The Weather Forecasting Application is a web-based solution designed for providing accurate and timely weather forecasts. Developed using the Flask web framework for the backend and MongoDB for efficient data management, the application is Dockerized for seamless deployment. This Weather Forecasting Web Application is built upon a foundation of security best practices, ensuring a resilient and trustworthy platform for users.
Backend - Flask:
The backend of the application is powered by Flask, a lightweight and flexible Python web framework. Flask simplifies request handling, URL routing, and response generation. Its support for Jinja2 templates aids in creating dynamic web pages, while Flask extensions extend functionality, enabling features like authentication and database integration.
Database - MongoDB:
MongoDB, a NoSQL document-oriented database, is employed for data storage. Its schema-less architecture accommodates diverse data types, offering flexibility and scalability. MongoDB's platform independence ensures compatibility across various platforms.
Dockerized Deployment:
The entire application is encapsulated within a Dockerized environment, streamlining deployment and enhancing consistency. Docker containers isolate dependencies, contributing to portability and scalability.
The project follows a well-organized directory layout, facilitating efficient code, asset, and template management. A structured application root directory ensures clarity and scalability.
- Project File Structure: The root directory contains the main program code, configuration files, and container-related files.
- Organizing Templates: HTML templates are stored in a separate directory, promoting code logic and presentation separation.
- Static Assets ('static/'): Assets like CSS and JavaScript files are organized in the 'static' directory.
The development adheres to the 'PEP 8' style guide for clean, consistent, and readable Python code.
- Code Formatting and Structure: Indentation (4 spaces), import statement grouping, and naming conventions follow 'PEP 8'.
- Line Length: Maintains a maximum line length of 79 characters for readability.
- Docstrings: Used for functions and modules as recommended by 'PEP 8'.
- Whitespaces: Strategically used to enhance code readability.
- Comments: Composed as complete sentences, inline comments used judiciously.
- Extending Base Templates: Utilizes Flask's "extend" concept to break common elements into separate files, improving code maintainability.
- Routing and Views: Implements Flask's routing system for clean separation between different program sections.
- Utilizing Flask's Template Engine (Jinja2): Embeds placeholders for dynamic HTML content using Jinja2.
- Password Format Checks: Enforces password complexity rules (uppercase, lowercase, digit, special character) and a minimum length of 8 characters.
- Email Format Checks: Ensures valid email formats to enhance client-side security.
- Dictionary-Based Queries: Mitigates injection attacks by constructing queries that treat data as data, preventing execution as commands.
- Session Management: Implements a secret key for signing sessions, protecting against CSRF attacks.
- Password Hashing: Enhances password security using 'bcrypt' for secure hashing.
- Sensitive Data Exposure: Secures default data credentials using hashed passwords and defines MongoDB connection details as environment variables.
- Regenerate Session on Login: Prevents session fixation by clearing existing sessions and creating new ones upon user login.
- Jinja2 Template Engine: Uses Flask's Jinja2 template engine to render templates, mitigating XSS risks.
- Input Sanitization: Escapes or encodes special characters in user input to prevent XSS attacks.
Libraries/Framework | Usage in System Development |
---|---|
Flask | Used for building web applications, creating web routes, |
handling HTTP requests, and rendering templates. | |
pymongo | Used for interacting with MongoDB databases. |
bcrypt | Used for hashing and salting passwords for secure user |
authentication. | |
re | Used for regular expressions and pattern matching. |
secrets | Used for generating secure random passwords and tokens. |
Jinja2 | Used as a template engine for rendering HTML templates |
with dynamic data. | |
os | Used for various operating system-related functionalities |
FileSystemLoader | Used in conjunction with Jinja2 for loading templates |
Environment | Used for configuring and managing the Jinja2 environment |
escape | Used for HTML input sanitization to prevent XSS attacks. |
Prerequisites:
- Ensure that Git, Docker, and Docker Compose are installed on your local machine.
Step 1: Clone the Repository
git clone https://github.com/rv0fficial/Weather-App.git
cd Weather-App
Step 2: Set Environment Variables
- Download this google drive .env file and paste it into the root folder of this project.
Step 3: Build and Start Docker Containers
docker-compose up
Step 4: Access the Application
- Open a web browser and navigate to http://localhost:5000
Step 5: Register a New User
- Click on the "Register" link and fill in the required information.
- Ensure that you follow the specified password and email format rules.
Step 6: Login
- After registration, click on the "Login" link and enter your registered email and password.
Step 7: Explore the Application
- Once logged in, you can explore the Weather Forecasting Web Application.
Step 8: Logout
- To logout, click on the "Logout" link.
Step 9: Stop Docker Containers
- In the terminal where Docker Compose is running, press
Ctrl + C
to stop the containers.
Now you have successfully downloaded, built, and run the Weather Forecasting Web Application locally.
ssh -i /path/to/your/keypair.pem ec2-user@your-ec2-instance-ip
sudo yum update -y
sudo yum install docker -y
sudo service docker start
sudo usermod -aG docker $USER
sudo chkconfig docker on
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
sudo yum install git -y
git clone https://github.com/rv0fficial/Weather-App.git
cd Weather-App
touch .env
vim .env
Download this google drive .env and paste it into the Ec2 using the above commands.
sudo dnf install libxcrypt-compat
This command should install the compatibility library libxcrypt-compat
, which provides the libcrypt.so.1
library needed by your Docker container.
10. Restart Docker Service: After making changes to group membership or permissions, restart the Docker service to apply the changes.
sudo service docker restart
docker-compose up
This command will build and start your Docker containers in the background.
Make sure your security group associated with your EC2 instance allows traffic on the ports your application is using ( 22
, 5000
).
Open a web browser and navigate to your EC2 instance's public IP or domain name, followed by the port if applicable (http://your-ec2-instance-ip:5000
).