added test cases and updated flash messages

app/routes.py

@@ -101,13 +101,19 @@ def page_content():
 
 @app.route('/forum')
 def forum():
+    """API for viewing all forum topics"""
     intializeDB()
     topics = forumDB.find()
     return render_template('forum.html', topics=topics)
 
 @app.route('/forum/new', methods=['GET', 'POST'])
 def new_topic():
+    """API for creating a new forum topic"""
     intializeDB()
+    # Check if 'username' is in session
+    if 'username' not in session:
+        return redirect('/login')  # Redirect to login if not authenticated
+
     if request.method == 'POST':
         title = request.form['title']
         content = request.form['content']
@@ -117,22 +123,35 @@ def new_topic():
 
 @app.route('/forum/<topic_id>', methods=['GET', 'POST'])
 def view_topic(topic_id):
+    """API for viewing a specific forum topic"""
     intializeDB()
     topic = forumDB.find_one({'_id': ObjectId(topic_id)})
+
     if request.method == 'POST':
+        # Check if 'username' is in session before allowing comments
+        if 'username' not in session:
+            return redirect('/login')  # Redirect to login if not authenticated
+
         comment = request.form['comment']
         forumDB.update_one(
             {'_id': ObjectId(topic_id)},
             {'$push': {'comments': comment}}
         )
         return redirect(url_for('view_topic', topic_id=topic_id))
+
     return render_template('view_topic.html', topic=topic)
 
+
 # view all
 @app.route('/myjobs')
 def myjobs():
     """An API for the user to view all the reviews created by them"""
     intializeDB()
+
+    # Check if 'username' is in session
+    if 'username' not in session:
+        return redirect('/login')  # Redirect to login if not authenticated
+
     entries = get_my_jobs(session['username'])
     page, per_page, offset = get_page_args(
         page_parameter="page", per_page_parameter="per_page")
@@ -141,16 +160,16 @@ def myjobs():
     if not page or not per_page:
         offset = 0
         per_page = 10
-        pagination_entries = entries[offset: offset+per_page]
+        pagination_entries = entries[offset: offset + per_page]
     else:
-        pagination_entries = entries[offset: offset+per_page]
-        # print("ELSE!!!")
+        pagination_entries = entries[offset: offset + per_page]
 
     pagination = Pagination(page=page, per_page=per_page,
                             total=total, css_framework='bootstrap4')
 
     return render_template('myjobs.html', entries=pagination_entries, page=page, per_page=per_page, pagination=pagination)
 
+
 #Get the top jobs
 @app.route('/top_jobs')
 def top_jobs():
@@ -239,11 +258,19 @@ def add():
     intializeDB()
     user = usersDb.find_one({"username": session['username']})
     if user == None:
-        pass
+        flash('User not found. Please log in again.', 'error')
+        return redirect('/login')  # Redirect to a login page or wherever appropriate
+
     reviews = user['reviews']
 
     if request.method == 'POST':
-        form = request.form
+        form = request.form        
+        # Validate required fields
+        required_fields = ['job_title', 'company', 'locations', 'job_description', 'department', 'hourly_pay', 'benefits', 'review', 'rating', 'recommendation']
+        missing_fields = [field for field in required_fields if not form.get(field)]
+
+        if missing_fields:
+            flash('Please fill out the fields.', 'error')
 
         job = {
             "_id": form.get('job_title') + "_" + form.get('company') + "_" + form.get('locations'),

tests/test_app.py

@@ -19,12 +19,13 @@ def setUp(self):
         self.mock_jobsDb = self.mock_db.Jobs
         self.mock_forumDb = self.mock_db.Forum
 
-        response = self.client.post('/signup', data={
+        # Signup two users for testing
+        self.client.post('/signup', data={
             'username': 'testuser',
             'password': 'testpass',
             'confirm_password': 'testpass'
         })
-        response = self.client.post('/signup', data={
+        self.client.post('/signup', data={
             'username': 'existinguser',
             'password': 'password123',
             'confirm_password': 'password123'
@@ -139,5 +140,43 @@ def test_delete_review(self):
         self.assertEqual(response.status_code, 302)
         self.assertEqual(response.location, '/myjobs')
 
+    def test_login_empty_fields(self):
+        """Test login with empty username or password fields."""
+        response = self.client.post('/login', data={'username': '', 'password': ''}, follow_redirects=True)
+        self.assertEqual(response.status_code, 200)
+        self.assertIn(b'Invalid username or password.', response.data) 
+
+    def test_access_restricted_route_without_login(self):
+        """Test that restricted routes require authentication."""
+        response = self.client.get('/myjobs')
+        # Check that the response is a redirect
+        self.assertEqual(response.status_code, 302)  # 302 for redirect
+        self.assertIn('/login', response.location)  # Ensure
+
+    def test_access_restricted_new_topic_route_without_login(self):
+        """Test that creating a new topic requires authentication."""
+        response = self.client.get('/forum/new')
+        self.assertEqual(response.status_code, 302)  
+        self.assertIn('/login', response.headers['Location'])
+
+    def test_forum_page_access_without_login(self):
+        """Test that accessing the forum page is allowed without login."""
+        response = self.client.get('/forum')
+        self.assertEqual(response.status_code, 200)  
+
+        self.assertIn(b'Discussion Forum', response.data) 
+
+
+
+    def test_logout(self):
+        """Test logout functionality."""
+        with self.client.session_transaction() as session:
+            session['username'] = 'testuser'
+
+        response = self.client.get('/logout')
+        self.assertEqual(response.status_code, 302)  
+        self.assertEqual(response.location, '/')  
+
+
 if __name__ == "__main__":
     unittest.main()