv = "venv"