Welcome!
Everything is fine.

Cookies Activities

These were omitted in Fall 2020 to allow more time for homework during class breakout sessions. If you want to understand cookies better, I think these are worth doing.

Cookies in Flask

To keep it simple, this example doesn't use a database and does everything in just one route, looking at the value of various buttons to see what the user clicked on.

If you want to download and run the cookies example, do this:

cd ~/cs304
cp -r ~cs304/pub/downloads/cookies/ cookies

Cookies Cases

Remember there are four cases in this demo:

  1. No cookies; first visit => return splash/login page
  2. No cookies but login info => log them in and set cookies
  3. Cookie and no logout button => normal visit; incr counter and continue
  4. Cookie w/ logout button => log them out; remove cookie

Running the Demo

If you are running the demo on your own, here's a brief outline. As we navigate the app, I suggest switching between your browser and the Python console, so you can see the correspondence.

Here's the pro

  1. cd to your course directory cs304
  2. Activate your venv
  3. Download your own copy of the cookie example (either cp or curl)
  4. cd to the cookies_mysql directory
  5. Start the app: python cookies.py
  6. If necessary, start the SSH tunnel
  7. Switch to a browser
  8. Go to the main page: /. Notice that it's the splash page (case 1)
  9. Switch back to the Python console and see that it is case 1
  10. Switch back to the browser, give a name and submit the form (case 2)
  11. Notice the resulting session page with visit count (case 3)
  12. Visit by clicking the hyperlink, notice the visit count increase
  13. Visit using the GET button. Notice the ugly URL.
  14. Visit again using the hyperlink; the URL doesn't get any better.
  15. Visit by editing the URL to delete the query; that works
  16. Visit using the POST button.
  17. "Logout" by using the DELETE button (case 4)

I recommend that you always end, if possible, by deleting cookies. That way, your next run will "start fresh".

I will also run it again, mostly following the sequence above, but this time demonstrating the browser DevTools.

Exercise: Blogging with Cookies

Imagine a blogging or commenting system where you have a box to put in your comment and a second box to put in your identity or screen name or whatever you want to call it. Now, compare a system with and without cookies:

  • Version 1 of the system allows anyone to comment, and you have to put your name in the second box every single time.
  • Version 2 of the system allows you to give a username and password, then sets a cookie with your username. Because of the cookie, the second box can be omitted, and comments are automatically associated with your username

Note that this isn't quite logins, since someone could guess the name and value of the cookie (especially if they can login themselves, look at the cookie value, then substitute someone else's value), but it's getting pretty close.

The expected interaction for this web application is:

  • You login giving a username and password, then
  • enter whatever comments you have

Before we get started, let's look at the data tables associated with the blog application. This file is logins.sql in the directory that you will copy later.

drop table if exists blog_entry;
drop table if exists blog_user;
create table blog_user(
    user varchar(30) primary key,
    pass varchar(30)
);

create table blog_entry(
       entered timestamp,
       user varchar(30),
       entry text,
       foreign key (user) references blog_user(user));

insert into blog_user values
 ('happy','happypass'),
 ('bashful','bashfulpass'),
 ('grumpy','grumpypass'),
 ('sleepy','sleepypass'),
 ('sneezy','sneezypass'),
 ('dopey','dopeypass'),
 ('doc','docpass'),
 ('sleazy','sleazypass'),
 ('gropey','gropeypass'),
 ('dumpy','dumpypass');

select * from blog_user;

insert into blog_entry values
 ('2020-03-24 12:34:56', 'dopey', 'First!'),
 ('2020-03-24 13:45:00', 'grumpy', 'Give it a rest, Dopey.');

select * from blog_entry;

When I was in grad school, I worked with some Lisp machines with some of these names. A slip of the tongue or two got us from Grumpy and Dopey to "Gropey" or from Sleepy and Sneezy to Sleezy.

Blog Code

There are two versions of the code, depending on where the database is: