Typo

Made configs and scripts consistent

.env.example

@@ -0,0 +1,20 @@
+SERVER_NAME= # URL where this will be hosted.
+
+## Flask Configuration
+SECRET_KEY= # Long, secure, secret string.
+DATA=./data/
+
+## Flask Mail Configuration
+MAIL_SERVER=postfix # Must match name of the Docker service
+MAIL_PORT=25
+MAIL_USE_TLS=False
+MAIL_USE_SSL=False
+MAIL_USERNAME= # Username@domain, must match config values below
+MAIL_PASSWORD= # Must match config value below
+MAIL_DEFAULT_SENDER= # NoReply@domain or some such.
+MAIL_MAX_EMAILS=25
+MAIL_ASCII_ATTACHMENTS=True
+
+# Postfix
+maildomain= # Domain must match the section of username above
+smtp_user= # username:password. Must match config values above.

.gitignore

@@ -145,8 +145,8 @@ dev/
 out/
 ref-test/testing.py
 
+# Ignore Database
+database/data/
+
 # Ignore Encryption Keyfile
 .encryption.key
-
-# Ignore Font Binaries
-**/fonts/

README.md

@@ -1,3 +1,168 @@
-# ska-referee-test
+# SKA Referee Test App
 
-An on-line version of a referee test for the Scottish Korfball Association.
+## About
+
+```A web app that digitises the theory exam for the Scottish Korfball Association referee qualification```
+
+This web app provides an on-line platform through which to administer and take the SKA Refereeing theory exam.
+The app includes a digital client to take the exam for candidates, as well as an admin console from which to manage tests, view results, and update questions.
+The exam client is made with accessibility in mind, and has been designed to be adaptable to dyslexia and other learning needs or cognitive needs.
+
+## Set Up and Installation
+
+The clien is designed to work on a server.
+
+### Pre-Requisites
+
+- A Debian- or Ubuntu-based server, preferably the latest distribution.
+- Docker (specifically, Docker Engine)
+- Docker Compose
+- Git
+
+### Installation
+
+#### Install all the pre-requisites
+
+The first step is to ensure all the prerequisites are available on the server.
+
+To set up the server, consult some of the comprehensive guides on various hosting platforms like Linode or DigitalOcean.
+Here is a [good starting point on setting up a server](https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-22-04).
+
+To install Docker and Docker Compose, consult the respective documentation:
+  - [Install on Ubuntu](https://docs.docker.com/engine/install/ubuntu/) or [Install on Debian](https://docs.docker.com/engine/install/debian/)
+  - Docker Compose should be installed as part of that.
+
+```
+At the time of writing, there has been an upgrade to Docker and Docker Compose, meaning the syntax below might be different between versions.
+```
+
+Check if Git is installed on your server using the `git --version` command.
+If it isn't installed, install it.
+This should normally come pre-packaged with your OS distribution.
+But if it doesn't, look up how to for whatever OS you use.
+If you are using Ubuntu or Debian, it should be as easy as using the command:
+
+```$ sudo apt-get install git -y```
+
+#### Preliminary Set-Up: Clone repos and Configure Values
+
+Open a terminal and navigate to the folder where you want to install this app.
+I would suggest using a subfolder within your Home folder:
+
+```$ cd ~ && mkdir ska-referee-test && cd ska-referee-test```
+
+That way, you will ensure you can read and write all the necessary files during installation.
+Once in the destination folder, clone all the relevant files you will need for the installation:
+
+```$ git clone https://git.vsnt.uk/viveksantayana/ska-referee-test.git .```
+
+(Remember to include the trailing dot at the end, as that indicates to Git to download the files in the current directory.)
+
+#### Populate Environment Variables
+
+Configuration values for the app are stored in the environment variables file.
+To set it up, make a copy of the example file and populate it with appropriate values.
+
+```$ cp .env.example .env```
+
+Make sure to use complex, secure strings for passwords.
+Also make sure that the various entries for usernames and passwords match.
+
+#### Input Specific Values for Your Installation
+
+There are some values in the following four files you will need to configure to reflect the domain you are installing this app.
+
+```
+# .env
+
+SERVER_NAME= # URL where this will be hosted.
+```
+
+```
+# install-script.sh
+
+domains=(example.org www.example.org)
+email="" # Adding a valid address is strongly recommended
+```
+
+Substitute the domain name `domain_name` in the two file paths in the following file:
+
+```
+# nginx/ssl.conf
+
+ssl_certificate /etc/letsencrypt/live/domain_name/fullchain.pem;
+ssl_certificate_key /etc/letsencrypt/live/domain_name/privkey.pem;
+...
+```
+
+And **six** locations in the following file, two for the regular version of the domain and two for the www version:
+
+```
+# nginx/conf.d/ref-test-app.conf
+
+server {
+    server_name domain_name;
+    listen 80 default_server;
+    ...
+}
+
+server {
+    server_name domain_name;
+    listen 443 ssl http2 default_server;
+    ...
+}
+
+server {
+    server_name www.domain_name;
+    listen 80;
+    listen [::]:80;
+    # Redirect to non-www
+    return 301 $scheme://domain_name$request_uri;
+    ...
+}
+
+server {
+    server_name www.domain_name;
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    ...
+
+    # Redirect to non-www
+    return 301 $scheme://domain_name$request_uri;
+}
+```
+
+#### Installing SSL Certificates
+
+The app will use SSL certificates to operate through a secure, `https` connection.
+This will be set up automatically.
+However, there is a specific chicken-and-egg problem as the web server, Nginx, won't run without certificates, Certbot, the certificate generator, won't run without the web server.
+So to solve this, there is an automation script we can run that will set up a dummy certificate and then issue the appropriate certificates for us.
+
+```
+$ chmod +x install-script.sh
+$ sudo ./install-script.sh
+```
+
+This will take a long time to run the first time because it will try and generate a fairly sizeable cypher.
+
+When we later run the server, Certbot will check for renewals of the SSL certificates every 12 hours, and Nginx will reload the configurations every 6 hours, to make sure everything runs smoothly and stays live.
+
+#### Run the Stack
+
+Everything should be good to run on autopilot at this point.
+Navigate to the root folder of the app, the folder where you have `install-script.sh` and `docker-compose.yml`.
+Run the following command:
+
+```sudo docker compose up -d```
+
+And you should have the stack running.
+You can register in the app and begin using it.
+
+### Fonts
+
+The app uses [OpenDyslexic](https://opendyslexic.org/), which is available on-line.
+It also has the option of rendering in other system fonts, but this can vary depending on your operating system.
+Because these are proprietary fonts, they cannot be made available on-line in the same way as open source ones should your system not have them.
+Some fonts may not display correctly as a result.

REFERENCES.md

@@ -77,3 +77,7 @@ Uses SQL rather than MongoDB.
 ### Flask techniques
 
 - [Create a `config.py` file](https://www.youtube.com/watch?v=GW_2O9CrnSU)
+
+### Flask handling file uploads
+
+- [Handlin File Uploads](https://blog.miguelgrinberg.com/post/handling-file-uploads-with-flask)

certbot/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

database/initdb.d/init-mongo.sh

@@ -1,14 +0,0 @@
-set -e
-mongo=( mongo --host 127.0.0.1 --port 27017 --quiet )
-
-if [ "$MONGO_INITDB_ROOT_USERNAME" ] && [ "$MONGO_INITDB_ROOT_PASSWORD" ] && [ "$MONGO_INITDB_USERNAME" ] && [ "$MONGO_INITDB_PASSWORD" ]; then
-rootAuthDatabase='admin'
-
-"${mongo[@]}" "$rootAuthDatabase" <<-EOJS
-    db.createUser({
-        user: $(_js_escape "$MONGO_INITDB_USERNAME"),
-        pwd: $(_js_escape "$MONGO_INITDB_PASSWORD"),
-        roles: [ { role: 'readWrite', db: $(_js_escape "$MONGO_INITDB_DATABASE") } ]
-    })
-EOJS
-fi

docker-compose.yml

@@ -1,31 +1,62 @@
 version: '3.9'
 
 services:
-  ref_test_db:
+  nginx:
-    container_name: ref_test_db
+    container_name: reftest_server
-    image: mongo:5.0.4-focal
+    image: nginx:alpine
-    restart: unless-stopped
     volumes:
-      # - ./database/data:/data # Uncomment later when persistence is required.
+      - ./certbot:/etc/letsencrypt:ro
-      - ./database/initdb.d/:/docker-entrypoint-initdb.d/
+      - ./nginx:/etc/nginx
+      - ./src/html:/usr/share/nginx/html/
+      - ./ref-test/app/admin/static:/usr/share/nginx/html/admin/static
+      - ./ref-test/app/quiz/static:/usr/share/nginx/html/quiz/static
+      - ./ref-test/app/root:/usr/share/nginx/html/root
+    ports:
+      - 80:80
+      - 443:443
+    restart: unless-stopped
+    networks:
+      - frontend
+    depends_on:
+      - app
+    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
+  
+  app:
+    container_name: reftest_app
+    image: reftest
+    build: ./ref-test
     env_file:
       - ./.env
     ports:
-      - 27017:27017
+      - 5000
+    volumes:
+      - ./ref-test/data:/ref-test/data
+    restart: unless-stopped
     networks:
+      - frontend
       - backend
+    depends_on:
+      - postfix
 
-  ref_test_postfix:
+  postfix:
-    container_name: ref_test_postfix
+    container_name: reftest_postfix
     image: catatnight/postfix:latest
     restart: unless-stopped
     env_file:
       - ./.env
     ports:
-      - 127.0.0.1:25:25
+      - 25
     networks:
       - backend
   
+  certbot:
+    container_name: reftest_certbot
+    image: certbot/certbot
+    volumes:
+      - ./certbot:/etc/letsencrypt
+      - ./src/html:/var/www/html
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
+  
 networks:
   frontend:
     external: false

install-script.sh

@@ -0,0 +1,87 @@
+#!/bin/bash
+
+# Source https://pentacent.medium.com/nginx-and-lets-encrypt-with-docker-in-less-than-5-minutes-b4b8a60d3a71
+
+if ! [ -x "$(command -v docker compose)" ]; then
+  echo 'Error: docker compose is not installed.' >&2
+  exit 1
+fi
+
+domains=(example.org www.example.org)
+rsa_key_size=4096
+data_path="./certbot"
+email="" # Adding a valid address is strongly recommended
+staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
+
+if [ -d "$data_path" ]; then
+  read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision
+  if [ "$decision" != "Y" ] && [ "$decision" != "y" ]; then
+    exit
+  fi
+fi
+
+if [ ! -e "$data_path/ssl-dhparams.pem" ]; then
+  echo "### Generating ssl-dhparams.pem ..."
+  docker compose run --rm --entrypoint "\
+    openssl dhparam -out /etc/letsencrypt/ssl-dhparams.pem 4096" certbot
+  echo
+fi
+
+echo "### Creating dummy certificate for $domains ..."
+path="/etc/letsencrypt/live/$domains"
+mkdir -p "$data_path/live/$domains"
+docker compose run --rm --entrypoint "\
+  openssl req -x509 -nodes -newkey rsa:$rsa_key_size -days 1\
+    -keyout '$path/privkey.pem' \
+    -out '$path/fullchain.pem' \
+    -subj '/CN=localhost'" certbot
+echo
+
+if [ ! -e "$data_path/lets-encrypt-x3-cross-signed.pem" ]; then
+  echo "### Downloading lets-encrypt-x3-cross-signed.pem ..."
+  wget -O $data_path/lets-encrypt-x3-cross-signed.pem \
+  "https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem"
+  docker compose run --rm --entrypoint "\
+    openssl dhparam -out /etc/letsencrypt/ssl-dhparams.pem 4096" certbot
+  echo
+fi
+
+echo "### Starting nginx ..."
+docker compose up --force-recreate -d nginx
+echo
+
+echo "### Deleting dummy certificate for $domains ..."
+docker compose run --rm --entrypoint "\
+  rm -Rf /etc/letsencrypt/live/$domains && \
+  rm -Rf /etc/letsencrypt/archive/$domains && \
+  rm -Rf /etc/letsencrypt/renewal/$domains.conf" certbot
+echo
+
+echo "### Requesting Let's Encrypt certificate for $domains ..."
+#Join $domains to -d args
+domain_args=""
+for domain in "${domains[@]}"; do
+  domain_args="$domain_args -d $domain"
+done
+
+# Select appropriate email arg
+case "$email" in
+  "") email_arg="--register-unsafely-without-email" ;;
+  *) email_arg="--email $email" ;;
+esac
+
+# Enable staging mode if needed
+if [ $staging != "0" ]; then staging_arg="--staging"; fi
+
+docker compose run --rm --entrypoint "\
+  certbot certonly --webroot -w /var/www/html \
+    $staging_arg \
+    $email_arg \
+    $domain_args \
+    --rsa-key-size $rsa_key_size \
+    --agree-tos \
+    --force-renewal" certbot
+echo
+
+echo "### Reloading nginx ..."
+docker compose exec nginx nginx -s reload

nginx/certbot-challenge.conf

@@ -0,0 +1,6 @@
+# Certbot Renewal
+location ^~ /.well-known/acme-challenge/ {
+    root /usr/share/nginx/html;
+    allow all;
+    default_type "text/plain";
+}

nginx/conf.d/proxy_headers.conf

@@ -0,0 +1,6 @@
+proxy_set_header    X-Real-IP           $remote_addr;
+proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
+proxy_set_header    X-Forwarded-Proto   $scheme;
+proxy_set_header    Host                $host;
+proxy_set_header    X-Forwarded-Host    $host;
+proxy_set_header    X-Forwarded-Port    $server_port;

nginx/conf.d/ref-test-app.conf

@@ -0,0 +1,57 @@
+upstream reftest {
+    server  app:5000;
+}
+
+server {
+    server_name domain_name;
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    # Redirect to ssl
+    return 301 https://$host$request_uri;
+}
+
+server {
+    server_name domain_name;
+    listen 443 ssl http2 default_server;
+    listen [::]:443 ssl http2 default_server;
+
+	# SSL configuration
+    include	/etc/nginx/ssl.conf;
+    include	/etc/nginx/certbot-challenge.conf;
+
+    location ^~ /quiz/static/  {
+        include  /etc/nginx/mime.types;
+        alias /usr/share/nginx/html/quiz/static/;
+    }
+
+    location ^~ /admin/static/  {
+        include  /etc/nginx/mime.types;
+        alias /usr/share/nginx/html/admin/static/;
+    }
+
+    location / {
+        include /etc/nginx/conf.d/proxy_headers.conf;
+        proxy_pass http://reftest;
+    }
+}
+
+server {
+    server_name www.domain_name;
+    listen 80;
+    listen [::]:80;
+    # Redirect to non-www
+    return 301 $scheme://domain_name$request_uri;
+}
+
+server {
+    server_name www.domain_name;
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+	# SSL configuration
+    include	/etc/nginx/ssl.conf;
+    include	/etc/nginx/certbot-challenge.conf;
+
+    # Redirect to non-www
+    return 301 $scheme://domain_name$request_uri;
+}

nginx/fastcgi.conf

@@ -0,0 +1,26 @@
+
+fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;

nginx/fastcgi_params

@@ -0,0 +1,25 @@
+
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;

nginx/mime.types

@@ -0,0 +1,98 @@
+
+types {
+    text/html                                        html htm shtml;
+    text/css                                         css;
+    text/xml                                         xml;
+    image/gif                                        gif;
+    image/jpeg                                       jpeg jpg;
+    application/javascript                           js;
+    application/atom+xml                             atom;
+    application/rss+xml                              rss;
+
+    text/mathml                                      mml;
+    text/plain                                       txt;
+    text/vnd.sun.j2me.app-descriptor                 jad;
+    text/vnd.wap.wml                                 wml;
+    text/x-component                                 htc;
+
+    image/png                                        png;
+    image/svg+xml                                    svg svgz;
+    image/tiff                                       tif tiff;
+    image/vnd.wap.wbmp                               wbmp;
+    image/webp                                       webp;
+    image/x-icon                                     ico;
+    image/x-jng                                      jng;
+    image/x-ms-bmp                                   bmp;
+
+    font/woff                                        woff;
+    font/woff2                                       woff2;
+
+    application/java-archive                         jar war ear;
+    application/json                                 json;
+    application/mac-binhex40                         hqx;
+    application/msword                               doc;
+    application/pdf                                  pdf;
+    application/postscript                           ps eps ai;
+    application/rtf                                  rtf;
+    application/vnd.apple.mpegurl                    m3u8;
+    application/vnd.google-earth.kml+xml             kml;
+    application/vnd.google-earth.kmz                 kmz;
+    application/vnd.ms-excel                         xls;
+    application/vnd.ms-fontobject                    eot;
+    application/vnd.ms-powerpoint                    ppt;
+    application/vnd.oasis.opendocument.graphics      odg;
+    application/vnd.oasis.opendocument.presentation  odp;
+    application/vnd.oasis.opendocument.spreadsheet   ods;
+    application/vnd.oasis.opendocument.text          odt;
+    application/vnd.openxmlformats-officedocument.presentationml.presentation
+                                                     pptx;
+    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+                                                     xlsx;
+    application/vnd.openxmlformats-officedocument.wordprocessingml.document
+                                                     docx;
+    application/vnd.wap.wmlc                         wmlc;
+    application/wasm                                 wasm;
+    application/x-7z-compressed                      7z;
+    application/x-cocoa                              cco;
+    application/x-java-archive-diff                  jardiff;
+    application/x-java-jnlp-file                     jnlp;
+    application/x-makeself                           run;
+    application/x-perl                               pl pm;
+    application/x-pilot                              prc pdb;
+    application/x-rar-compressed                     rar;
+    application/x-redhat-package-manager             rpm;
+    application/x-sea                                sea;
+    application/x-shockwave-flash                    swf;
+    application/x-stuffit                            sit;
+    application/x-tcl                                tcl tk;
+    application/x-x509-ca-cert                       der pem crt;
+    application/x-xpinstall                          xpi;
+    application/xhtml+xml                            xhtml;
+    application/xspf+xml                             xspf;
+    application/zip                                  zip;
+
+    application/octet-stream                         bin exe dll;
+    application/octet-stream                         deb;
+    application/octet-stream                         dmg;
+    application/octet-stream                         iso img;
+    application/octet-stream                         msi msp msm;
+
+    audio/midi                                       mid midi kar;
+    audio/mpeg                                       mp3;
+    audio/ogg                                        ogg;
+    audio/x-m4a                                      m4a;
+    audio/x-realaudio                                ra;
+
+    video/3gpp                                       3gpp 3gp;
+    video/mp2t                                       ts;
+    video/mp4                                        mp4;
+    video/mpeg                                       mpeg mpg;
+    video/quicktime                                  mov;
+    video/webm                                       webm;
+    video/x-flv                                      flv;
+    video/x-m4v                                      m4v;
+    video/x-mng                                      mng;
+    video/x-ms-asf                                   asx asf;
+    video/x-ms-wmv                                   wmv;
+    video/x-msvideo                                  avi;
+}

nginx/nginx.conf

@@ -0,0 +1,33 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+    server_tokens off;
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/conf.d/sites-enabled/*.conf;
+}

nginx/scgi_params

@@ -0,0 +1,17 @@
+
+scgi_param  REQUEST_METHOD     $request_method;
+scgi_param  REQUEST_URI        $request_uri;
+scgi_param  QUERY_STRING       $query_string;
+scgi_param  CONTENT_TYPE       $content_type;
+
+scgi_param  DOCUMENT_URI       $document_uri;
+scgi_param  DOCUMENT_ROOT      $document_root;
+scgi_param  SCGI               1;
+scgi_param  SERVER_PROTOCOL    $server_protocol;
+scgi_param  REQUEST_SCHEME     $scheme;
+scgi_param  HTTPS              $https if_not_empty;
+
+scgi_param  REMOTE_ADDR        $remote_addr;
+scgi_param  REMOTE_PORT        $remote_port;
+scgi_param  SERVER_PORT        $server_port;
+scgi_param  SERVER_NAME        $server_name;

nginx/ssl.conf

@@ -0,0 +1,13 @@
+ssl_certificate /etc/letsencrypt/live/domain_name/fullchain.pem;
+ssl_certificate_key /etc/letsencrypt/live/domain_name/privkey.pem;
+
+ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+ssl_prefer_server_ciphers on;
+ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
+ssl_stapling on;
+ssl_stapling_verify on;
+ssl_trusted_certificate /etc/letsencrypt/lets-encrypt-x3-cross-signed.pem;
+add_header Strict-Transport-Security "max-age=31536000" always;
+ssl_session_cache   shared:SSL:40m;
+ssl_session_timeout 4h;
+ssl_session_tickets on;

nginx/uwsgi_params

@@ -0,0 +1,17 @@
+
+uwsgi_param  QUERY_STRING       $query_string;
+uwsgi_param  REQUEST_METHOD     $request_method;
+uwsgi_param  CONTENT_TYPE       $content_type;
+uwsgi_param  CONTENT_LENGTH     $content_length;
+
+uwsgi_param  REQUEST_URI        $request_uri;
+uwsgi_param  PATH_INFO          $document_uri;
+uwsgi_param  DOCUMENT_ROOT      $document_root;
+uwsgi_param  SERVER_PROTOCOL    $server_protocol;
+uwsgi_param  REQUEST_SCHEME     $scheme;
+uwsgi_param  HTTPS              $https if_not_empty;
+
+uwsgi_param  REMOTE_ADDR        $remote_addr;
+uwsgi_param  REMOTE_PORT        $remote_port;
+uwsgi_param  SERVER_PORT        $server_port;
+uwsgi_param  SERVER_NAME        $server_name;

ref-test/.dockerignore

@@ -0,0 +1,2 @@
+env/
+__pycache__/

ref-test/Dockerfile

@@ -1,5 +1,5 @@
-FROM python:3.10-alpine
+FROM python:3.10-slim
-WORKDIR /app
+WORKDIR /ref-test
 COPY . .
-RUN pip install -r requirements.txt
+RUN pip install --upgrade pip && pip install -r requirements.txt
-CMD [ "gunicorn", "-b", "0.0.0.0:5000", "app:app" ]
+CMD [ "gunicorn", "-b", "0.0.0.0:5000", "-w", "5", "wsgi:app" ]

ref-test/admin/auth.py

@@ -1,148 +0,0 @@
-from flask import Blueprint, render_template, request, session, redirect
-from flask.helpers import flash, url_for
-from flask.json import jsonify
-from .models.users import User
-from uuid import uuid4
-from security.database import decrypt_find_one, encrypted_update
-from werkzeug.security import check_password_hash
-
-from main import db
-
-from .views import admin_account_required, disable_on_registration, login_required, disable_if_logged_in, get_id_from_cookie
-
-auth = Blueprint(
-    'admin_auth',
-    __name__,
-    template_folder='templates',
-    static_folder='static'
-)
-
-@auth.route('/account/', methods = ['GET', 'POST'])
-@admin_account_required
-@login_required
-def account():
-    from .models.forms import UpdateAccountForm
-    form = UpdateAccountForm()
-    _id = get_id_from_cookie()
-    user = decrypt_find_one(db.users, {'_id': _id})
-    if request.method == 'GET':
-        return render_template('/admin/auth/account.html', form = form, user = user)
-    if request.method == 'POST':
-        if form.validate_on_submit():
-            password_confirm = request.form.get('password_confirm')
-            if not check_password_hash(user['password'], password_confirm):
-                return jsonify({ 'error': 'The password you entered is incorrect.' }), 401
-            entry = User(
-                _id = _id,
-                password = request.form.get('password'),
-                email = request.form.get('email')
-            )
-            return entry.update()
-        else:
-            errors = [*form.password_confirm.errors, *form.password_reenter.errors, *form.password.errors, *form.email.errors]
-            return jsonify({ 'error': errors}), 400
-
-@auth.route('/login/', methods=['GET','POST'])
-@admin_account_required
-@disable_if_logged_in
-def login():
-    from .models.forms import LoginForm
-    form = LoginForm()
-    if request.method == 'GET':
-        return render_template('/admin/auth/login.html', form=form)
-    if request.method == 'POST':
-        if form.validate_on_submit():
-            entry = User(
-                username = request.form.get('username').lower(),
-                password = request.form.get('password'),
-                remember = request.form.get('remember')
-            )
-            return entry.login()
-        else:
-            errors = [*form.username.errors, *form.password.errors]
-            return jsonify({ 'error': errors}), 400
-
-@auth.route('/logout/')
-@admin_account_required
-@login_required
-def logout():
-    _id = get_id_from_cookie()
-    return User(_id=_id).logout()
-
-@auth.route('/register/', methods=['GET','POST'])
-@disable_on_registration
-def register():
-    from .models.forms import RegistrationForm
-    form = RegistrationForm()
-    if request.method == 'GET':
-        return render_template('/admin/auth/register.html', form=form)
-    if request.method == 'POST':
-        if form.validate_on_submit():
-            entry = User(
-                _id = uuid4().hex,
-                username = request.form.get('username').lower(),
-                email = request.form.get('email'),
-                password = request.form.get('password'),
-            )
-            return entry.register()
-        else:
-            errors = [*form.username.errors, *form.email.errors, *form.password.errors, *form.password_reenter.errors]
-            return jsonify({ 'error': errors}), 400
-
-@auth.route('/reset/', methods = ['GET', 'POST'])
-@admin_account_required
-@disable_if_logged_in
-def reset():
-    from .models.forms import ResetPasswordForm
-    form = ResetPasswordForm()
-    if request.method == 'GET':
-        return render_template('/admin/auth/reset.html', form=form)
-    if request.method == 'POST':
-        if form.validate_on_submit():
-            entry = User(
-                username = request.form.get('username').lower(),
-                email = request.form.get('email'),
-            )
-            return entry.reset_password()
-        else:
-            errors = [*form.username.errors, *form.email.errors]
-            return jsonify({ 'error': errors}), 400
-
-@auth.route('/reset/<token1>/<token2>/', methods = ['GET'])
-@admin_account_required
-@disable_if_logged_in
-def reset_gateway(token1,token2):
-    from main import db
-    user = decrypt_find_one( db.users, {'reset_token' : token1} )
-    if not user:
-        return redirect(url_for('admin_auth.login'))
-    encrypted_update( db.users, {'reset_token': token1}, {'$unset': {'reset_token' : '', 'verification_token': ''}})
-    if not user['verification_token'] == token2:
-        flash('The verification of your password reset request failed and the token has been invalidated. Please make a new reset password request.', 'error'), 401
-        return redirect(url_for('admin_auth.reset'))
-    session['_id'] = user['_id']
-    session['reset_validated'] = True
-    return redirect(url_for('admin_auth.update_password_'))
-
-@auth.route('/reset/update/', methods = ['GET','POST'])
-@admin_account_required
-@disable_if_logged_in
-def update_password_():
-    from .models.forms import UpdatePasswordForm
-    form = UpdatePasswordForm()
-    if request.method == 'GET':
-        if 'reset_validated' not in session:
-            return redirect(url_for('admin_auth.login'))
-        session.pop('reset_validated')
-        return render_template('/admin/auth/update-password.html', form=form)
-    if request.method == 'POST':
-        if form.validate_on_submit():
-            entry = User(
-                _id = session['_id'],
-                password = request.form.get('password')
-            )
-            session.pop('_id')
-            return entry.update()
-        else:
-            errors = [*form.password.errors, *form.password_reenter.errors]
-            return jsonify({ 'error': errors}), 400

ref-test/admin/models/tests.py

@@ -1,95 +0,0 @@
-import secrets
-from datetime import datetime
-from uuid import uuid4
-from flask import flash, jsonify
-import secrets
-
-from main import db
-from security import encrypt
-
-class Test:
-    def __init__(self, _id=None, start_date=None, expiry_date=None, time_limit=None, creator=None):
-        self._id = _id
-        self.start_date = start_date
-        self.expiry_date = expiry_date
-        self.time_limit = None if time_limit == 'none' or time_limit == '' else time_limit
-        self.creator = creator
-    
-    def create(self):
-        test = {
-            '_id': self._id,
-            'date_created': datetime.today(),
-            'start_date': self.start_date,
-            'expiry_date': self.expiry_date,
-            'time_limit': self.time_limit,
-            'creator': encrypt(self.creator),
-            'test_code': secrets.token_hex(6).upper()
-        }
-        if db.tests.insert_one(test):
-            flash(f'Created a new exam with Exam Code <strong>{self.render_test_code(test["test_code"])}</strong>.', 'success')
-            return jsonify({'success': test}), 200
-        return jsonify({'error': f'Could not create exam. An error occurred.'}), 400
-
-    def add_time_adjustment(self, time_adjustment):
-        code = {
-            '_id': uuid4().hex,
-            'user_code': secrets.token_hex(2).upper(),
-            'time_adjustment': time_adjustment
-        }
-        if db.tests.find_one_and_update({'_id': self._id}, {'$push': {'time_adjustments': code}},upsert=False):
-            return jsonify({'success': code})
-        return jsonify({'error': 'Failed to add the time adjustment. An error occurred.'}), 400
-
-    def remove_time_adjustment(self, _id):
-        if db.tests.find_one_and_update({'_id': self._id}, {'$pull': {'time_adjustments': {'_id': _id} }}):
-            message = 'Time adjustment has been deleted.'
-            flash(message, 'success')
-            return jsonify({'success': message})
-        return jsonify({'error': 'Failed to delete the time adjustment. An error occurred.'}), 400
-
-    def render_test_code(self, test_code):
-        return '—'.join([test_code[:4], test_code[4:8], test_code[8:]])
-    
-    def parse_test_code(self, test_code):
-        return test_code.replace('—', '')
-    
-    def delete(self):
-        if db.tests.delete_one({'_id': self._id}):
-            message = 'Deleted exam.'
-            flash(message, 'alert')
-            return jsonify({'success': message}), 200
-        return jsonify({'error': f'Could not create exam. An error occurred.'}), 400
-
-    def update(self):
-        test = {}
-        updated = []
-        if not self.start_date == '' and self.start_date is not None:
-            test['start_date'] = self.start_date
-            updated.append('start date')
-        if not self.expiry_date == '' and self.expiry_date is not None:
-            test['expiry_date'] = self.expiry_date
-            updated.append('expiry date')
-        if not self.time_limit == '' and self.time_limit is not None:
-            test['time_limit'] = self.time_limit
-            updated.append('time limit')
-        output = ''
-        if len(updated) == 0:
-            flash(f'There were no changes requested for your account.', 'alert'), 200
-            return jsonify({'success': 'There were no changes requested for your account.'}), 200
-        elif len(updated) == 1:
-            output = updated[0]
-        elif len(updated) == 2:
-            output = ' and '.join(updated)
-        elif len(updated) > 2:
-            output = updated[0]
-            for index in range(1,len(updated)):
-                if index < len(updated) - 2:
-                    output = ', '.join([output, updated[index]])
-                elif index == len(updated) - 2:
-                    output = ', and '.join([output, updated[index]])
-                else:
-                    output = ''.join([output, updated[index]])
-        db.tests.find_one_and_update({'_id': self._id}, {'$set': test})
-        _output = f'The {output} of the test {"has" if len(updated) == 1 else "have"} been updated.'
-        flash(_output)
-        return jsonify({'success': _output}), 200

ref-test/admin/results.py

@@ -1,15 +0,0 @@
-from flask import Blueprint, render_template
-from .views import login_required, admin_account_required
-
-results = Blueprint(
-    'results',
-    __name__,
-    template_folder='templates',
-    static_folder='static'
-)
-
-@results.route('/')
-@admin_account_required
-@login_required
-def _results():
-    return render_template('/admin/results.html')

ref-test/admin/static/js/script.js

@@ -1,452 +0,0 @@
-// Menu Highlight Scripts
-const menuItems = document.getElementsByClassName('nav-link');
-for(let i = 0; i < menuItems.length; i++) {
-    if(menuItems[i].pathname == window.location.pathname) {
-        menuItems[i].classList.add('active');
-    }
-}
-const dropdownItems = document.getElementsByClassName('dropdown-item');
-for(let i = 0; i< dropdownItems.length; i++) {
-    if(dropdownItems[i].pathname == window.location.pathname) {
-        dropdownItems[i].classList.add('active');
-        $( "#" + dropdownItems[i].id ).closest( '.dropdown' ).find('.dropdown-toggle').addClass('active');
-    }
-}
-
-// Form Processing Scripts
-$('form[name=form-register]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = "/admin/login/";
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-login]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = "/admin/dashboard/";
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-reset]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = "/admin/login/";
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-update-password]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-    console.log(data)
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = "/admin/login/";
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-create-user]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.reload();
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-delete-user]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = '/admin/settings/users/';
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-update-user]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = '/admin/settings/users';
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('form[name=form-update-account]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = '/admin/dashboard/';
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-$('.delete-test').click(function(event) {
-    
-    _id = $(this).data('_id')
-
-    $.ajax({
-        url: `/admin/tests/delete/${_id}`,
-        type: 'GET',
-        success: function(response) {
-            window.location.href = '/admin/tests/';
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-// Edit and Delete Test Button Handlers
-
-$('form[name=form-create-test]').submit(function(event) {
-    
-    var $form = $(this);
-    var alert = document.getElementById('alert-box');
-    var data = $form.serialize();
-    alert.innerHTML = ''
-
-    $.ajax({
-        url: window.location.pathname,
-        type: 'POST',
-        data: data,
-        dataType: 'json',
-        success: function(response) {
-            window.location.href = '/admin/tests/';
-        },
-        error: function(response) {
-            if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
-                alert.innerHTML = alert.innerHTML + `
-                <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                    <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                    ${response.responseJSON.error}
-                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                </div>
-                `;
-            } else if (response.responseJSON.error instanceof Array) {
-                for (var i = 0; i < response.responseJSON.error.length; i ++) {
-                    alert.innerHTML = alert.innerHTML + `
-                    <div class="alert alert-danger alert-dismissible fade show" role="alert">
-                        <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
-                        ${response.responseJSON.error[i]}
-                        <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
-                    </div>
-                    `;
-                }
-            }
-        }
-    });
-
-    event.preventDefault();
-});
-
-// Dismiss Cookie Alert
-$('#dismiss-cookie-alert').click(function(event){
-
-    $.ajax({
-        url: '/cookies/',
-        type: 'GET',
-        data: {
-            time: Date.now()
-        },
-        dataType: 'json',
-        success: function(response){
-            console.log(response)
-        },
-        error: function(response){
-            console.log(response)
-        }
-    })
-
-    event.preventDefault()
-
-})

ref-test/admin/templates/admin/components/client-alerts.html

@@ -1 +0,0 @@
-<div id="alert-box"></div>

ref-test/admin/templates/admin/components/navbar.html

@@ -1,79 +0,0 @@
-<nav class="navbar fixed-top navbar-expand-md navbar-dark bg-dark">
-    <div class="container">
-        <a href="{{ url_for('admin_views.home') }}" class="navbar-brand mb-0 h1">RefTest | Admin</a>
-        <button
-            class="navbar-toggler"
-            type="button"
-            data-bs-toggle="collapse"
-            data-bs-target="#navbar"
-            aria-controls="navbar"
-            aria-expanded="false"
-            aria-label="Toggle Navigation"
-        >
-            <span class="navbar-toggler-icon"></span>
-        </button>
-        <div class="collapse navbar-collapse justify-content-end" id="navbar">
-            <ul class="navbar-nav">
-                {% if not check_login() %}
-                    <li class="nav-item" id="nav-login">
-                        <a href="{{ url_for('admin_auth.login') }}" id="link-login" class="nav-link">Log In</a>
-                    </li>
-                {% endif %}
-                {% if check_login() %}
-                    <li class="nav-item" id="nav-results">
-                        <a href="{{ url_for('results._results') }}" id="link-results" class="nav-link">View Results</a>
-                    </li>
-                    <li class="nav-item" id="nav-tests">
-                        <a href="{{ url_for('admin_views.tests') }}" id="link-tests" class="nav-link">Manage Tests</a>
-                    </li>
-                    <li class="nav-item dropdown" id="nav-settings">
-                        <a
-                            class="nav-link dropdown-toggle"
-                            id="dropdown-account"
-                            role="button"
-                            href="{{ url_for('admin_views.settings') }}"
-                            data-bs-toggle="dropdown"
-                            aria-expanded="false"
-                        >
-                            Settings
-                        </a>
-                        <ul
-                            class="dropdown-menu"
-                            aria-labelledby="dropdown-account"
-                        >
-                            <li>
-                                <a href="{{ url_for('admin_views.users') }}" id="link-users" class="dropdown-item">Manage Users</a>
-                            </li>
-                            <li>
-                                <a href="{{ url_for('admin_views.questions') }}" id="link-questions" class="dropdown-item">Manage Questions</a>
-                            </li>
-                        </ul>
-                    </li>
-                    <li class="nav-item dropdown" id="nav-account">
-                        <a
-                            class="nav-link dropdown-toggle"
-                            id="dropdown-account"
-                            role="button"
-                            href="{{ url_for('admin_auth.account') }}"
-                            data-bs-toggle="dropdown"
-                            aria-expanded="false"
-                        >
-                            Account
-                        </a>
-                        <ul
-                            class="dropdown-menu"
-                            aria-labelledby="dropdown-account"
-                        >
-                            <li>
-                                <a href="{{ url_for('admin_auth.account') }}" id="link-account" class="dropdown-item">Account Settings</a>
-                            </li>
-                            <li>
-                                <a href="{{ url_for('admin_auth.logout') }}" id="link-logout" class="dropdown-item">Log Out</a>
-                            </li>
-                        </ul>
-                    </li>
-                {% endif %}
-            </ul>
-        </div>
-    </div>
-</nav>

ref-test/admin/templates/admin/components/secondary-navs/tests.html

@@ -1,23 +0,0 @@
-<div class="navbar navbar-expand-sm navbar-light bg-light">
-    <div class="container-fluid">
-    <div class="expand navbar-expand justify-content-center" id="navbar_secondary">
-        <ul class="nav">
-            <li class="nav-item">
-                <a class="nav-link" href="{{ url_for('admin_views.tests', filter='active') }}">Active</a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" href="{{ url_for('admin_views.tests', filter='scheduled') }}">Scheduled</a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" href="{{ url_for('admin_views.tests', filter='expired') }}">Expired</a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" href="{{ url_for('admin_views.tests', filter='all') }}">All</a>
-            </li>
-            <li class="nav-item">
-                <a class="nav-link" href="{{ url_for('admin_views.tests', filter='create') }}">Create</a>
-            </li>
-        </ul>
-    </div>
-    </div>
-</div>

ref-test/admin/templates/admin/index.html

@@ -1,5 +0,0 @@
-{% extends "admin/components/base.html" %}
-
-{% block content %}
-    <h1>Dashboard</h1>
-{% endblock %}

ref-test/admin/templates/admin/settings/index.html

@@ -1 +0,0 @@
-{% extends "admin/components/base.html" %}

ref-test/admin/templates/admin/settings/questions.html

@@ -1 +0,0 @@
-{% extends "admin/components/base.html" %}

ref-test/admin/templates/admin/settings/upload-questions.html

@@ -1 +0,0 @@
-{% extends "admin/components/base.html" %}

ref-test/admin/views.py

@@ -1,321 +0,0 @@
-from flask import Blueprint, render_template, flash, redirect, request, jsonify, abort
-from flask.helpers import url_for
-from functools import wraps
-
-from werkzeug.security import check_password_hash
-from security.database import decrypt_find, decrypt_find_one
-from .models.users import User
-from flask_mail import Message
-from main import db
-from uuid import uuid4
-import secrets
-from main import mail
-from datetime import datetime, date, timedelta
-from .models.tests import Test
-
-views = Blueprint(
-    'admin_views',
-    __name__,
-    template_folder='templates',
-    static_folder='static'
-)
-
-def admin_account_required(function):
-    @wraps(function)
-    def decorated_function(*args, **kwargs):
-        if not db.users.find_one({}):
-            flash('No administrator accounts have been registered. Please register an administrator account.', 'alert')
-            return redirect(url_for('admin_auth.register'))
-        return function(*args, **kwargs)
-    return decorated_function
-
-def disable_on_registration(function):
-    @wraps(function)
-    def decorated_function(*args, **kwargs):
-        if db.users.find_one({}):
-            return abort(404)
-        return function(*args, **kwargs)
-    return decorated_function
-
-def get_id_from_cookie():
-    return request.cookies.get('_id')
-
-def get_user_from_db(_id):
-    return db.users.find_one({'_id': _id})
-
-def check_login():
-    _id = get_id_from_cookie()
-    return True if get_user_from_db(_id) else False
-
-def login_required(function):
-    @wraps(function)
-    def decorated_function(*args, **kwargs):
-        if not check_login():
-            flash('Please log in to view this page.', 'alert')
-            return redirect(url_for('admin_auth.login'))
-        return function(*args, **kwargs)
-    return decorated_function
-
-def disable_if_logged_in(function):
-    @wraps(function)
-    def decorated_function(*args, **kwargs):
-        if check_login():
-            return abort(404)
-        return function(*args, **kwargs)
-    return decorated_function
-
-@views.route('/')
-@views.route('/home/')
-@views.route('/dashboard/')
-@admin_account_required
-@login_required
-def home():
-    return render_template('/admin/index.html')
-
-@views.route('/settings/')
-@admin_account_required
-@login_required
-def settings():
-    return render_template('/admin/settings/index.html')
-
-@views.route('/settings/users/', methods=['GET','POST'])
-@admin_account_required
-@login_required
-def users():
-    from .models.forms import CreateUserForm
-    form = CreateUserForm()
-    if request.method == 'GET':
-        users_list = decrypt_find(db.users, {})
-        return render_template('/admin/settings/users.html', users = users_list, form = form)
-    if request.method == 'POST':
-        if form.validate_on_submit():
-            entry = User(
-                _id = uuid4().hex,
-                username = request.form.get('username').lower(),
-                email = request.form.get('email'),
-                password = request.form.get('password') if not request.form.get('password') == '' else secrets.token_hex(12),
-            )
-            email = Message(
-                subject = 'RefTest | Registration Confirmation',
-                recipients = [entry.email],
-                body = f"""
-                Hello {entry.username}, \n\n
-                You have been registered as an administrator for the SKA RefTest App!\n\n
-                You can access your account using the username '{entry.username}'.\n\n
-                Your password is as follows:\n\n
-                {entry.password}\n\n
-                You can change your password by logging in to the admin console by copying the following URL into a web browser:\n\n
-                {url_for('admin_views.home', _external = True)}\n\n
-                Have a nice day.
-                """,
-                html = f"""
-                <p>Hello {entry.username},</p>
-                <p>You have been registered as an administrator for the SKA RefTest App!</p>
-                <p>You can access your account using the username '{entry.username}'.</p>
-                <p>Your password is as follows:</p>
-                <strong>{entry.password}</strong>
-                <p>You can change your password by logging in to the admin console at the link below:</p>
-                <p><a href='{url_for('admin_views.home', _external = True)}'>{url_for('admin_views.home', _external = True)}</a></p>
-                <p>Have a nice day.</p>
-                """
-            )
-            mail.send(email)
-            return entry.register()
-        else:
-            errors = [*form.username.errors, *form.email.errors, *form.password.errors]
-            return jsonify({ 'error': errors}), 400
-        
-@views.route('/settings/users/delete/<string:_id>', methods = ['GET', 'POST'])
-@admin_account_required
-@login_required
-def delete_user(_id:str):
-    if _id == get_id_from_cookie():
-        flash('Cannot delete your own user account.', 'error')
-        return redirect(url_for('admin_views.users'))
-    from .models.forms import DeleteUserForm
-    form = DeleteUserForm()
-    user = decrypt_find_one(db.users, {'_id': _id})
-    if request.method == 'GET':
-        if not user:
-            return abort(404)
-        return render_template('/admin/settings/delete-user.html', form = form, _id = _id, user = user)
-    if request.method == 'POST':
-        if not user:
-            return jsonify({ 'error': 'User does not exist.' }), 404
-        if form.validate_on_submit():
-            _user = decrypt_find_one(db.users, {'_id': get_id_from_cookie()})
-            password = request.form.get('password')
-            if not check_password_hash(_user['password'], password):
-                return jsonify({ 'error': 'The password you entered is incorrect.' }), 401
-            if request.form.get('notify'):
-                email = Message(
-                    subject = 'RefTest | Account Deletion',
-                    recipients = [user['email']],
-                    bcc = [_user['email']],
-                    body = f"""
-                    Hello {user['username']}, \n\n
-                    Your administrator account for the SKA RefTest App has been deleted by {_user['username']}. All data about your account has been deleted.\n\n
-                    If you believe this was done in error, please contact them immediately.\n\n
-                    If you would like to register to administer the app, please ask an existing administrator to create a new account.\n\n
-                    Have a nice day.
-                    """,
-                    html = f"""
-                    <p>Hello {user['username']},</p>
-                    <p>Your administrator account for the SKA RefTest App has been deleted by {_user['username']}. All data about your account has been deleted.</p>
-                    <p>If you believe this was done in error, please contact them immediately.</p>
-                    <p>If you would like to register to administer the app, please ask an existing administrator to create a new account.</p>
-                    <p>Have a nice day.</p>
-                    """
-                )
-                mail.send(email)
-            user = User(
-                _id = user['_id']
-            )
-            return user.delete()
-        else: return abort(400)
-
-@views.route('/settings/users/update/<string:_id>', methods = ['GET', 'POST'])
-@admin_account_required
-@login_required
-def update_user(_id:str):
-    if _id == get_id_from_cookie():
-        flash('Cannot delete your own user account.', 'error')
-        return redirect(url_for('admin_views.users'))
-    from .models.forms import UpdateUserForm
-    form = UpdateUserForm()
-    user = decrypt_find_one( db.users, {'_id': _id})
-    if request.method == 'GET':
-        if not user:
-            return abort(404)
-        return render_template('/admin/settings/update-user.html', form = form, _id = _id, user = user)
-    if request.method == 'POST':
-        if not user:
-            return jsonify({ 'error': 'User does not exist.' }), 404
-        if form.validate_on_submit():
-            _user = decrypt_find_one(db.users, {'_id': get_id_from_cookie()})
-            password = request.form.get('password')
-            if not check_password_hash(_user['password'], password):
-                return jsonify({ 'error': 'The password you entered is incorrect.' }), 401
-            if request.form.get('notify'):
-                recipient = request.form.get('email') if not request.form.get('email') == '' else user['email']
-                email = Message(
-                    subject = 'RefTest | Account Update',
-                    recipients = [recipient],
-                    bcc = [_user['email']],
-                    body = f"""
-                    Hello {user['username']}, \n\n
-                    Your administrator account for the SKA RefTest App has been updated by {_user['username']}.\n\n
-                    Your new account details are as follows:\n\n
-                    Email: {recipient}\n
-                    Password: {request.form.get('password')}\n\n
-                    You can update your email and password by logging in to the app.\n\n
-                    Have a nice day.
-                    """,
-                    html = f"""
-                    <p>Hello {user['username']},</p>
-                    <p>Your administrator account for the SKA RefTest App has been updated by {_user['username']}.</p>
-                    <p>Your new account details are as follows:</p>
-                    <p>Email: {recipient} <br/>Password: {request.form.get('password')}</p>
-                    <p>You can update your email and password by logging in to the app.</p>
-                    <p>Have a nice day.</p>
-                    """
-                )
-                mail.send(email)
-            entry = User(
-                _id = _id,
-                email = request.form.get('email'),
-                password = request.form.get('password')
-            )
-            return entry.update()
-        else:
-            errors = [*form.user_password.errors, *form.email.errors, *form.password.errors, *form.password_reenter.errors]
-            return jsonify({ 'error': errors}), 400
-
-@views.route('/settings/questions/')
-@admin_account_required
-@login_required
-def questions():
-    return render_template('/admin/settings/questions.html')
-
-@views.route('/settings/questions/upload/')
-@admin_account_required
-@login_required
-def upload_questions():
-    return render_template('/admin/settings/upload-questions.html')
-
-@views.route('/tests/<filter>/', methods=['GET'])
-@views.route('/tests/', methods=['GET'])
-@admin_account_required
-@login_required
-def tests(filter=''):
-    if filter not in ['', 'create', 'active', 'scheduled', 'expired', 'all']:
-        return abort(404)
-    if filter == 'create':
-        from .models.forms import CreateTest
-        form = CreateTest()
-        form.time_limit.default='none'
-        form.process()
-        display_title = ''
-        error_none = ''
-        return render_template('/admin/tests.html', form = form, display_title=display_title, error_none=error_none, filter=filter)
-    _tests = db.tests.find({})
-    if filter == 'active' or filter == '':
-        tests = [ test for test in _tests if test['expiry_date'].date() >= date.today() and test['start_date'].date() <= date.today() ]
-        display_title = 'Active Exams'
-        error_none = 'There are no exams that are currently active. You can create one using the Creat Exam form.'
-    if filter == 'expired':
-        tests = [ test for test in _tests if test['expiry_date'].date() < date.today()]
-        display_title = 'Expired Exams'
-        error_none = 'There are no expired exams. Exams will appear in this category after their expiration date has passed.'
-    if filter == 'scheduled':
-        tests = [ test for test in _tests if test['start_date'].date() > date.today()]
-        display_title = 'Scheduled Exams'
-        error_none = 'There are no scheduled exams pending. You can schedule an exam for the future using the Create Exam form.'
-    if filter == 'all':
-        tests = _tests
-        display_title = 'All Exams'
-        error_none = 'There are no exams set up. You can create one using the Create Exam form.'
-    return render_template('/admin/tests.html', tests = tests, display_title=display_title, error_none=error_none,  filter=filter)
-
-@views.route('/tests/create/', methods=['POST'])
-@admin_account_required
-@login_required
-def _tests():
-    from .models.forms import CreateTest
-    form = CreateTest()
-    form.time_limit.default='none'
-    form.process()
-    if form.validate_on_submit():
-        start_date = request.form.get('start_date')
-        start_date = datetime.strptime(start_date, '%Y-%m-%d')
-        expiry_date = request.form.get('expiry_date')
-        expiry_date = datetime.strptime(expiry_date, '%Y-%m-%d')
-        errors = []
-        if start_date.date() < date.today():
-            errors.append('The start date cannot be in the past.')
-        if  expiry_date.date() < date.today():
-            errors.append('The expiry date cannot be in the past.')
-        if expiry_date < start_date:
-            errors.append('The expiry date cannot be before the start date.')
-        if errors:
-            return jsonify({'error': errors}), 400
-        creator_id = get_id_from_cookie()
-        creator = decrypt_find_one(db.users, { '_id': creator_id } )['username']
-        test = Test(
-            _id = uuid4().hex,
-            start_date = start_date,
-            expiry_date = expiry_date,
-            time_limit = request.form.get('time_limit'),
-            creator = creator
-        )
-        test.create()
-        return jsonify({'success': 'New exam created.'}), 200
-    else:
-        errors = [*form.expiry.errors, *form.time_limit.errors]
-        return jsonify({ 'error': errors}), 400
-
-@views.route('/tests/delete/<_id>/')
-def delete_test(_id):
-    if db.tests.find_one({'_id': _id}):
-        return Test(_id = _id).delete()
-    return abort(404)

ref-test/app/admin/static/css/style.css

@@ -20,7 +20,7 @@ body {
     padding-bottom: 40px;
 }
 
-.form-signin {
+.form-display {
     width: 100%;
     max-width: 420px;
     padding: 15px;
@@ -132,16 +132,11 @@ table.dataTable {
     width: 100%;
 }
 
-.user-table-row {
+.table-row {
     vertical-align: middle;
 }
 
-.user-row-actions {
+.row-actions {
-    text-align: center;
-    white-space: nowrap;
-}
-
-.test-row-actions {
     text-align: center;
     white-space: nowrap;
 }
@@ -153,8 +148,8 @@ table.dataTable {
     text-align:center;
 }
 
-.user-row-actions button {
+.row-actions button, .row-actions a {
-    margin: 0px 10px;
+    margin: 0px 5px;
 }
 
 #cookie-alert {
@@ -163,7 +158,7 @@ table.dataTable {
 
 #dismiss-cookie-alert {
     margin-top: 16px;
-    width: 100%;
+    width: fit-content;
 }
 
 .alert-db-empty {
@@ -214,6 +209,33 @@ table.dataTable {
     font-size: 20px;
 }
 
+.form-upload {
+    margin: 2rem 0;
+    font-size: 14pt;
+}
+
+.result-action-buttons, .test-action {
+    margin: 5px auto;
+    width: fit-content;
+}
+
+.accordion-item {
+    background-color: unset;
+}
+
+/* Change Autocomplete styles in Chrome*/
+input:-webkit-autofill,
+input:-webkit-autofill:hover, 
+input:-webkit-autofill:focus,
+textarea:-webkit-autofill,
+textarea:-webkit-autofill:hover,
+textarea:-webkit-autofill:focus,
+select:-webkit-autofill,
+select:-webkit-autofill:hover,
+select:-webkit-autofill:focus {
+  transition: background-color 5000s ease-in-out 0s;
+}
+
 /* Fallback for Edge
 -------------------------------------------------- */
 @supports (-ms-ime-align: auto) {

ref-test/app/admin/static/js/script.js

@@ -0,0 +1,233 @@
+// Menu Highlight Scripts
+const menuItems = document.getElementsByClassName('nav-link');
+for(let i = 0; i < menuItems.length; i++) {
+    if(menuItems[i].pathname == window.location.pathname) {
+        menuItems[i].classList.add('active');
+    }
+}
+const dropdownItems = document.getElementsByClassName('dropdown-item');
+for(let i = 0; i< dropdownItems.length; i++) {
+    if(dropdownItems[i].pathname == window.location.pathname) {
+        dropdownItems[i].classList.add('active');
+        $( "#" + dropdownItems[i].id ).closest( '.dropdown' ).find('.dropdown-toggle').addClass('active');
+    }
+}
+
+// General Post Method Form Processing Script
+$('form.form-post').submit(function(event) {
+    
+    var $form = $(this);
+    var data = $form.serialize();
+    var url = $(this).prop('action');
+    var rel_success = $(this).data('rel-success');
+
+    $.ajax({
+        url: url,
+        type: 'POST',
+        data: data,
+        dataType: 'json',
+        success: function(response) {
+            if (response.redirect_to) {
+                window.location.href = response.redirect_to;
+            }
+            else {
+                window.location.href = rel_success;
+            }
+        },
+        error: function(response) {
+            error_response(response);
+        }
+    });
+
+    event.preventDefault();
+});
+
+// Form Upload Questions - Special case, needs to handle files.
+$('form[name=form-upload-questions]').submit(function(event) {
+    
+    var $form = $(this);
+    var data = new FormData($form[0]);
+    var file = $('input[name=data_file]')[0].files[0]
+    data.append('file', file)
+
+    $.ajax({
+        url: window.location.pathname,
+        type: 'POST',
+        data: data,
+        processData: false,
+        contentType: false,
+        success: function(response) {
+            window.location.reload();
+        },
+        error: function(response) {
+            error_response(response);
+        }
+    });
+
+    event.preventDefault();
+});
+
+// Edit and Delete Test Button Handlers
+$('.test-action').click(function(event) {
+    
+    let id = $(this).data('id');
+    let action = $(this).data('action');
+
+    if (action == 'delete' || action == 'start' || action == 'end') {
+        $.ajax({
+            url: `/admin/tests/edit/`,
+            type: 'POST',
+            data: JSON.stringify({'id': id, 'action': action}), // TODO Change how CRUD operations work
+            contentType: 'application/json',
+            success: function(response) {
+                window.location.href = '/admin/tests/';
+            },
+            error: function(response){
+                error_response(response);
+            },
+        });
+    } else if (action == 'edit') {
+        window.location.href = `/admin/test/${id}/`
+    }
+
+    event.preventDefault();
+});
+
+// Edit Dataset Button Handlers
+$('.edit-question-dataset').click(function(event) {
+    
+    var filename = $(this).data('filename');
+    var action = $(this).data('action');
+    var disabled = $(this).hasClass('disabled');
+
+    if ( !disabled ) {
+        $.ajax({
+            url: `/admin/settings/questions/${action}/`,
+            type: 'POST',
+            data: JSON.stringify({'filename': filename}),
+            contentType: 'application/json',
+            success: function(response) {
+                window.location.reload();
+            },
+            error: function(response){
+                error_response(response);
+            },
+        });
+    };
+    event.preventDefault();
+});
+
+function error_response(response) {
+
+    const $alert = $("#alert-box");
+    $alert.html('');
+
+    if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
+        $alert.html(`
+        <div class="alert alert-danger alert-dismissible fade show" role="alert">
+            <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
+            ${response.responseJSON.error}
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+        `);
+    } else if (response.responseJSON.error instanceof Array) {
+        var output = ''
+        for (var i = 0; i < response.responseJSON.error.length; i ++) {
+            output += `
+            <div class="alert alert-danger alert-dismissible fade show" role="alert">
+                <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
+                ${response.responseJSON.error[i]}
+                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+            </div>
+            `;
+            $alert.html(output);
+        }
+    }
+
+    $alert.focus()
+}
+
+// Dismiss Cookie Alert
+$('#dismiss-cookie-alert').click(function(event){
+
+    $.ajax({
+        url: '/cookies/',
+        type: 'POST',
+        data: {
+            time: Date.now()
+        },
+        dataType: 'json',
+        success: function(response){
+            console.log(response);
+        },
+        error: function(response){
+            console.log(response);
+        }
+    })
+
+    event.preventDefault();
+})
+
+// Script for Result Actions
+$('.result-action-buttons').click(function(event){
+
+    var id = $(this).data('id');
+
+    if ($(this).data('result-action') == 'generate') {
+        $.ajax({
+            url: '/admin/certificate/',
+            type: 'POST',
+            data: JSON.stringify({'id': id}),
+            contentType: 'application/json',
+            dataType: 'html',
+            success: function(response) {
+                var display_window = window.open();
+                display_window.document.write(response);
+            },
+            error: function(response){
+                error_response(response);
+            },
+        });
+    } else {
+        var action = $(this).data('result-action')
+        $.ajax({
+            url: window.location.href,
+            type: 'POST',
+            data: JSON.stringify({'id': id, 'action': action}),
+            contentType: 'application/json',
+            success: function(response) {
+                if (action == 'delete') {
+                    window.location.href = '/admin/results/';
+                } else window.location.reload();
+            },
+            error: function(response){
+                error_response(response);
+            },
+        });
+    }
+
+    event.preventDefault();
+});
+
+// Script for Deleting Time Adjustment
+$('.adjustment-delete').click(function(event){
+
+    var user_code = $(this).data('user_code');
+    var location = window.location.href;
+    location = location.replace('#', '')
+
+    $.ajax({
+        url: location + 'delete-adjustment/',
+        type: 'POST',
+        data: JSON.stringify({'user_code': user_code}),
+        contentType: 'application/json',
+        success: function(response) {
+            window.location.reload();
+        },
+        error: function(response){
+            error_response(response);
+        },
+    });
+    
+    event.preventDefault();
+});

ref-test/app/admin/templates/admin/auth/account.html

@@ -2,9 +2,9 @@
 
 {% block content %}
     <div class="form-container">
-        <form name="form-update-account" class="form-signin">
+        <form name="form-update-account" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._home') }}">
             {% include "admin/components/server-alerts.html" %}
-            <h2 class="form-signin-heading">Update Your Account</h2>
+            <h2 class="form-heading">Update Your Account</h2>
             {{ form.hidden_tag() }}
             <div class="form-label-group">
                 Please confirm <strong>your current password</strong> before making any changes to your user account.
@@ -32,7 +32,7 @@
             <div class="container form-submission-button">
                 <div class="row">
                     <div class="col text-center">
-                        <a href="{{ url_for('admin_views.users') }}" class="btn btn-md btn-danger btn-block" type="button">
+                        <a href="{{ url_for('admin._users') }}" class="btn btn-md btn-danger btn-block" type="button">
                             <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-x-circle-fill" viewBox="0 0 16 16">
                                 <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM5.354 4.646a.5.5 0 1 0-.708.708L7.293 8l-2.647 2.646a.5.5 0 0 0 .708.708L8 8.707l2.646 2.647a.5.5 0 0 0 .708-.708L8.707 8l2.647-2.646a.5.5 0 0 0-.708-.708L8 7.293 5.354 4.646z"/>
                             </svg>

ref-test/app/admin/templates/admin/auth/login.html

@@ -2,7 +2,7 @@
 
 {% block content %}
     <div class="form-container">
-        <form name="form-login" class="form-signin">
+        <form name="form-login" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._home') }}">
             {% include "admin/components/server-alerts.html" %}
             <h2 class="form">Log In</h2>
             {{ form.hidden_tag() }}
@@ -26,7 +26,7 @@
                     </div>
                 </div>
             </div>
-            <a href="{{ url_for('admin_auth.reset') }}" class="signin-forgot-password">Reset Password</a>
+            <a href="{{ url_for('admin._reset') }}" class="signin-forgot-password">Reset Password</a>
         </form>
     </div>
 {% endblock %}

ref-test/app/admin/templates/admin/auth/register.html

@@ -3,16 +3,16 @@
 {% block navbar %}
     <nav class="navbar fixed-top navbar-expand-md navbar-dark bg-dark">
         <div class="container">
-            <a href="{{ url_for('admin_views.home') }}" class="navbar-brand mb-0 h1">RefTest | Admin</a>
+            <a href="{{ url_for('admin._home') }}" class="navbar-brand mb-0 h1">RefTest | Admin</a>
         </div>
 </nav>
 {% endblock %}
 
 {% block content %}
     <div class="form-container">
-        <form name="form-register" action="" method="" class="form-signin">
+        <form name="form-register" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._login') }}">
             {% include "admin/components/server-alerts.html" %}
-            <h2 class="form-signin-heading">Register an Account</h2>
+            <h2 class="form-heading">Register an Account</h2>
                 {{ form.hidden_tag() }}
             <div class="form-label-group">
                 {{ form.username(class_="form-control", autofocus=true, placeholder="Username") }}

ref-test/app/admin/templates/admin/auth/reset.html

@@ -2,9 +2,9 @@
 
 {% block content %}
 <div class="form-container">
-    <form name="form-reset" class="form-signin">
+    <form name="form-reset" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._login') }}">
         {% include "admin/components/server-alerts.html" %}
-        <h2 class="form-signin-heading">Reset Password</h2>
+        <h2 class="form-heading">Reset Password</h2>
         {{ form.hidden_tag() }}
         <div class="form-label-group">
             {{ form.username(class_="form-control", autofocus=true, placeholder="Enter Username") }}

ref-test/app/admin/templates/admin/auth/update-password.html

@@ -2,9 +2,9 @@
 
 {% block content %}
 <div class="form-container">
-    <form name="form-update-password" class="form-signin">
+    <form name="form-update-password" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._login') }}">
         {% include "admin/components/server-alerts.html" %}
-        <h2 class="form-signin-heading">Update Password</h2>
+        <h2 class="form-heading">Update Password</h2>
         {{ form.hidden_tag() }}
         <div class="form-label-group">
             {{ form.password(class_="form-control", placeholder="Password") }}

ref-test/app/admin/templates/admin/components/base.html

@@ -18,6 +18,7 @@
         {% block datatable_css %}
         {% endblock %}
         <title>{% block title %} SKA Referee Test | Admin Console {% endblock %}</title>
+        {% include "admin/components/og-meta.html" %}
     </head>
     <body class="bg-light">
 
@@ -32,8 +33,10 @@
             {% block content %}{% endblock %}
         </div>
 
-        <footer class="container site-footer">
+        <footer class="container site-footer mt-5">
-            {% include "admin/components/footer.html" %}
+            {% block footer %}
+                {% include "admin/components/footer.html" %}
+            {% endblock %}
         </footer>
 
         <!-- JQuery, Popper, and Bootstrap js dependencies -->
@@ -42,6 +45,9 @@
             integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4="
             crossorigin="anonymous">
         </script>
+        <script>
+            window.jQuery || document.write(`<script src="{{ url_for('.static', filename='js/jquery-3.6.0.min.js') }}"><\/script>`)
+        </script>
         <script
             src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js"
             integrity="sha384-7+zCNj/IqJ95wo16oMtfsKbZ9ccEh31eOz1HGyDuCQ6wgnyJNSYdrPa03rtR1zdB"
@@ -53,11 +59,24 @@
             crossorigin="anonymous"
         ></script>
         <!-- Custom js -->
+        <script type="text/javascript">
+            var csrf_token = "{{ csrf_token() }}";
+        
+            $.ajaxSetup({
+                beforeSend: function(xhr, settings) {
+                    if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
+                        xhr.setRequestHeader("X-CSRFToken", csrf_token);
+                    }
+                }
+            });
+        </script>
         <script
             type="text/javascript"
             src="{{ url_for('.static', filename='js/script.js') }}"
         ></script>
         {% block datatable_scripts %}
         {% endblock %}
+        {% block custom_data_script %}
+        {% endblock %}
     </body>
 </html>

ref-test/app/admin/templates/admin/components/certificate.html

@@ -0,0 +1,84 @@
+{% extends "admin/components/base.html" %}
+{% block title %} SKA Referee Test | Detailed Results {% endblock %}
+{% block navbar %}{% endblock %}
+{% block top_alerts %}{% endblock %}
+{% block content %}
+    <div class="d-flex justify-content-center">
+        <h1 class="center">SKA Referee Theory Exam Results</h1>
+    </div>
+    <div class="container mt-5">
+        <div class="row justify-content-center">
+            <div class="col-lg-6">
+                <ul class="list-group">
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Candidate</h5>
+                        </div>
+                        <h2>
+                            {{ entry.get_surname()}}, {{ entry.get_first_name() }}
+                        </h2>
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Email Address</h5>
+                        </div>
+                        {{ entry.get_email() }}
+                    </li>
+                    {% if entry.club %}
+                        <li class="list-group-item list-group-item-action">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">Club</h5>
+                            </div>
+                            {{ entry.get_club() }}
+                        </li>
+                    {% endif %}
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Exam Code</h5>
+                        </div>
+                        {{ entry.test.get_code() }}
+                    </li>
+                    {% if entry.user_code %}
+                        <li class="list-group-item list-group-item-action">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">User Code</h5>
+                            </div>
+                            {{ entry.user_code }}
+                        </li>
+                    {% endif %}
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Start Time</h5>
+                        </div>
+                        {{ entry.start_time.strftime('%d %b %Y %H:%M:%S') }}
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Submission Time</h5>
+                            {% if entry.status == 'late' %}
+                                <span class="badge bg-danger">Late</span>
+                            {% endif %}
+                        </div>
+                        {{ entry.end_time.strftime('%d %b %Y %H:%M:%S') }}
+                    </li>       
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Score</h5>
+                        </div>
+                        {{ entry.result.score }}&percnt;
+                    </li>
+                    <li class="list-group-item list-group-item-action {% if entry.result.grade == 'fail' %}list-group-item-danger {% elif entry.result.grade == 'merit' %} list-group-item-success {% endif %}">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Grade</h5>
+                        </div>
+                        {{ entry.result.grade[0]|upper }}{{ entry.result.grade[1:]}}
+                    </li>
+                </ul>
+                <div class="site-footer mt-5">
+                    These results were generated using the SKA RefTest web app on {{ now.strftime('%d %b %Y at %H:%M:%S') }}.
+                </div>
+                {% block footer %}{% endblock %}
+            </div>
+        </div>
+    </div>
+{% endblock %}

ref-test/app/admin/templates/admin/components/client-alerts.html

@@ -0,0 +1 @@
+<div id="alert-box" tabindex="-1"></div>

ref-test/app/admin/templates/admin/components/datatable.html

@@ -6,6 +6,7 @@
     <link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/fixedheader/3.2.0/css/fixedHeader.bootstrap5.min.css"/>
     <link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/keytable/2.6.4/css/keyTable.bootstrap5.min.css"/>
     <link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/responsive/2.2.9/css/responsive.bootstrap5.min.css"/>
+    <link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/searchbuilder/1.3.0/css/searchBuilder.dataTables.min.css"/>
 {% endblock %}
 {% block datatable_scripts %}
 <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jszip/2.5.0/jszip.min.js"></script>
@@ -23,5 +24,5 @@
 <script type="text/javascript" src="https://cdn.datatables.net/keytable/2.6.4/js/dataTables.keyTable.min.js"></script>
 <script type="text/javascript" src="https://cdn.datatables.net/responsive/2.2.9/js/dataTables.responsive.min.js"></script>
 <script type="text/javascript" src="https://cdn.datatables.net/responsive/2.2.9/js/responsive.bootstrap5.js"></script>
-    {% block custom_data_script %}{% endblock %}
+<script type="text/javascript" src="https://cdn.datatables.net/searchbuilder/1.3.0/js/dataTables.searchBuilder.min.js"></script>
 {% endblock %}

ref-test/app/admin/templates/admin/components/footer.html

@@ -1,2 +1,2 @@
-<p>This web app was developed by Vivek Santayana. The source code for the web app, excluding any data pertaining to the questions in the quiz, is freely available at the repository under an MIT License.</p>
+<p>This web app was developed by Vivek Santayana. The source code for the web app, excluding any data pertaining to the questions in the quiz, is freely available at <a href="https://git.vsnt.uk/viveksantayana/ska-referee-test">Vivek&rsquo;s personal GIT repository</a> under an MIT License.</p>
 <p>All questions in the test are &copy; The Scottish Korfball Association {{ now.year }}. All rights are reserved.</p>

ref-test/app/admin/templates/admin/components/navbar.html

@@ -0,0 +1,111 @@
+<nav class="navbar fixed-top navbar-expand-md navbar-dark bg-dark">
+    <div class="container">
+        <a href="{{ url_for('admin._home') }}" class="navbar-brand mb-0 h1">RefTest (Beta) | Admin</a>
+        <button
+            class="navbar-toggler"
+            type="button"
+            data-bs-toggle="collapse"
+            data-bs-target="#navbar"
+            aria-controls="navbar"
+            aria-expanded="false"
+            aria-label="Toggle Navigation"
+        >
+            <span class="navbar-toggler-icon"></span>
+        </button>
+        <div class="collapse navbar-collapse justify-content-end" id="navbar">
+            <ul class="navbar-nav">
+                {% if not current_user.is_authenticated %}
+                    <li class="nav-item" id="nav-login">
+                        <a href="{{ url_for('admin._login') }}" id="link-login" class="nav-link">Log In</a>
+                    </li>
+                {% endif %}
+                {% if current_user.is_authenticated %}
+                    <li class="nav-item" id="nav-results">
+                        <a href="{{ url_for('admin._view_entries') }}" id="link-results" class="nav-link">View Results</a>
+                    </li>
+                    <li class="nav-item dropdown" id="nav-tests">
+                        <a
+                            class="nav-link dropdown-toggle"
+                            id="dropdown-tests"
+                            role="button"
+                            href="{{ url_for('admin._tests') }}"
+                            data-bs-toggle="dropdown"
+                            aria-expanded="false"
+                        >
+                            Exams
+                        </a>
+                        <ul
+                            class="dropdown-menu"
+                            aria-labelledby="dropdown-settings"
+                        >
+                            <li>
+                                <a href="{{ url_for('admin._tests', filter='active') }}" id="link-active" class="dropdown-item">Active</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._tests', filter='scheduled') }}" id="link-scheduled" class="dropdown-item">Scheduled</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._tests', filter='expired') }}" id="link-expired" class="dropdown-item">Expired</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._tests', filter='all') }}" id="link-all" class="dropdown-item">All</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._tests', filter='create') }}" id="link-create" class="dropdown-item">Create</a>
+                            </li>
+                        </ul>
+                    </li>
+                    <li class="nav-item dropdown" id="nav-settings">
+                        <a
+                            class="nav-link dropdown-toggle"
+                            id="dropdown-account"
+                            role="button"
+                            href="{{ url_for('admin._settings') }}"
+                            data-bs-toggle="dropdown"
+                            aria-expanded="false"
+                        >
+                            Settings
+                        </a>
+                        <ul
+                            class="dropdown-menu"
+                            aria-labelledby="dropdown-settings"
+                        >
+                            <li>
+                                <a href="{{ url_for('admin._settings') }}" id="link-settings" class="dropdown-item">View Settings</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._users') }}" id="link-users" class="dropdown-item">Users</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._questions') }}" id="link-questions" class="dropdown-item">Question Datasets</a>
+                            </li>
+                        </ul>
+                    </li>
+                    <li class="nav-item dropdown" id="nav-account">
+                        <a
+                            class="nav-link dropdown-toggle"
+                            id="dropdown-account"
+                            role="button"
+                            href="{{ url_for('admin._update_user', id=current_user.id) }}"
+                            data-bs-toggle="dropdown"
+                            aria-expanded="false"
+                        >
+                            Account
+                        </a>
+                        <ul
+                            class="dropdown-menu"
+                            aria-labelledby="dropdown-account"
+                        >
+                            <li>
+                                <a href="{{ url_for('admin._update_user', id=current_user.id) }}" id="link-account" class="dropdown-item">Account Settings</a>
+                            </li>
+                            <li>
+                                <a href="{{ url_for('admin._logout') }}" id="link-logout" class="dropdown-item">Log Out</a>
+                            </li>
+                        </ul>
+                    </li>
+                {% endif %}
+            </ul>
+        </div>
+    </div>
+</nav>

ref-test/app/admin/templates/admin/components/og-meta.html

@@ -0,0 +1,17 @@
+<meta name="description" content="A web app for taking the Scottish Korfball Association Refereeing Theory Exam on-line." />
+<meta property="og:locale" content="en_UK" />
+<meta property="og:type" content="website" />
+<meta property="og:description" content="A web app for taking the Scottish Korfball Association Refereeing Theory Exam on-line." />
+<meta property="og:url" content="{{ url_for(request.endpoint, _external = True, **request.view_args) }}" />
+<meta property="og:site_name" content="Scottish Korfball Association Referee Theory Exam" />
+<meta property="og:image" content="{{ url_for('static', filename='favicon.png', _external = True) }}" />
+<meta property="og:image:alt" content="Logo of the SKA Refereeing Exam App" />
+<meta property="og:image:width" content="512" />
+<meta property="og:image:height" content="512" />
+<meta name="twitter:card" content="summary" />
+<meta name="twitter:description" content="A web app for taking the Scottish Korfball Association Refereeing Theory Exam on-line." />
+<meta name="twitter:image" content="{{ url_for('static', filename='favicon.png', _external = True) }}" />
+<meta name="twitter:image:alt" content="Logo of the SKA Refereeing Exam App" />
+<meta name="twitter:creator" content="@viveksantayana" />
+<meta name="twitter:site" content="@viveksantayana" />
+<meta name="theme-color" content="#343a40" />

ref-test/app/admin/templates/admin/components/secondary-navs/tests.html

@@ -0,0 +1,23 @@
+<div class="navbar navbar-expand-sm navbar-light bg-light">
+    <div class="container-fluid">
+    <div class="expand navbar-expand justify-content-center" id="navbar_secondary">
+        <ul class="nav nav-pills">
+            <li class="nav-item">
+                <a class="nav-link" href="{{ url_for('admin._tests', filter='active') }}">Active</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" href="{{ url_for('admin._tests', filter='scheduled') }}">Scheduled</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" href="{{ url_for('admin._tests', filter='expired') }}">Expired</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" href="{{ url_for('admin._tests', filter='all') }}">All</a>
+            </li>
+            <li class="nav-item">
+                <a class="nav-link" href="{{ url_for('admin._tests', filter='create') }}">Create</a>
+            </li>
+        </ul>
+    </div>
+    </div>
+</div>

ref-test/app/admin/templates/admin/components/server-alerts.html

@@ -25,7 +25,9 @@
                     <div class="alert alert-primary alert-dismissible fade show" id="cookie-alert" role="alert">
                         <i class="bi bi-info-circle-fill" title="Cookie Alert" aria-title="Cookie Alert"></i>
                         {{ message|safe }}
-                        <button type="button" id="dismiss-cookie-alert" class="btn btn-success" data-bs-dismiss="alert" aria-label="Close">Accept</button>
+                        <div class="d-flex justify-content-center w-100">
+                            <button type="button" id="dismiss-cookie-alert" class="btn btn-success" data-bs-dismiss="alert" aria-label="Close">Accept</button>
+                        </div>
                     </div>
                     {% set cookie_flash_flag.value = True %}
                 {% endif %}

ref-test/app/admin/templates/admin/index.html

@@ -0,0 +1,148 @@
+{% extends "admin/components/base.html" %}
+
+{% block content %}
+    <h1>Dashboard</h1>
+    <div class="container">
+        <div class="row">
+            <div class="col-sm">
+                <div class="card m-3">
+                    <div class="card-body">
+                        <h5 class="card-title">Current Exams</h5>
+                        {% if current_tests %}
+                            <div class="card-text">
+                                <table class="table table-striped">
+                                    <thead>
+                                        <tr>
+                                            <th>
+                                                Exam Code
+                                            </th>
+                                            <th>
+                                                Expiry Date
+                                            </th>
+                                        </tr>
+                                    </thead>
+                                    <tbody>
+                                        {% for test in current_tests %}
+                                            <tr>
+                                                <td>
+                                                    <a href="{{ url_for('admin._view_test', id=test.id) }}">{{ test.get_code() }}</a>
+                                                </td>
+                                                <td>
+                                                    {{ test.end_date.strftime('%d %b %Y') }}
+                                                </td>
+                                            </tr>
+                                        {% endfor %}
+                                    </tbody>
+                                </table>
+                            </div>
+                            <a href="{{ url_for('admin._tests', filter='active') }}" class="btn btn-primary">View Exams</a>
+                        {% else %}
+                            <div class="alert alert-primary">
+                                There are currently no active exams.
+                            </div>
+                            <a href="{{ url_for('admin._tests', filter='create') }}" class="btn btn-primary">Create Exam</a>
+                        {% endif %}
+                    </div>
+                  </div>
+            </div>
+            <div class="col-sm">
+                <div class="card m-3">
+                    <div class="card-body">
+                        <h5 class="card-title">Recent Results</h5>
+                        {% if recent_results %}
+                            <div class="card-text">
+                                <table class="table table-striped">
+                                    <thead>
+                                        <tr>
+                                            <th>
+                                                Name
+                                            </th>
+                                            <th>
+                                                Date Submitted
+                                            </th>
+                                            <th>
+                                                Result
+                                            </th>
+                                        </tr>
+                                    </thead>
+                                    <tbody>
+                                        {% for result in recent_results %}
+                                            <tr>
+                                                <td>
+                                                    <a href="{{ url_for('admin._view_entry', id=result.id) }}">{{ result.get_surname() }}, {{ result.get_first_name() }}</a>
+                                                </td>
+                                                <td>
+                                                    {{ result.end_time.strftime('%d %b %Y %H:%M') }}
+                                                </td>
+                                                <td>
+                                                    {{ (100*result.result['score']/result.result['max'])|round|int }}&percnt; ({{ result.result.grade }})
+                                                </td>
+                                            </tr>
+                                        {% endfor %}
+                                    </tbody>
+                                </table>
+                            </div>
+                            <a href="{{ url_for('admin._view_entries') }}" class="btn btn-primary">View Results</a>
+                        {% else %}
+                            <div class="alert alert-primary">
+                                There are currently no exam results to preview.
+                            </div>
+                        {% endif %}
+                    </div>
+                  </div>
+            </div>
+        </div>
+        <div class="row g-3">
+            <div class="col-sm">
+                <div class="card m-3">
+                    <div class="card-body">
+                        <h5 class="card-title">Upcoming Exams</h5>
+                            {% if upcoming_tests %}
+                                <div class="card-text">
+                                    <table class="table table-striped">
+                                        <thead>
+                                            <tr>
+                                                <th>
+                                                    Exam Code
+                                                </th>
+                                                <th>
+                                                    Expiry Date
+                                                </th>
+                                            </tr>
+                                        </thead>
+                                        <tbody>
+                                            {% for test in upcoming_tests %}
+                                                <tr>
+                                                    <td>
+                                                        <a href="{{ url_for('admin._view_test', id=test.id) }}">{{ test.get_code() }}</a>
+                                                    </td>
+                                                    <td>
+                                                        {{ test.end_date.strftime('%d %b %Y') }}
+                                                    </td>
+                                                </tr>
+                                            {% endfor %}
+                                        </tbody>
+                                    </table>
+                                </div>
+                                <a href="{{ url_for('admin._tests', filter='scheduled') }}" class="btn btn-primary">View Exams</a>
+                            {% else %}
+                                <div class="alert alert-primary">
+                                    There are currently no upcoming exams.
+                                </div>
+                                <a href="{{ url_for('admin._tests', filter='create') }}" class="btn btn-primary">Create Exam</a>
+                            {% endif %}
+                    </div>
+                  </div>
+            </div>
+            <div class="col-sm">
+                <div class="card m-3">
+                    <div class="card-body">
+                        <h5 class="card-title">Help</h5>
+                        <p class="card-text">This web app was developed by Vivek Santayana. If there are any issues with the app, any bugs you need to report, or any features you would like to request, please feel free to <a href="https://git.vsnt.uk/viveksantayana/ska-referee-test/issues">open an issue at the Git Repository</a>.</p>
+                        <a href="https://git.vsnt.uk/viveksantayana/ska-referee-test/issues" class="btn btn-primary">Open an Issue</a>
+                    </div>
+                  </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}

ref-test/app/admin/templates/admin/result-detail.html

@@ -0,0 +1,188 @@
+{% extends "admin/components/base.html" %}
+{% block title %} SKA Referee Test | Detailed Results {% endblock %}
+{% block content %}
+    {% include "admin/components/client-alerts.html" %}
+    <h1>Exam Results</h1>
+
+    <div class="container">
+        <div class="row justify-content-center">
+            <div class="col-lg-6">          
+                <ul class="list-group">
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Candidate</h5>
+                        </div>
+                        <h2>
+                            {{ entry.get_surname() }}, {{ entry.get_first_name() }}
+                        </h2>
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Email Address</h5>
+                        </div>
+                        {{ entry.get_email() }}
+                    </li>
+                    {% if entry.club %}
+                        <li class="list-group-item list-group-item-action">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">Club</h5>
+                            </div>
+                            {{ entry.get_club() }}
+                        </li>
+                    {% endif %}
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Exam Code</h5>
+                        </div>
+                        {{ entry.test.get_code() }}
+                    </li>
+                    {% if entry.user_code %}
+                        <li class="list-group-item list-group-item-action">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">User Code</h5>
+                            </div>
+                            {{ entry.user_code }}
+                        </li>
+                    {% endif %}
+                    {% if entry.start_time %}
+                        <li class="list-group-item list-group-item-action">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">Start Time</h5>
+                            </div>
+                            {{ entry.start_time.strftime('%d %b %Y %H:%M:%S') }}
+                        </li>
+                    {% endif %}
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Submission Time</h5>
+                            {% if entry.status == 'late' %}
+                                <span class="badge bg-danger">Late</span>
+                            {% endif %}
+                        </div>
+                        {% if entry.end_time %}
+                            {{ entry.end_time.strftime('%d %b %Y %H:%M:%S') }}
+                        {% else %}
+                            Incomplete
+                        {% endif %}
+                    </li>
+                    {% if entry.result %}
+                        <li class="list-group-item list-group-item-action">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">Score</h5>
+                            </div>
+                            {{ entry.result.score }}&percnt;
+                        </li>
+                        <li class="list-group-item list-group-item-action {% if entry.result.grade == 'fail' %}list-group-item-danger {% elif entry.result.grade == 'merit' %} list-group-item-success {% endif %}">
+                            <div class="d-flex w-100 justify-content-between">
+                                <h5 class="mb-1">Grade</h5>
+                            </div>
+                            {{ entry.result.grade[0]|upper }}{{ entry.result.grade[1:]}}
+                        </li>
+                    {% endif %}
+                </ul>
+                {% if entry.result %}
+                    <div class="accordion" id="results-breakdown">
+                        <div class="accordion-item">
+                            <h2 class="accordion-header" id="by-category">
+                                <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#by-category-breakdown" aria-expanded="false" aria-controls="by-category-breakdown">
+                                    Score By Categories
+                                </button>
+                            </h2>
+                            <div id="by-category-breakdown" class="accordion-collapse collapse" aria-labelledby="by-category" data-bs-parent="#results-breakdown">
+                                <div class="accordion-body">
+                                    <table class="table table-striped">
+                                        <thead>
+                                            <tr>
+                                                <th>
+                                                    Category
+                                                </th>
+                                                <th>
+                                                    Score
+                                                </th>
+                                                <th>
+                                                    Max
+                                                </th>
+                                            </tr>
+                                        </thead>
+                                        <tbody>
+                                            {% for tag, scores in entry.result.tags.items() %}
+                                                <tr>
+                                                    <td>
+                                                        {{ tag }}
+                                                    </td>
+                                                    <td>
+                                                        {{ scores.scored }}
+                                                    </td>
+                                                    <td>
+                                                        {{scores.max}}
+                                                    </td>
+                                                </tr>
+                                            {% endfor %}
+                                        </tbody>
+                                    </table>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="accordion-item">
+                            <h2 class="accordion-header" id="by-question">
+                                <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#by-question-breakdown" aria-expanded="false" aria-controls="by-question-breakdown">
+                                    View All Answers
+                                </button>
+                            </h2>
+                        <div id="by-question-breakdown" class="accordion-collapse collapse" aria-labelledby="by-question" data-bs-parent="#results-breakdown">
+                            <div class="accordion-body">
+                                <table class="table table-striped">
+                                        <thead>
+                                            <tr>
+                                                <th>
+                                                    Question
+                                                </th>
+                                                <th>
+                                                    Answer
+                                                </th>
+                                            </tr>
+                                        </thead>
+                                        <tbody>
+                                            {% for question, answer in entry.answers.items() %}
+                                                <tr>
+                                                    <td>
+                                                        {{ question }}
+                                                    </td>
+                                                    <td>
+                                                        {{ answers[question|int][answer|int] }}
+                                                        {% if not correct[question] == answer|int %}
+                                                            <span class="badge badge-pill bg-danger badge-danger">Incorrect</span>
+                                                        {% endif %}
+                                                    </td>
+                                                </tr>
+                                            {% endfor %}
+                                        </tbody>
+                                </table>
+                            </div>
+                        </div>
+                    </div>
+                {% endif %}
+                <div class="container justify-content-center">
+                    <div class="row">
+                        <a href="#" class="btn btn-primary result-action-buttons" data-result-action="generate" data-id="{{ entry.id }}">
+                            <i class="bi bi-printer-fill button-icon"></i>
+                            Printable Version
+                        </a>
+                    </div>
+                    <div class="row">
+                            {% if entry.status == 'late' %}
+                                <a href="#" class="btn btn-warning result-action-buttons" data-result-action="override" data-id="{{ entry.id }}">
+                                    <i class="bi bi-clock-history button-icon"></i>
+                                    Allow Late Entry
+                                </a>
+                            {% endif %}
+                        <a href="#" class="btn btn-danger result-action-buttons" data-result-action="delete" data-id="{{ entry.id }}">
+                            <i class="bi bi-trash-fill button-icon"></i>
+                            Delete Result
+                        </a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}

ref-test/app/admin/templates/admin/results.html

@@ -0,0 +1,138 @@
+{% extends "admin/components/datatable.html" %}
+{% block title %} SKA Referee Test | View Results {% endblock %}
+{% block content %}
+    {% include "admin/components/client-alerts.html" %}
+    <h1>View Results</h1>
+    {% if entries %}
+        <table id="results-table" class="table table-striped" style="width:100%">
+            <thead>
+                <tr>
+                    <th data-priority="1">
+                        Name
+                    </th>
+                    <th data-priority="4">
+                        Club
+                    </th>
+                    <th data-priority="5">
+                        Exam Code
+                    </th>
+                    <th data-priority="3">
+                        Status
+                    </th>
+                    <th data-priority="4">
+                        Submitted
+                    </th>
+                    <th data-priority="2">
+                        Result
+                    </th>
+                    <th data-priority="3">
+                        Grade
+                    </th>
+                    <th data-priority="1">
+                        Details
+                    </th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for entry in entries %}
+                    <tr class="table-row">
+                        <td>
+                            {{ entry.get_surname() }}, {{ entry.get_first_name() }}
+                        </td>
+                        <td>
+                            {% if entry.club %}
+                                {{ entry.get_club() }}
+                            {% endif %}
+                        </td>
+                        <td>
+                            {{ entry.test.get_code() }}
+                        </td>
+                        <td>
+                            {% if entry.status %}
+                                {{ entry.status }}
+                            {% endif %}
+                        </td>
+                        <td>
+                            {% if entry.end_time %}
+                                {{ entry.end_time.strftime('%d %b %Y') }}
+                            {% endif %}
+                        </td>
+                        <td>
+                            {% if entry.result %}
+                                {{ entry.result.score }}&percnt;
+                            {% endif %}
+                        </td>
+                        <td>
+                            {% if entry.result %}
+                                {{ entry.result.grade }}
+                            {% endif %}
+                        </td>
+                        <td class="row-actions">
+                            <a
+                                href="{{ url_for('admin._view_entry', id = entry.id ) }}"
+                                class="btn btn-primary entry-details"
+                                data-id="{{entry.id}}"
+                                title="View Details"
+                            >
+                                <i class="bi bi-file-medical-fill button-icon"></i>
+                            </button>
+                        </td>
+                    </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    {% else %}
+            <div class="alert alert-primary alert-db-empty">
+                <i class="bi bi-info-circle-fill" aria-title="Alert" title="Alert"></i>
+                There are no exam attempts to view.
+            </div>
+    {% endif %}
+{% endblock %}
+
+{% if entries %}
+    {% block custom_data_script %}
+        <script>
+            $(document).ready(function() {
+                $('#results-table').DataTable({
+                    'searching': false,
+                    'columnDefs': [
+                        {'sortable': false, 'targets': [7]},
+                        {'searchable': false, 'targets': [7]}
+                    ],
+                    'order': [[4, 'desc'], [0, 'asc']],
+                    'buttons': [
+                        {
+                            extend: 'print',
+                            exportOptions: {
+                                columns: [0, 1, 3, 4, 5, 6]
+                            }
+                        },
+                        {
+                            extend: 'excel',
+                            exportOptions: {
+                                columns: [0, 1, 3, 4, 5, 6]
+                            }
+                        },
+                        {
+                            extend: 'pdf',
+                            exportOptions: {
+                                columns: [0, 1, 3, 4, 5, 6]
+                            }
+                        }
+                    ],
+                    'responsive': 'true',
+                    'colReorder': 'true',
+                    'fixedHeader': 'true',
+                    'searchBuilder': {
+                        depthLimit: 2,
+                        columns: [1, 5, 6],
+                    },
+                    dom: 'BQlfrtip'
+                });
+                // $('.buttons-pdf').html('<span class="glyphicon glyphicon-file" data-toggle="tooltip" title="Export To Excel"/>') -->
+            } );
+            $('#results-table').show();
+            $(window).trigger('resize');
+        </script>
+    {% endblock %}
+{% endif %}

ref-test/app/admin/templates/admin/settings/delete_user.html

@@ -2,11 +2,11 @@
 
 {% block content %}
     <div class="form-container">
-        <form name="form-delete-user" class="form-signin">
+        <form name="form-delete-user" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._users') }}">
             {% include "admin/components/server-alerts.html" %}
-            <h2 class="form-signin-heading">Delete User &lsquo;{{ user.username }}&rsquo;?</h2>
+            <h2 class="form-heading">Delete User &lsquo;{{ user.get_username() }}&rsquo;?</h2>
             {{ form.hidden_tag() }}
-            <p>This action cannot be undone. Deleting an account will mean {{ user.username }} will no longer be able to log in to the admin console.</p>
+            <p>This action cannot be undone. Deleting an account will mean {{ user.get_username() }} will no longer be able to log in to the admin console.</p>
             <p>Are you sure you want to proceed?</p>
             <div class="form-label-group">
                 {{ form.password(class_="form-control", placeholder="Confirm Your Password", autofocus=true) }}
@@ -20,7 +20,7 @@
             <div class="container form-submission-button">
                 <div class="row">
                     <div class="col text-center">
-                        <a href="{{ url_for('admin_views.users') }}" autofocus="true" class="btn btn-md btn-primary btn-block" type="button">
+                        <a href="{{ url_for('admin._users') }}" autofocus="true" class="btn btn-md btn-primary btn-block" type="button">
                             <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-x-circle-fill" viewBox="0 0 16 16">
                                 <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM5.354 4.646a.5.5 0 1 0-.708.708L7.293 8l-2.647 2.646a.5.5 0 0 0 .708.708L8 8.707l2.646 2.647a.5.5 0 0 0 .708-.708L8.707 8l2.647-2.646a.5.5 0 0 0-.708-.708L8 7.293 5.354 4.646z"/>
                             </svg>

ref-test/app/admin/templates/admin/settings/index.html

@@ -0,0 +1,93 @@
+{% extends "admin/components/base.html" %}
+{% block title %}Settings — SKA Referee Test | Admin Console{% endblock %}
+
+{% block content %}
+    <h1>
+        Settings
+    </h1>
+    <div class="container">
+        <div class="row">
+            <div class="col-sm">
+                <div class="card m-3">
+                    <div class="card-body">
+                        <h5 class="card-title">Admin Users</h5>
+                        <div class="card-text">
+                            <table class="table table-striped">
+                                <thead>
+                                    <tr>
+                                        <th>
+                                            Username
+                                        </th>
+                                        <th>
+                                            Email Address
+                                        </th>
+                                    </tr>
+                                </thead>
+                                <tbody>
+                                    {% for user in users %}
+                                        <tr>
+                                            <td>
+                                                <a href="
+                                                {% if user == current_user %}
+                                                    {{ url_for('admin._update_user', id=current_user.id) }}
+                                                {% else %}
+                                                    {{ url_for('admin._update_user', id=user.id) }}
+                                                {% endif%}
+                                                ">{{ user.get_username() }}</a>
+                                            </td>
+                                            <td>
+                                                <a href="mailto:{{ user.get_email() }}">{{ user.get_email() }}</a>
+                                            </td>
+                                        </tr>
+                                    {% endfor %}
+                                </tbody>
+                            </table>
+                        </div>
+                        <a href="{{ url_for('admin._users') }}" class="btn btn-primary">Manage Users</a>
+                    </div>
+                </div>
+            </div>
+            <div class="col-sm">
+                <div class="card m-3">
+                    <div class="card-body">
+                        <h5 class="card-title">Question Datasets</h5>
+                        {% if datasets %}
+                            <div class="card-text">
+                                <table class="table table-striped">
+                                    <thead>
+                                        <tr>
+                                            <th>
+                                                Uploaded
+                                            </th>
+                                            <th>
+                                                Exams
+                                            </th>
+                                        </tr>
+                                    </thead>
+                                    <tbody>
+                                        {% for dataset in datasets %}
+                                            <tr>
+                                                <td>
+                                                    {{ dataset.date.strftime('%d %b %Y %H:%M') }}
+                                                </td>
+                                                <td>
+                                                    {{ dataset.tests|length }}
+                                                </td>
+                                            </tr>
+                                        {% endfor %}
+                                    </tbody>
+                                </table>
+                            </div>
+                            <a href="{{ url_for('admin._questions') }}" class="btn btn-primary">Manage Datasets</a>
+                        {% else %}
+                            <div class="alert alert-primary">
+                                There are currently no question datasets uploaded.
+                            </div>
+                            <a href="{{ url_for('admin._questions') }}" class="btn btn-primary">Upload Dataset</a>
+                        {% endif %}
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}

ref-test/app/admin/templates/admin/settings/questions.html

@@ -0,0 +1,121 @@
+{% extends "admin/components/datatable.html" %}
+{% block title %} SKA Referee Test | Upload Questions {% endblock %}
+{% block content %}
+    {% include "admin/components/client-alerts.html" %}
+    <h1>Manage Question Datasets</h1>
+    {% if data %}
+        <table id="question-datasets-table" class="table table-striped" style="width:100%">
+            <thead>
+                <tr>
+                    <th>
+
+                    </th>
+                    <th data-priority="2">
+                        Uploaded
+                    </th>
+                    <th data-priority="3">
+                        Author
+                    </th>
+                    <th data-priority="3">
+                        Exams
+                    </th>
+                    <th data-priority="1">
+                        Actions
+                    </th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for element in data %}
+                    <tr class="table-row">
+                        <td>
+                            {% if element.default %}
+                                <div class="text-success" title="Default Dataset">
+                                    <svg  xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" class="bi success bi-caret-right-fill" viewBox="0 0 16 16">
+                                        <path d="m12.14 8.753-5.482 4.796c-.646.566-1.658.106-1.658-.753V3.204a1 1 0 0 1 1.659-.753l5.48 4.796a1 1 0 0 1 0 1.506z"/>
+                                    </svg>
+                                </div>
+                            {% endif %}
+                        </td>
+                        <td>
+                            {{ element.date.strftime('%d %b %Y %H:%M') }}
+                        </td>
+                        <td>
+                            {{ element.creator.get_username() }}
+                        </td>
+                        <td>
+                            {{ element.tests|length }}
+                        </td>
+                        <td class="row-actions">
+                            <a
+                                href="#"
+                                class="btn btn-primary edit-question-dataset {% if element.filename == default %}disabled{% endif %}"
+                                data-filename="{{ element.filename }}"
+                                data-action="default"
+                                title="Make Default"
+                            >
+                                <i class="bi bi-file-earmark-text-fill button-icon"></i>
+                            </button>
+                            <a
+                                href="#"
+                                class="btn btn-danger edit-question-dataset {% if element.filename == default %}disabled{% endif %}"
+                                data-filename="{{ element.filename }}"
+                                data-action="delete"
+                                title="Delete Dataset"
+                            >
+                                <i class="bi bi-file-earmark-excel-fill button-icon"></i>
+                            </button>
+                        </td>
+                    </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    {% else %}
+        <div class="alert alert-primary alert-db-empty">
+            <i class="bi bi-info-circle-fill" aria-title="Alert" title="Alert"></i>
+            There are no question datasets uploaded. Please use the panel below to upload a new question dataset.
+        </div>
+    {% endif %}
+    <div class="form-container">
+        <form name="form-upload-questions" class="form-display" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="" enctype="multipart/form-data">
+            <h2 class="form-heading">Upload Question Dataset</h2>
+            {{ form.hidden_tag() }}
+            <div class="form-upload">
+                {{ form.data_file() }}
+            </div>
+            <div class="form-check">
+                {{ form.default(class_="form-check-input") }}
+                {{ form.default.label }}
+            </div>
+            <div class="container form-submission-button">
+                <div class="row">
+                    <div class="col text-center">
+                        <button title="Create User" class="btn btn-md btn-success btn-block" type="submit">
+                            <i class="bi bi-file-earmark-arrow-up-fill button-icon"></i>
+                            Upload Dataset
+                        </button>
+                    </div>
+                </div>
+            </div>
+        </form>
+    </div>
+{% endblock %}
+
+{% if data %}
+    {% block custom_data_script %}
+        <script>
+            $(document).ready(function() {
+                $('#question-datasets-table').DataTable({
+                    'columnDefs': [
+                        {'sortable': false, 'targets': [0,4]},
+                        {'searchable': false, 'targets': [0,3,4]}
+                    ],
+                    'order': [[1, 'desc'], [2, 'asc']],
+                    'responsive': 'true',
+                    'fixedHeader': 'true',
+                });
+            } );
+            $('#question-datasets-table').show();
+            $(window).trigger('resize');
+        </script>
+    {% endblock %}
+{% endif %}

ref-test/app/admin/templates/admin/settings/update_user.html

@@ -2,12 +2,12 @@
 
 {% block content %}
     <div class="form-container">
-        <form name="form-update-user" class="form-signin">
+        <form name="form-update-user" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="{{ url_for('admin._users') }}">
             {% include "admin/components/server-alerts.html" %}
-            <h2 class="form-signin-heading">Update User &lsquo;{{ user.username }}&rsquo;</h2>
+            <h2 class="form-heading">Update User &lsquo;{{ user.get_username() }}&rsquo;</h2>
             {{ form.hidden_tag() }}
             <div class="form-label-group">
-                {{ form.email(class_="form-control", placeholder="Email Address", value = user.email) }}
+                {{ form.email(class_="form-control", placeholder="Email Address", value = user.get_email()) }}
                 {{ form.email.label }}
             </div>
             <div class="form-label-group">
@@ -23,17 +23,17 @@
                 {{ form.notify.label }}
             </div>
             <div class="form-label-group">
-                Please confirm <strong>your password</strong> before committing any changes to a user account.
+                Please confirm <strong>your current password</strong> before committing any changes to a user account.
             </div>
             <div class="form-label-group">
-                {{ form.user_password(class_="form-control", placeholder="Your Password", value = user.email) }}
+                {{ form.confirm_password(class_="form-control", placeholder="Your Password", value = user.email) }}
-                {{ form.user_password.label }}
+                {{ form.confirm_password.label }}
             </div>
             {% include "admin/components/client-alerts.html" %}
             <div class="container form-submission-button">
                 <div class="row">
                     <div class="col text-center">
-                        <a href="{{ url_for('admin_views.users') }}" class="btn btn-md btn-danger btn-block" type="button">
+                        <a href="{{ url_for('admin._users') }}" class="btn btn-md btn-danger btn-block" type="button">
                             <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-x-circle-fill" viewBox="0 0 16 16">
                                 <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0zM5.354 4.646a.5.5 0 1 0-.708.708L7.293 8l-2.647 2.646a.5.5 0 0 0 .708.708L8 8.707l2.646 2.647a.5.5 0 0 0 .708-.708L8.707 8l2.647-2.646a.5.5 0 0 0-.708-.708L8 7.293 5.354 4.646z"/>
                             </svg>

ref-test/app/admin/templates/admin/settings/users.html

@@ -21,9 +21,9 @@
         </thead>
         <tbody>
             {% for user in users %}
-                <tr class="user-table-row">
+                <tr class="table-row">
                     <td>
-                        {% if user._id == get_id_from_cookie() %}
+                        {% if user == current_user %}
                             <div class="text-success" title="Current User">
                                 <svg  xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" class="bi success bi-caret-right-fill" viewBox="0 0 16 16">
                                     <path d="m12.14 8.753-5.482 4.796c-.646.566-1.658.106-1.658-.753V3.204a1 1 0 0 1 1.659-.753l5.48 4.796a1 1 0 0 1 0 1.506z"/>
@@ -32,18 +32,18 @@
                         {% endif %}
                     </td>
                     <td>
-                        {{ user.username }}
+                        {{ user.get_username() }}
                     </td>
                     <td>
-                        {{ user.email }}
+                        {{ user.get_email() }}
                     </td>
-                    <td class="user-row-actions">
+                    <td class="row-actions">
                         <a
                             href="
-                            {% if not user._id == get_id_from_cookie() %}
+                            {% if not user == current_user %}
-                                {{ url_for('admin_views.update_user', _id = user._id ) }}
+                                {{ url_for('admin._update_user', id = user.id ) }}
                             {% else %}
-                                {{ url_for('admin_auth.account') }}
+                                {{ url_for('admin._update_user', id=current_user.id) }}
                             {% endif %}
                             "
                             class="btn btn-primary"
@@ -53,15 +53,15 @@
                         </a>
                         <a
                             href="
-                            {% if not user._id == get_id_from_cookie()  %}
+                            {% if not user == current_user %}
-                                {{ url_for('admin_views.delete_user', _id = user._id ) }}
+                                {{ url_for('admin._delete_user', id = user.id ) }}
                             {% else %}
                                 #
                             {% endif %}
                             "
-                            class="btn btn-danger {% if user._id == get_id_from_cookie()  %} disabled {% endif %}"
+                            class="btn btn-danger {% if user == current_user  %} disabled {% endif %}"
                             title="Delete User"
-                            {% if user._id == get_id_from_cookie()  %} onclick="return false" {% endif %}
+                            {% if user == current_user  %} onclick="return false" {% endif %}
                         >
                             <i class="bi bi-person-x-fill button-icon"></i>
                         </button>
@@ -71,8 +71,8 @@
         </tbody>
     </table>
     <div class="form-container">
-        <form name="form-create-user" class="form-signin">
+        <form name="form-create-user" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="">
-            <h2 class="form-signin-heading">Create User</h2>
+            <h2 class="form-heading">Create User</h2>
             {{ form.hidden_tag() }}
             <div class="form-label-group">
                 {{ form.username(class_="form-control", placeholder="Enter Username") }}

ref-test/app/admin/templates/admin/test.html

@@ -0,0 +1,186 @@
+{% extends "admin/components/base.html" %}
+{% block title %} SKA Referee Test | Edit Exam {% endblock %}
+{% block content %}
+    <h1>Edit Exam</h1>
+
+    <div class="container">
+        <div class="row justify-content-center">
+            <div class="col-lg-6">          
+                <ul class="list-group">
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Exam Code</h5>
+                        </div>
+                        <h2>
+                            {{ test.get_code() }}
+                        </h2>
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Dataset</h5>
+                        </div>
+                        {{ test.dataset.date.strftime('%Y%m%d%H%M%S') }}
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Created By</h5>
+                        </div>
+                        {{ test.creator.get_username() }}
+                    </li>
+                    
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Start Date</h5>
+                        </div>
+                        {{ test.start_date.strftime('%d %b %Y %H:%M') }}
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Expiry Date</h5>
+                        </div>
+                        {{ test.end_date.strftime('%d %b %Y %H:%M') }}
+                    </li>
+                    <li class="list-group-item list-group-item-action">
+                        <div class="d-flex w-100 justify-content-between">
+                            <h5 class="mb-1">Time Limit</h5>
+                        </div>
+                        {% if test.time_limit == None -%}
+                            None
+                        {% elif test.time_limit == 60 -%}
+                            1 hour
+                        {% elif test.time_limit == 90 -%}
+                            1 hour 30 min
+                        {% elif test.time_limit == 120 -%}
+                            2 hours
+                        {% else -%}
+                            {{ test.time_limit }}
+                        {% endif %}
+                    </li>
+                    <div class="accordion" id="test-info-detail">
+                        {% if test.entries|length > 0 %}
+                            <div class="accordion-item">
+                                <h2 class="accordion-header" id="test-entries">
+                                    <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#test-entries-list" aria-expanded="false" aria-controls="test-entries-list">
+                                        List Test Entries
+                                    </button>
+                                </h2>
+                                <div id="test-entries-list" class="accordion-collapse collapse" aria-labelledby="test-entries" data-bs-parent="#test-info-detail">
+                                    <div class="accordion-body">
+                                        <table class="table table-striped">
+                                            <tbody>
+                                                {% for entry in test.entries %}
+                                                    <tr>
+                                                        <td>
+                                                            <a href="{{ url_for('admin._view_entry', id=entry) }}" >Entry {{ loop.index }}</a>
+                                                        </td>
+                                                    </tr>
+                                                {% endfor %}
+                                            </tbody>
+                                        </table>
+                                    </div>
+                                </div>
+                            </div>
+                        {% endif %}
+                        {% if test.adjustments %}
+                            <div class="accordion-item">
+                                <h2 class="accordion-header" id="test-adjustments">
+                                    <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#test-adjustments-list" aria-expanded="false" aria-controls="test-adjustments-list">
+                                        List Time Adjustments
+                                    </button>
+                                </h2>
+                                <div id="test-adjustments-list" class="accordion-collapse collapse" aria-labelledby="test-adjustments" data-bs-parent="#test-info-detail">
+                                    <div class="accordion-body">
+                                        <table class="table table-striped">
+                                            <thead>
+                                                <tr>
+                                                    <th>
+                                                        User Code
+                                                    </th>
+                                                    <th>
+                                                        Adjustment (Minutes)
+                                                    </th>
+                                                    <th>
+                                                        Delete
+                                                    </th>
+                                                </tr>
+                                            </thead>
+                                            <tbody>
+                                                {% for key, value in test.adjustments.items() %}
+                                                    <tr>
+                                                        <td>
+                                                            {{ key.upper() }}
+                                                        </td>
+                                                        <td>
+                                                            {{ value }}
+                                                        </td>
+                                                        <td>
+                                                            <a href="javascript::void(0);" class="btn btn-danger adjustment-delete" title="Delete Adjustment" data-user_code="{{ key }}">
+                                                                <i class="bi bi-slash-circle-fill button-icon"></i>
+                                                            </a>
+                                                        </td>
+                                                    </tr>
+                                                {% endfor %}
+                                            </tbody>
+                                        </table>
+                                    </div>
+                                </div>
+                            </div>
+                        {% endif %}
+                        {% if not test.time_limit == None %}
+                            <div class="accordion-item">
+                                <h2 class="accordion-header" id="test-add-adjustments">
+                                    <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#test-adjustments-add" aria-expanded="false" aria-controls="test-adjustments-add">
+                                        Add Time Adjustments
+                                    </button>
+                                </h2>
+                                <div id="test-adjustments-add" class="accordion-collapse collapse" aria-labelledby="test-add-adjustments" data-bs-parent="#test-info-detail">
+                                    <div class="accordion-body">
+                                        <form name="form-add-adjustment" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="">
+                                            {{ form.hidden_tag() }}
+                                            <div class="form-label-group">
+                                                {{ form.time(class_="form-control", placeholder="Enter Time") }}
+                                                {{ form.time.label }}
+                                            </div>
+                                            <div class="container form-submission-button">
+                                                <div class="row">
+                                                    <div class="col text-center">
+                                                        <button title="Add Time Adjustment" class="btn btn-md btn-success btn-block" type="submit">
+                                                            <i class="bi bi-clock-history button-icon"></i>
+                                                            Add Time Adjustment
+                                                        </button>
+                                                    </div>
+                                                </div>
+                                            </div>
+                                        </form>
+                                    </div>
+                                </div>
+                            </div>
+                        {% endif %}
+                    </div>
+                </ul>
+                <div class="row">
+                    {% include "admin/components/client-alerts.html" %}
+                </div>
+                <div class="container justify-content-center">
+                    <div class="row">
+                        {% if test.start_date <= now %}
+                            <a href="#" class="btn btn-warning test-action {% if test.end_date < now %}disabled{% endif %}" data-action="end" data-id="{{ test.id }}">
+                                <i class="bi bi-hourglass-bottom button-icon"></i>
+                                Close Exam
+                            </a>
+                        {% else  %}
+                            <a href="#" class="btn btn-success test-action {% if test.start_date < now %}disabled{% endif %}" data-action="start" data-id="{{ test.id }}">
+                                <i class="bi bi-hourglass-top button-icon"></i>
+                                Start Exam
+                            </a>
+                        {% endif %}
+                        <a href="#" class="btn btn-danger test-action" data-action="delete" data-id="{{ test.id }}">
+                            <i class="bi bi-file-earmark-excel-fill button-icon"></i>
+                            Delete Exam
+                        </a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+{% endblock %}

ref-test/app/admin/templates/admin/tests.html

@@ -1,6 +1,7 @@
 {% extends "admin/components/datatable.html" %}
 {% block title %} SKA Referee Test | Manage Exams {% endblock %}
 {% block content %}
+    {% include "admin/components/client-alerts.html" %}
     <h1>Manage Exams</h1>
     {% include "admin/components/secondary-navs/tests.html" %}
     <h2>{{ display_title }}</h2>
@@ -30,46 +31,48 @@
             </thead>
             <tbody>
                 {% for test in tests %}
-                    <tr class="user-table-row">
+                    <tr class="table-row">
                         <td>
-                            {{ test.start_date.strftime('%d %b %Y') }}
+                            {{ test.start_date.strftime('%d %b %y %H:%M') }}
                         </td>
                         <td>
-                            {{ '—'.join([test.test_code[:4], test.test_code[4:8], test.test_code[8:]]) }}
+                            {{ test.get_code() }}
                         </td>
                         <td>
-                            {{ test.expiry_date.strftime('%d %b %Y') }}
+                            {{ test.end_date.strftime('%d %b %Y %H:%M') }}
                         </td>
                         <td>
                             {% if test.time_limit == None -%}
                                 None
-                            {% elif test.time_limit == '60' -%}
+                            {% elif test.time_limit == 60 -%}
                                 1 hour
-                            {% elif test.time_limit == '90' -%}
+                            {% elif test.time_limit == 90 -%}
                                 1 hour 30 min
-                            {% elif test.time_limit == '120' -%}
+                            {% elif test.time_limit == 120 -%}
                                 2 hours
                             {% else -%}
                                 {{ test.time_limit }}
                             {% endif %}
                         </td>
                         <td>
-                            {{ test.attempts|length }}
+                            {{ test.entries|length }}
                         </td>
-                        <td class="test-row-actions">
+                        <td class="row-actions">
                             <a
                                 href="#"
-                                class="btn btn-primary edit-test"
+                                class="btn btn-primary test-action"
-                                data-_id="{{test._id}}"
+                                data-id="{{test.id}}"
                                 title="Edit Exam"
+                                data-action="edit"
                             >
                                 <i class="bi bi-file-earmark-text-fill button-icon"></i>
                             </a>
                             <a
                                 href="#"
-                                class="btn btn-danger delete-test"
+                                class="btn btn-danger test-action"
-                                data-_id="{{test._id}}"
+                                data-id="{{test.id}}"
                                 title="Delete Exam"
+                                data-action="delete"
                             >
                                 <i class="bi bi-file-earmark-excel-fill button-icon"></i>
                             </button>
@@ -86,8 +89,8 @@
     {% endif %}
     {% if form %}
         <div class="form-container">
-            <form name="form-create-test" class="form-signin">
+            <form name="form-create-test" class="form-display form-post" action="{{ url_for(request.endpoint, **request.view_args) }}" data-rel-success="/admin/tests/">
-                <h2 class="form-signin-heading">Create Exam</h2>
+                <h2 class="form-heading">Create Exam</h2>
                 {{ form.hidden_tag() }}
                 <div class="form-date-input">
                     {{ form.start_date(placeholder="Enter Start Date", class_ = "datepicker") }}
@@ -101,6 +104,10 @@
                     {{ form.time_limit(placeholder="Select Time Limit") }}
                     {{ form.time_limit.label }}
                 </div>
+                <div class="form-select-input">
+                    {{ form.dataset(placeholder="Select Question Dataset") }}
+                    {{ form.dataset.label }}
+                </div>
                 {% include "admin/components/client-alerts.html" %}
                 <div class="container form-submission-button">
                     <div class="row">
@@ -153,7 +160,7 @@
             });
             // $('.buttons-pdf').html('<span class="glyphicon glyphicon-file" data-toggle="tooltip" title="Export To Excel"/>') -->
         } );
-        $('#test-table').show();
+        $('#active-test-table').show();
         $(window).trigger('resize');
     </script>
     {% endblock %}

ref-test/app/admin/views.py

@@ -0,0 +1,392 @@
+from ..forms.admin import AddTimeAdjustment, CreateTest, CreateUser, DeleteUser, Login, Register, ResetPassword, UpdatePassword, UpdateUser, UploadData
+from ..models import Dataset, Entry, Test, User
+from ..tools.auth import disable_if_logged_in, require_account_creation
+from ..tools.forms import get_dataset_choices, get_time_options
+from ..tools.data import check_is_json, validate_json
+from ..tools.test import  answer_options, get_correct_answers
+
+from flask import Blueprint, jsonify, render_template, redirect, request, session
+from flask.helpers import flash, url_for
+from flask_login import current_user, login_required
+
+from datetime import date, datetime
+from json import loads
+import secrets
+
+admin = Blueprint(
+    name='admin',
+    import_name=__name__,
+    template_folder='templates',
+    static_folder='static'
+)
+
+@admin.route('/')
+@admin.route('/home/')
+@admin.route('/dashboard/')
+@login_required
+def _home():
+    tests = Test.query.all()
+    results = Entry.query.all()
+    current_tests = [ test for test in tests if test.end_date >= datetime.now() and test.start_date.date() <= date.today() ]
+    current_tests.sort(key= lambda x: x.end_date, reverse=True)
+    upcoming_tests = [ test for test in tests if test.start_date.date() > datetime.now().date()]
+    upcoming_tests.sort(key= lambda x: x.start_date)
+    recent_results = [result for result in results if not result.status == 'started' ]
+    recent_results.sort(key= lambda x: x.end_time, reverse=True)
+    return render_template('/admin/index.html', current_tests = current_tests, upcomimg_tests = upcoming_tests, recent_results = recent_results)
+
+@admin.route('/settings/')
+@login_required
+def _settings():
+    users = User.query.all()
+    datasets = Dataset.query.all()
+    return render_template('/admin/settings/index.html', users=users, datasets=datasets)
+
+@admin.route('/login/', methods=['GET','POST'])
+@disable_if_logged_in
+@require_account_creation
+def _login():
+    form = Login()
+    if request.method == 'POST':
+        if form.validate_on_submit():
+            users = User.query.all()
+            user = None
+            for _user in users:
+                if _user.get_username() == request.form.get('username').lower():
+                    user = _user
+                    break
+            if user:
+                if user.verify_password(request.form.get('password')):
+                    user.login(remember=request.form.get('remember'))
+                    return jsonify({'success': f'Successfully logged in.'}), 200
+                return jsonify({'error': f'The password you entered is incorrect.'}), 401
+            return jsonify({'error': f'The username you entered does not exist.'}), 401
+        errors = [*form.username.errors, *form.password.errors]
+        return jsonify({ 'error': errors}), 400
+    if 'remembered_username' in session: form.username.data = session.pop('remembered_username')
+    next = request.args.get('next')
+    return render_template('/admin/auth/login.html', form=form, next=next)
+
+@admin.route('/logout/')
+@login_required
+def _logout():
+    current_user.logout()
+    return redirect(url_for('admin._login'))
+
+@admin.route('/register/', methods=['GET','POST'])
+@disable_if_logged_in
+def _register():
+    from ..models.user import User
+    form = Register()
+    if request.method == 'POST':
+        if form.validate_on_submit():
+            new_user = User()
+            new_user.set_username(request.form.get('username').lower())
+            new_user.set_email(request.form.get('email').lower())
+            success, message = new_user.register(password=request.form.get('password'))
+            if success:
+                flash(message=f'{message} Please log in to continue.', category='success')
+                session['remembered_username'] = request.form.get('username').lower()
+                return jsonify({'success': message}), 200
+            flash(message=message, category='error')
+            return jsonify({'error': message}), 401
+        errors = [*form.username.errors, *form.email.errors, *form.password.errors, *form.password_reenter.errors]
+        return jsonify({ 'error': errors}), 400
+    return render_template('admin/auth/register.html', form=form)
+
+@admin.route('/reset/', methods=['GET','POST'])
+def _reset():
+    form = ResetPassword()
+    if request.method == 'POST':
+        if form.validate_on_submit():
+            user = None
+            users = User.query.all()
+            for _user in users:
+                if _user.get_username() == request.form.get('username'):
+                    user = _user
+                    break
+            if not user: return jsonify({'error': 'The user account does not exist.'}), 400
+            if not user.get_email() == request.form.get('email'): return jsonify({'error': 'The email address does not match the user account.'}), 400
+            return user.reset_password()
+        errors = [*form.username.errors, *form.email.errors]
+        return jsonify({ 'error': errors}), 400
+    
+    token = request.args.get('token')
+    if token:
+        user = User.query.filter_by(reset_token=token).first()
+        if not user: return redirect(url_for('admin._reset'))
+        verification_token = user.verification_token
+        user.clear_reset_tokens()
+        if request.args.get('verification') == verification_token:
+            form = UpdatePassword()
+            return render_template('/auth/update_password.html', form=form, user=user.id)
+        flash('The verification of your password reset request failed and the token has been invalidated. Please make a new reset password request.', 'error')
+
+    return render_template('/admin/auth/reset.html', form=form)
+
+@admin.route('/update_password/', methods=['POST'])
+def _update_password():
+    form = UpdatePassword()
+    if form.validate_on_submit():
+        user = request.form.get('user')
+        user = User.query.filter_by(id=user).first()
+        user.update(password=request.form.get('password'))
+        session['remembered_username'] = user.get_username()
+        flash('Your password has been reset.', 'success')
+        return jsonify({'success':'Your password has been reset'}), 200
+    errors = [*form.password.errors, *form.password_reenter.errors]
+    return jsonify({ 'error': errors}), 401
+
+@admin.route('/settings/users/', methods=['GET', 'POST'])
+@login_required
+def _users():
+    form = CreateUser()
+    users = User.query.all()
+    if request.method == 'POST':
+        if form.validate_on_submit():
+            password = request.form.get('password')
+            password = secrets.token_hex(12) if not password else password
+            new_user = User()
+            new_user.set_username(request.form.get('username').lower())
+            new_user.set_email(request.form.get('email'))
+            success, message = new_user.register(notify=request.form.get('notify'), password=password)
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 401
+        errors = [*form.username.errors, *form.email.errors, *form.password.errors]
+        return jsonify({ 'error': errors}), 401
+    return render_template('/admin/settings/users.html', form = form, users = users)
+
+@admin.route('/settings/users/delete/<string:id>', methods=['GET', 'POST'])
+@login_required
+def _delete_user(id:str):
+    user = User.query.filter_by(id=id).first()
+    form = DeleteUser()
+    if request.method == 'POST': 
+        if not user: return jsonify({'error': 'User does not exist.'}), 400
+        if id == current_user.id: return jsonify({'error': 'Cannot delete your own account.'}), 400
+        if form.validate_on_submit():
+            password = request.form.get('password')
+            if not current_user.verify_password(password): return jsonify({'error': 'The password you entered is incorrect.'}), 401
+            success, message = user.delete(notify=request.form.get('notify'))
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        errors = form.password.errors
+        return jsonify({ 'error': errors}), 400
+
+    if id == current_user.id:
+        flash('Cannot delete your own user account.', 'error')
+        return redirect(url_for('admin._users'))
+    if not user:
+        flash('User not found.', 'error')
+        return redirect(url_for('admin._users'))
+    return render_template('/admin/settings/delete_user.html', form=form, id = id, user = user)
+
+@admin.route('/settings/users/update/<string:id>', methods=['GET', 'POST'])
+@login_required
+def _update_user(id:str):
+    user = User.query.filter_by(id=id).first()
+    form = UpdateUser()
+    if request.method == 'POST': 
+        if not user: return jsonify({'error': 'User does not exist.'}), 400
+        if form.validate_on_submit():
+            if not user.verify_password(request.form.get('confirm_password')): return jsonify({'error': 'Invalid password for your account.'}), 401
+            success, message = user.update(
+                password = request.form.get('password'),
+                email = request.form.get('email'),
+                notify = request.form.get('notify')
+            )
+            if success:
+                flash(message, 'success')
+                return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        errors = [*form.confirm_password.errors, *form.email.errors, *form.password.errors, *form.password_reenter.errors]
+        return jsonify({ 'error': errors}), 400
+    if not user:
+        flash('User not found.', 'error')
+        return redirect(url_for('admin._users'))
+    return render_template('/admin/settings/update_user.html', form=form, id = id, user = user)
+
+@admin.route('/settings/questions/', methods=['GET', 'POST'])
+@login_required
+def _questions():
+    form = UploadData()
+    if request.method == 'POST':
+        if form.validate_on_submit():
+            upload = form.data_file.data
+            if not check_is_json(upload): return jsonify({'error': 'Invalid file. Please upload a JSON file.'}), 400
+            if not validate_json(upload): return jsonify({'error': 'The data in the file is invalid.'}), 400 # TODO Perhaps make a more complex validation script
+            new_dataset = Dataset()
+            success, message = new_dataset.create(
+                upload = upload,
+                default = request.form.get('default')
+            )
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        errors = form.data_file.errors
+        return jsonify({ 'error': errors}), 400
+
+    data = Dataset.query.all()
+    return render_template('/admin/settings/questions.html', form=form, data=data)
+
+@admin.route('/settings/questions/edit/', methods=['POST'])
+@login_required
+def _edit_questions():
+    id = request.get_json()['id']
+    action = request.get_json()['action']
+    if action not in ['defailt', 'delete']: return jsonify({'error': 'Invalid action.'}), 400
+    dataset = Dataset.query.filter_by(id=id).first()
+    if action == 'delete': success, message = dataset.delete()
+    elif action == 'default': success, message = dataset.make_default()
+    if success: return jsonify({'success': message}), 200
+    return jsonify({'error': message}), 400
+
+@admin.route('/tests/<string:filter>/', methods=['GET'])
+@admin.route('/tests/', methods=['GET'])
+@login_required
+def _tests(filter:str=None):
+    datasets = Dataset.query.all()
+    tests = None
+    _tests = Test.query.all()
+    form = None
+    now = datetime.now()
+    if not datasets:
+        flash('There are no available question datasets. Please upload a question dataset in order to set up an exam.', 'error')
+        return redirect(url_for('admin._questions'))
+    if filter not in ['create','active','scheduled','expired','all']: return redirect(url_for('admin._tests', filter='active'))
+    if filter == 'create':
+        form = CreateTest()
+        form.time_limit.choices = get_time_options()
+        form.dataset.choices = get_dataset_choices()
+        form.time_limit.default='none'
+        form.process()
+        display_title = ''
+        error_none = ''
+    if filter in [None, '', 'active']:
+        tests = [ test for test in _tests if test.end_date >= now and test.start_date <= now ]
+        display_title = 'Active Exams'
+        error_none = 'There are no exams that are currently active. You can create one using the Creat Exam form.'
+    if filter == 'expired':
+        tests = [ test for test in _tests if test.end_date < now ]
+        display_title = 'Expired Exams'
+        error_none = 'There are no expired exams. Exams will appear in this category after their expiration date has passed.'
+    if filter == 'scheduled':
+        tests = [ test for test in _tests if test.start_date > now]
+        display_title = 'Scheduled Exams'
+        error_none = 'There are no scheduled exams pending. You can schedule an exam for the future using the Create Exam form.'
+    if filter == 'all':
+        tests = _tests
+        display_title = 'All Exams'
+        error_none = 'There are no exams set up. You can create one using the Create Exam form.'
+    return render_template('/admin/tests.html', form = form, tests=tests, display_title=display_title, error_none=error_none, filter=filter)
+
+@admin.route('/tests/create/', methods=['POST'])
+@login_required
+def _create_test():
+    form = CreateTest()
+    form.dataset.choices = get_dataset_choices()
+    form.time_limit.choices = get_time_options()
+    if form.validate_on_submit():
+        new_test = Test()
+        new_test.start_date = request.form.get('start_date')
+        new_test.start_date = datetime.strptime(new_test.start_date, '%Y-%m-%dT%H:%M')
+        new_test.end_date = request.form.get('expiry_date')
+        new_test.end_date = datetime.strptime(new_test.end_date, '%Y-%m-%dT%H:%M')
+        new_test.time_limit = None if request.form.get('time_limit') == 'none' else int(request.form.get('time_limit'))
+        dataset = request.form.get('dataset')
+        new_test.dataset = Dataset.query.filter_by(id=dataset).first()
+        success, message = new_test.create()
+        if success:
+            flash(message=message, category='success')
+            return jsonify({'success': message}), 200
+        return jsonify({'error': message}), 400
+    else:
+        errors = [*form.start_date.errors, *form.expiry_date.errors, *form.time_limit.errors]
+        return jsonify({ 'error': errors}), 400
+
+@admin.route('/tests/edit/', methods=['POST'])
+@login_required
+def _edit_test():
+    id = request.get_json()['id']
+    action = request.get_json()['action']
+    if action not in ['start', 'delete', 'end']: return jsonify({'error': 'Invalid action.'}), 400
+    test = Test.query.filter_by(id=id).first()
+    if not test: return jsonify({'error': 'Could not find the corresponding test to delete.'}), 404
+    if action == 'delete': success, message = test.delete()
+    if action == 'start': success, message = test.start()
+    if action == 'end': success, message = test.end()
+    if success:
+        flash(message=message, category='success')
+        return jsonify({'success': message}), 200
+    return jsonify({'error': message}), 400
+
+@admin.route('/test/<string:id>/', methods=['GET','POST'])
+@login_required
+def _view_test(id:str=None):    
+    form = AddTimeAdjustment()
+    test = Test.query.filter_by(id=id).first()
+    if request.method == 'POST':
+        if not test: return jsonify({'error': 'Invalid test ID.'}), 404
+        if form.validate_on_submit():
+            time = int(request.form.get('time'))
+            success, message = test.add_adjustment(time)
+            if success: return jsonify({'success': message}), 200
+            return jsonify({'error': message}), 400
+        return jsonify({'error': form.time.errors }), 400
+    if not test:
+        flash('Invalid test ID.', 'error')
+        return redirect(url_for('admin._tests', filter='active'))
+    return render_template('/admin/test.html', test = test, form = form)
+
+@admin.route('/test/<string:id>/delete-adjustment/', methods=['POST'])
+@login_required
+def _delete_adjustment(id:str=None):
+    test = Test.query.filter_by(id=id).first()
+    if not test: return jsonify({'error': 'Invalid test ID.'}), 404
+    user_code = request.get_json()['user_code'].lower()
+    success, message = test.remove_adjustment(user_code)
+    if success: return jsonify({'success': message}), 200
+    return jsonify({'error': message}), 400
+
+@admin.route('/results/')
+@login_required
+def _view_entries():
+    entries = Entry.query.all()
+    return render_template('/admin/results.html', entries = entries)
+
+@admin.route('/results/<string:id>/', methods = ['GET', 'POST'])
+@login_required
+def _view_entry(id:str=None):
+    entry = Entry.query.filter_by(id=id).first()
+    if request.method == 'POST':
+        if not entry: return jsonify({'error': 'Invalid entry ID.'}), 404
+        action = request.get_json()['action']
+        if action not in ['validate', 'delete']: return jsonify({'error': 'Invalid action.'}), 400
+        if action == 'validate':
+            success, message = entry.validate()
+        if action == 'delete':
+            success, message = entry.delete()
+        if success:
+            flash(message, 'success')
+            entry.notify_result()
+            return jsonify({'success': message}), 200
+        return jsonify({'error': message}),400
+    if not entry:
+        flash('Invalid entry ID.', 'error')
+        return redirect(url_for('admin._view_entries'))
+    test = entry.test
+    dataset = test.dataset
+    dataset_path = dataset.get_file()
+    with open(dataset_path, 'r') as _dataset:
+        data = loads(_dataset.read())
+    correct = get_correct_answers(dataset=data)
+    answers = answer_options(dataset=data)
+    return render_template('/admin/result-detail.html', entry = entry, correct = correct, answers = answers)
+
+@admin.route('/certificate/',methods=['POST'])
+@login_required
+def _generate_certificate():
+    from main import db
+    id = request.get_json()['id']
+    entry = Entry.query.filter_by(id=id).first()
+    if not entry: return jsonify({'error': 'Invalid entry ID.'}), 404
+    return render_template('/admin/components/certificate.html', entry = entry)

ref-test/app/api/views.py

@@ -0,0 +1,66 @@
+from ..models import Dataset, Entry
+from ..tools.test import evaluate_answers, generate_questions
+
+from flask import Blueprint, jsonify, request
+
+from datetime import datetime, timedelta
+from json import loads
+
+api = Blueprint(
+    name='api',
+    import_name=__name__
+)
+
+@api.route('/questions/', methods=['POST'])
+def _fetch_questions():
+    id = request.get_json()['id']
+    entry = Entry.query.filter_by(id=id).first()
+    if not entry: return jsonify({'error': 'Invalid entry ID.'}), 400
+    test = entry.test
+    user_code = entry.user_code
+    time_limit = test.time_limit
+    time_adjustment = 0
+    if time_limit:
+        _time_limit = int(time_limit)
+        if user_code:
+            time_adjustment = test.adjustments[user_code]
+            _time_limit += time_adjustment
+        end_delta = timedelta(minutes=_time_limit)
+        end_time = datetime.utcnow() + end_delta
+    else:
+        end_time = None
+    entry.start()
+    dataset = test.dataset
+    success, message = dataset.check_file()
+    if not success: return jsonify({'error': message}), 500
+    data_path = dataset.get_file()
+    with open(data_path, 'r') as data_file:
+        data = loads(data_file.read())
+    questions = generate_questions(data)
+    return jsonify({
+        'time_limit': end_time,
+        'questions': questions,
+        'start_time': entry.start_time,
+        'time_adjustment': time_adjustment
+    }), 200
+
+@api.route('/submit/', methods=['POST'])
+def _submit_quiz():
+    id = request.get_json()['id']
+    answers = request.get_json()['answers']
+    entry = Entry.query.filter_by(id=id).first()
+    if not entry: return jsonify({'error': 'Unrecognised Entry.'}), 400
+    test = entry.test
+    dataset = test.dataset
+    success, message = dataset.check_file()
+    if not success: return jsonify({'error': message}), 500
+    data_path = dataset.get_file()
+    with open(data_path, 'r') as data_file:
+        data = loads(data_file.read())
+    result = evaluate_answers(answers=answers, key=data)
+    entry.complete(answers=answers, result=result)
+    return jsonify({
+        'success': 'Your submission has been processed. Redirecting you to receive your results.',
+        'id': id
+    }), 200
+    

ref-test/app/config.py

@@ -0,0 +1,47 @@
+import os
+from pathlib import Path
+
+if not os.getenv('DATA'):
+    from dotenv import load_dotenv
+    load_dotenv('../.env')
+
+class Config(object):
+    APP_HOST = '0.0.0.0'
+    DATA = os.getenv('DATA')
+    DEBUG = False
+    TESTING = False
+    SECRET_KEY = os.getenv('SECRET_KEY')
+    SERVER_NAME = os.getenv('SERVER_NAME')
+    SESSION_COOKIE_SECURE = True
+    SQLALCHEMY_DATABASE_URI = f'sqlite:///{Path(DATA)}/database.db'
+    SQLALCHEMY_TRACK_MODIFICATIONS = False
+
+    MAIL_SERVER = os.getenv('MAIL_SERVER')
+    MAIL_PORT = int(os.getenv('MAIL_PORT'))
+    MAIL_USE_TLS = False
+    MAIL_USE_SSL = False
+    MAIL_DEBUG = False
+    MAIL_USERNAME = os.getenv('MAIL_USERNAME')
+    MAIL_PASSWORD = os.getenv('MAIL_PASSWORD')
+    MAIL_DEFAULT_SENDER = os.getenv('MAIL_DEFAULT_SENDER')
+    MAIL_MAX_EMAILS = int(os.getenv('MAIL_MAX_EMAILS'))
+    MAIL_SUPPRESS_SEND = False
+    MAIL_ASCII_ATTACHMENTS = bool(os.getenv('MAIL_ASCII_ATTACHMENTS'))
+
+class ProductionConfig(Config):
+    pass
+
+class DevelopmentConfig(Config):
+    APP_HOST = '127.0.0.1'
+    DEBUG = True
+    SESSION_COOKIE_SECURE = False
+    MAIL_SERVER = 'localhost'
+    MAIL_DEBUG = True
+    MAIL_SUPPRESS_SEND = False
+
+class TestingConfig(DevelopmentConfig):
+    TESTING = True
+    SESSION_COOKIE_SECURE = False
+    MAIL_SERVER = os.getenv('MAIL_SERVER')
+    MAIL_DEBUG = True
+    MAIL_SUPPRESS_SEND = False

ref-test/app/data.py

@@ -0,0 +1,5 @@
+from config import Config
+from os import path
+from pathlib import Path
+
+data = Path(Config.DATA)

ref-test/app/forms/admin.py

@@ -1,56 +1,64 @@
-from flask_wtf import FlaskForm
+from ..tools.forms import value
-from wtforms import StringField, PasswordField, BooleanField, DateField, SelectField
-from wtforms.validators import InputRequired, Email, Length, EqualTo, Optional
-from datetime import date, timedelta
 
-class LoginForm(FlaskForm):
+from flask_wtf import FlaskForm
+from flask_wtf.file import FileAllowed, FileField, FileRequired
+from wtforms import BooleanField, IntegerField, PasswordField, SelectField, StringField
+from wtforms.fields import DateTimeLocalField
+from wtforms.validators import InputRequired, Email, EqualTo, Length, Optional
+
+from datetime import date, datetime, timedelta
+
+class Login(FlaskForm):
     username = StringField('Username', validators=[InputRequired(), Length(min=4, max=15)])
     password = PasswordField('Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     remember = BooleanField('Remember Log In', render_kw={'checked': True})
 
-class RegistrationForm(FlaskForm):
+class Register(FlaskForm):
     username = StringField('Username', validators=[InputRequired(), Length(min=4, max=15)])
     email = StringField('Email Address', validators=[InputRequired(), Email(message='You must enter a valid email address.'), Length(max=50)])
     password = PasswordField('Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     password_reenter = PasswordField('Re-Enter Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.'), EqualTo('password', message='Passwords do not match.')])
 
-class ResetPasswordForm(FlaskForm):
+class ResetPassword(FlaskForm):
     username = StringField('Username', validators=[InputRequired(), Length(min=4, max=15)])
     email = StringField('Email Address', validators=[InputRequired(), Email(message='You must enter a valid email address.'), Length(max=50)])
 
-class UpdatePasswordForm(FlaskForm):
+class UpdatePassword(FlaskForm):
     password = PasswordField('Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     password_reenter = PasswordField('Re-Enter Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.'), EqualTo('password', message='Passwords do not match.')])
 
-class CreateUserForm(FlaskForm):
+class CreateUser(FlaskForm):
     username = StringField('Username', validators=[InputRequired(), Length(min=4, max=15)])
     email = StringField('Email Address', validators=[InputRequired(), Email(message='You must enter a valid email address.'), Length(max=50)])
     password = PasswordField('Password (Optional)', validators=[Optional(),Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
+    notify = BooleanField('Notify accout creation by email', render_kw={'checked': True})
 
-class DeleteUserForm(FlaskForm):
+class DeleteUser(FlaskForm):
     password = PasswordField('Confirm Your Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     notify = BooleanField('Notify deletion by email', render_kw={'checked': True})
 
-class UpdateUserForm(FlaskForm):
+class UpdateUser(FlaskForm):
-    user_password = PasswordField('Confirm Your Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
+    confirm_password = PasswordField('Confirm Your Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     email = StringField('Email Address', validators=[Optional(), Email(message='You must enter a valid email address.'), Length(max=50)])
     password = PasswordField('Change Password', validators=[Optional(),Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     password_reenter = PasswordField('Re-Enter New Password', validators=[EqualTo('password', message='Passwords do not match.')])
     notify = BooleanField('Notify changes by email', render_kw={'checked': True})
 
-class UpdateAccountForm(FlaskForm):
+class UpdateAccount(FlaskForm):
-    password_confirm = PasswordField('Current Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
+    confirm_password = PasswordField('Current Password', validators=[InputRequired(), Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     email = StringField('Email Address', validators=[Optional(), Email(message='You must enter a valid email address.'), Length(max=50)])
     password = PasswordField('Change Password', validators=[Optional(),Length(min=6, max=30, message='The password must be between 6 and 20 characters long.')])
     password_reenter = PasswordField('Re-Enter New Password', validators=[EqualTo('password', message='Passwords do not match.')])
 
 class CreateTest(FlaskForm):
-    start_date = DateField('Start Date', format="%Y-%m-%d", validators=[InputRequired()], default = date.today() )
+    start_date = DateTimeLocalField('Start Date', format='%Y-%m-%dT%H:%M', validators=[InputRequired()], default = datetime.now() )
-    time_options = [
+    expiry_date = DateTimeLocalField('Expiry Date', format='%Y-%m-%dT%H:%M', validators=[InputRequired()], default = date.today() + timedelta(days=1) )
-        ('none', 'None'),
+    time_limit = SelectField('Time Limit')
-        ('60', '1 hour'),
+    dataset = SelectField('Question Dataset')
-        ('90', '1 hour 30 minutes'),
+
-        ('120', '2 hours')
+class UploadData(FlaskForm):
-    ]
+    data_file = FileField('Data File', validators=[FileRequired(), FileAllowed(['json'])])
-    expiry_date = DateField('Expiry Date', format="%Y-%m-%d", validators=[InputRequired()], default = date.today() + timedelta(days=1) )
+    default = BooleanField('Make Default', render_kw={'checked': True})
-    time_limit = SelectField('Time Limit', choices=time_options)
+
+class AddTimeAdjustment(FlaskForm):
+    time = IntegerField('Extra Time (Minutes)', validators=[InputRequired(), value(max=60)])

ref-test/app/forms/quiz.py

@@ -1,6 +1,6 @@
 from flask_wtf import FlaskForm
-from wtforms import StringField, PasswordField, BooleanField
+from wtforms import StringField
-from wtforms.validators import InputRequired, Email, Length, Optional
+from wtforms.validators import InputRequired, Length, Email, Optional
 
 class StartQuiz(FlaskForm):
     first_name = StringField('First Name(s)', validators=[InputRequired(), Length(max=30)])

ref-test/app/models/__init__.py

@@ -0,0 +1,4 @@
+from .entry import Entry
+from .test import Test
+from .user import User
+from .dataset import Dataset

ref-test/app/models/dataset.py

@@ -0,0 +1,83 @@
+from ..data import data
+from ..modules import db
+from ..tools.logs import write
+
+from flask import flash
+from flask_login import current_user
+from werkzeug.utils import secure_filename
+
+from datetime import datetime
+from json import dump, loads
+from os import path, remove
+from uuid import uuid4
+
+class Dataset(db.Model):
+
+    id = db.Column(db.String(36), primary_key=True)
+    tests = db.relationship('Test', backref='dataset')
+    creator_id = db.Column(db.String(36), db.ForeignKey('user.id'))
+    date = db.Column(db.DateTime, nullable=False)
+    default = db.Column(db.Boolean, default=False, nullable=True)
+
+    def __repr__(self):
+        return f'<Dataset {self.id}> was added.'
+
+    @property
+    def generate_id(self): raise AttributeError('generate_id is not a readable attribute.')
+
+    generate_id.setter
+    def generate_id(self): self.id = uuid4().hex
+
+    def make_default(self):
+        for dataset in Dataset.query.all():
+            dataset.default = False
+        self.default = True
+        db.session.commit()
+        write('system.log', f'Dataset {self.id} set as default by {current_user.get_username()}.')
+        flash(message='Dataset set as default.', category='success')
+        return True, f'Dataset set as default.'
+    
+    def delete(self):
+        if self.default:
+            message = 'Cannot delete the default dataset.'
+            flash(message, 'error')
+            return False, message
+        if Dataset.query.all().count() == 1:
+            message = 'Cannot delete the only dataset.'
+            flash(message, 'error')
+            return False, message
+        write('system.log', f'Dataset {self.id} deleted by {current_user.get_username()}.')
+        filename = secure_filename('.'.join([self.id,'json']))
+        file_path = path.join(data, 'questions', filename)
+        remove(file_path)
+        db.session.delete(self)
+        db.session.commit()
+        return True, 'Dataset deleted.'
+    
+    def create(self, upload, default:bool=False):
+        self.generate_id()
+        timestamp = datetime.now()
+        filename = secure_filename('.'.join([self.id,'json']))
+        file_path = path.join(data, 'questions', filename)
+        upload.stream.seek(0)
+        questions = loads(upload.read())
+        with open(file_path, 'w') as file:
+            dump(questions, file, indent=2)
+        self.date = timestamp
+        self.creator = current_user
+        if default: self.make_default()
+        write('system.log', f'New dataset {self.id} added by {current_user.get_username()}.')
+        db.session.add(self)
+        db.session.commit()
+        return True, 'Dataset uploaded.'
+
+    def check_file(self):
+        filename = secure_filename('.'.join([self.id,'json']))
+        file_path = path.join(data, 'questions', filename)
+        if not path.isfile(file_path): return False, 'Data file is missing.'
+        return True, 'Data file found.'
+
+    def get_file(self):
+        filename = secure_filename('.'.join([self.id,'json']))
+        file_path = path.join(data, 'questions', filename)
+        return file_path

ref-test/app/models/entry.py

@@ -0,0 +1,177 @@
+from ..modules import db, mail
+from ..tools.forms import JsonEncodedDict
+from ..tools.encryption import decrypt, encrypt
+from ..tools.logs import write
+from .test import Test
+
+from flask_login import current_user
+from flask_mail import Message
+
+from datetime import datetime, timedelta
+from uuid import uuid4
+
+class Entry(db.Model):
+
+    id = db.Column(db.String(36), primary_key=True)
+    first_name = db.Column(db.String(128), nullable=False)
+    surname = db.Column(db.String(128), nullable=False)
+    email = db.Column(db.String(128), nullable=False)
+    club = db.Column(db.String(128), nullable=True)
+    test_id = db.Column(db.String(36), db.ForeignKey('test.id'))
+    user_code = db.Column(db.String(6), nullable=True)
+    start_time = db.Column(db.DateTime, nullable=True)
+    end_time = db.Column(db.DateTime, nullable=True)
+    status = db.Column(db.String(16), nullable=True)
+    valid = db.Column(db.Boolean, default=True, nullable=True)
+    answers = db.Column(JsonEncodedDict, nullable=True)
+    result = db.Column(JsonEncodedDict, nullable=True)
+    
+    def __repr__(self):
+        return f'<New entry by {self.first_name} {self.surname}> was added with <id {self.id}>.'
+
+    @property
+    def generate_id(self): raise AttributeError('generate_id is not a readable attribute.')
+
+    generate_id.setter
+    def generate_id(self): self.id = uuid4().hex
+
+    @property
+    def set_first_name(self): raise AttributeError('set_first_name is not a readable attribute.')
+
+    set_first_name.setter
+    def set_first_name(self, name:str): self.first_name = encrypt(name)
+
+    def get_first_name(self): return decrypt(self.first_name)
+
+    @property
+    def set_surname(self): raise AttributeError('set_first_name is not a readable attribute.')
+
+    set_surname.setter
+    def set_surname(self, name:str): self.surname = encrypt(name)
+
+    def get_surname(self): return decrypt(self.surname)
+
+    @property
+    def set_email(self): raise AttributeError('set_email is not a readable attribute.')
+
+    set_email.setter
+    def set_email(self, email:str): self.email = encrypt(email)
+
+    def get_email(self): return decrypt(self.email)
+
+    @property
+    def set_club(self): raise AttributeError('set_club is not a readable attribute.')
+
+    set_club.setter
+    def set_club(self, club:str): self.club = encrypt(club)
+
+    def get_club(self): return decrypt(self.club)
+
+    def ready(self):
+        self.generate_id()
+        db.session.add(self)
+        db.session.commit()
+        write('tests.log', f'New test ready for {self.get_first_name()} {self.get_surname()}.')
+        return True, f'Test ready.'
+
+    def start(self):
+        self.start_time = datetime.now()
+        self.status = 'started'
+        write('tests.log', f'Test started by {self.get_first_name()} {self.get_surname()}.')
+        db.session.commit()
+        return True, f'New test started with id {self.id}.'
+
+    def complete(self, answers:dict=None, result:dict=None):
+        self.end_time = datetime.now()
+        self.answers = answers
+        self.result = result
+        write('tests.log', f'Test completed by {self.get_first_name()} {self.get_surname()}.')
+        delta = timedelta(minutes=int(0 if self.test.time_limit is None else self.test.time_limit)+1)
+        if not self.test.time_limit or self.end_time <= self.start_time + delta:
+            self.status = 'completed'
+            self.valid = True
+        else:
+            self.status = 'late'
+            self.valid = False
+        db.session.commit()
+        return True, f'Test entry completed for id {self.id}.'
+
+    def validate(self):
+        if self.valid: return False, f'The entry is already valid.'
+        if self.status == 'started': return False, 'The entry is still pending.'
+        self.valid = True
+        self.status = 'completed'
+        db.session.commit()
+        write('system.log', f'The entry {self.id} has been validated by {current_user.get_username()}.')
+        return True, f'The entry {self.id} has been validated.'
+
+    def delete(self):
+        id = self.id
+        name = f'{self.get_first_name()} {self.get_surname()}'
+        db.session.delete(self)
+        db.session.commit()
+        write('system.log', f'The entry {id} by {name} has been deleted by {current_user.get_username()}.')
+        return True, 'Entry deleted.'
+    
+    def notify_result(self):
+        score = round(100*self.result['score']/self.result['max'])
+        tags_low = { tag: tag_result['max'] - tag_result['scored'] for tag, tag_result in self.result['tags'].items() }
+        sorted_low_tags = sorted(tags_low.items(), key=lambda x: x[1], reverse=True)
+        tag_output = [ tag[0] for tag in sorted_low_tags[0:3] if tag[1] > 3]
+        revision_plain = ''
+        revision_html = ''
+        if self.result['grade'] == 'pass':
+            flavour_text = """Well done on successfully completing the refereeing theory exam. We really appreciate members of our community taking the time to get qualified to referee.
+            """
+        elif self.result['grade'] == 'merit':
+            flavour_text = """Congratulations on achieving a merit in the refereeing exam. We are delighted that members of our community work so hard with refereeing.
+            """
+        elif self.result['grade'] == 'fail':
+            flavour_text = """Unfortunately, you were not successful in passing the theory exam in this attempt. We hope that this does not dissuade you, and that you try again in the future.
+            """
+            revision_plain = f"""Based on your answers, we would also suggest you brush up on the following topics for your next attempt:\n\n
+                {','.join(tag_output)}\n\n
+            """
+            revision_html = f"""<p>Based on your answers, we would also suggest you brush up on the following topics for your next attempt:</p>
+                <ul>
+                <li>{'</li><li>'.join(tag_output)}</li>
+                </ul>
+            """
+        email = Message(
+            subject='RefTest | SKA Refereeing Theory Exam Results',
+            recipients=[self.get_email()],
+            body=f"""
+            SKA Refereeing Theory Exam
+            Candidate Results
+            Dear {self.get_first_name()},
+            This email is to confirm that you have taken the SKA Refereeing Theory Exam. Your submission has been evaluated and your results are as follows:
+            {self.get_surname()}, {self.get_first_name()}
+            Email Address: {self.get_email()}
+            {f'Club: {self.get_club()}' if self.club else ''}
+            Date of Exam: {self.end_time.strftime('%d %b %Y')}
+            Score: {score}%
+            Grade: {self.result['grade']}
+            {flavour_text}
+            {revision_plain}
+            Thank you for taking the time to become a qualified referee.
+            Best wishes,
+            SKA Refereeing
+            """,
+            html=f"""
+            <h1>SKA Refereeing Theory Exam</h1>
+            <h2>Candidate Results</h2>
+            <p>Dear {self.get_first_name()},</p>
+            <p>This email is to confirm that you have taken the SKA Refereeing Theory Exam. Your submission has been evaluated and your results are as follows:</p>
+            <h3>{self.get_surname()}, {self.get_first_name()}</h3>
+            <p><strong>Email Address</strong>: {self.get_email()}</p>
+            {f'<p><strong>Club</strong>: {self.get_club()}</p>' if self.club else ''}
+            <h1>{score}%</h1>
+            <h2>{self.result['grade']}</h2>
+            <p>{flavour_text}</p>
+            {revision_html}
+            <p>Thank you for taking the time to become a qualified referee.</p>
+            <p>Have a nice day!</p>
+            <p>Best wishes, <br/> SKA Refereeing</p>
+            """
+        )
+        mail.send(email)

ref-test/app/models/test.py

@@ -0,0 +1,111 @@
+from ..modules import db
+from ..tools.encryption import decrypt, encrypt
+from ..tools.forms import JsonEncodedDict
+from ..tools.logs import write
+
+from flask_login import current_user
+
+from datetime import date, datetime
+import secrets
+from uuid import uuid4
+
+class Test(db.Model):
+    
+    id = db.Column(db.String(36), primary_key=True)
+    code = db.Column(db.String(36), nullable=False)
+    start_date = db.Column(db.DateTime, nullable=True)
+    end_date = db.Column(db.DateTime, nullable=True)
+    time_limit = db.Column(db.Integer, nullable=True)
+    creator_id = db.Column(db.String(36), db.ForeignKey('user.id'))
+    dataset_id = db.Column(db.String(36), db.ForeignKey('dataset.id'))
+    adjustments = db.Column(JsonEncodedDict, nullable=True)
+    entries = db.relationship('Entry', backref='test')
+
+    def __repr__(self):
+        return f'<Test with code {self.get_code()} was created by {current_user.get_username()}.>'
+
+    @property
+    def generate_id(self): raise AttributeError('generate_id is not a readable attribute.')
+
+    generate_id.setter
+    def generate_id(self): self.id = uuid4().hex
+
+    @property
+    def generate_code(self): raise AttributeError('generate_code is not a readable attribute.')
+
+    generate_code.setter
+    def generate_code(self): self.code = secrets.token_hex(6).lower()
+
+    def get_code(self):
+        code = self.code.upper()
+        return '—'.join([code[:4], code[4:8], code[8:]])
+
+    def create(self):
+        self.generate_id()
+        self.generate_code()
+        self.creator = current_user
+        errors = []
+        if self.start_date.date() < date.today():
+            errors.append('The start date cannot be in the past.')
+        if self.end_date.date() < date.today():
+            errors.append('The expiry date cannot be in the past.')
+        if self.end_date < self.start_date:
+            errors.append('The expiry date cannot be before the start date.')
+        if errors:
+            return False, errors
+        db.session.add(self)
+        db.session.commit()
+        write('system.log', f'Test with code {self.get_code()} created by {current_user.get_username()}.')
+        return True, f'Test with code {self.get_code()} has been created.'
+    
+    def delete(self):
+        code = self.code
+        if self.entries: return False, f'Cannot delete a test with submitted entries.'
+        db.session.delete(self)
+        db.session.commit()
+        write('system.log', f'Test with code {self.get_code()} has been deleted by {current_user.get_username()}.')
+        return True, f'Test with code {self.get_code()} has been deleted.'
+    
+    def start(self):
+        now = datetime.now()
+        if self.start_date.date() > now.date():
+            self.start_date = now
+            db.session.commit()
+            write('system.log', f'Test with code {self.get_code()} has been started by {current_user.get_username()}.')
+            return True,  f'Test with code {self.get_code()} has been started.'
+        return False, f'Test with code {self.get_code()} has already started.'
+
+    def end(self):
+        now = datetime.now()
+        if self.end_date >= now:
+            self.end_date = now
+            db.session.commit()
+            write('system.log', f'Test with code {self.get_code()} ended by {current_user.get_username()}.')
+            return True, f'Test with code {self.get_code()} has been ended.'
+        return False, f'Test with code {self.get_code()} has already ended.'
+
+    def add_adjustment(self, time:int):
+        adjustments = self.adjustments if self.adjustments is not None else {}
+        code = secrets.token_hex(3).lower()
+        adjustments[code] = time
+        self.adjustments = adjustments
+        db.session.commit()
+        write('system.log', f'Time adjustment for {time} minutes with code {code} added to test {self.get_code()} by {current_user.get_username()}.')
+        return True, f'Time adjustment for {time} minutes added to test {self.get_code()}. This can be accessed using the user code {code.upper()}.'
+
+    def remove_adjustment(self, code:str):
+        if not self.adjustments: return False, f'There are no adjustments configured for test {self.get_code()}.'
+        self.adjustments.pop(code)
+        if not self.adjustments: self.adjustments = None
+        db.session.commit()
+        write('system.log', f'Time adjustment for with code {code} has been removed from test {self.get_code()} by {current_user.get_username()}.')
+        return True, f'Time adjustment for with code {code} has been removed from test {self.get_code()}.'
+
+    def update(self, start_date:datetime=None, end_date:datetime=None, time_limit:int=None):
+        if not start_date and not end_date and time_limit is None: return False, 'There were no changes requested.'
+        if start_date: self.start_date = start_date
+        if end_date: self.end_date = end_date
+        if time_limit is not None: self.time_limit = time_limit
+        db.session.commit()
+        write('system.log', f'Test with code {self.get_code()} has been updated by user {current_user.get_username()}.')
+        return True, f'Test with code {self.get_code()} has been updated by.'

ref-test/app/models/user.py

@@ -0,0 +1,223 @@
+from ..modules import db, mail
+from ..tools.encryption import decrypt, encrypt
+from ..tools.logs import write
+
+from flask import flash, jsonify, session
+from flask.helpers import url_for
+from flask_login import current_user, login_user, logout_user, UserMixin
+from flask_mail import Message
+from werkzeug.security import check_password_hash, generate_password_hash
+
+import secrets
+from uuid import uuid4
+class User(UserMixin, db.Model):
+    id = db.Column(db.String(36), primary_key=True)
+    username = db.Column(db.String(128), nullable=False)
+    password = db.Column(db.String(128), nullable=False)
+    email = db.Column(db.String(128), nullable=False)
+    reset_token = db.Column(db.String(20), nullable=True)
+    verification_token = db.Column(db.String(20), nullable=True)
+    tests = db.relationship('Test', backref='creator')
+    datasets = db.relationship('Dataset', backref='creator')
+
+    def __repr__(self):
+        return f'<user {self.username}> was added with <id {self.id}>.'
+    
+    @property
+    def generate_id(self): raise AttributeError('generate_id is not a readable attribute.')
+
+    generate_id.setter
+    def generate_id(self): self.id = uuid4().hex
+
+    @property
+    def set_username(self): raise AttributeError('set_username is not a readable attribute.')
+    
+    set_username.setter
+    def set_username(self, username:str): self.username = encrypt(username)
+    
+    def get_username(self): return decrypt(self.username)
+
+    @property
+    def set_password(self): raise AttributeError('set_password is not a readable attribute.')
+
+    set_password.setter
+    def set_password(self, password:str): self.password = generate_password_hash(password, method="sha256")
+
+    def verify_password(self, password:str): return check_password_hash(self.password, password)
+
+    @property
+    def set_email(self): raise AttributeError('set_email is not a readable attribute.')
+    
+    set_email.setter
+    def set_email(self, email:str): self.email = encrypt(email)
+    
+    def get_email(self): return decrypt(self.email)
+
+    def register(self, notify:bool=False, password:str=None):
+        self.generate_id()
+        users = User.query.all()
+        for user in users:
+            if user.get_username() == self.get_username(): return False, f'Username {self.get_username()} already in use.'
+            if user.get_email() == self.get_email(): return False, f'Email address {self.get_email()} already in use.'
+        self.set_password(password=password)
+        db.session.add(self)
+        db.session.commit()
+        write('users.log', f'User \'{self.get_username()}\' was created with id \'{self.id}\'.')
+        if notify:
+            email = Message(
+                subject='RefTest | Registration Confirmation',
+                recipients=[self.email],
+                body=f"""
+                Hello {self.get_username()},\n\n
+                You have been registered as an administrator on the SKA RefTest App!\n\n
+                You can access your account using the username '{self.get_username()}'\n\n
+                Your password is as follows:\n\n
+                {password}\n\n
+                You can log in to the admin console via the following URL, where you can administer the test or change your password:\n\n
+                {url_for('admin._home', _external=True)}\n\n
+                Have a nice day!\n\n
+                SKA Refereeing
+                """,
+                html=f"""
+                <p>Hello {self.get_username()},</p>
+                <p>You have been registered as an administrator on the SKA RefTest App!</p>
+                <p>You can access your account using the username '{self.get_username()}'</p>
+                <p>Your password is as follows:</p>
+                <strong>{password}</strong>
+                <p>You can log in to the admin console via the following URL, where you can administer the test or change your password:</p>
+                <p><a href='{url_for('admin._home', _external=True)}'>{url_for('admin._home', _external=True)}</a></p>
+                <p>Have a nice day!</p>
+                <p>SKA Refereeing</p>
+                """
+            )
+            mail.send(email)
+        return True, f'User {self.get_username()} was created successfully.'
+
+    def login(self, remember:bool=False):
+        login_user(self, remember = remember)
+        write('users.log', f'User \'{self.get_username()}\' has logged in.')
+        flash(message=f'Welcome {self.get_username()}', category='success')
+    
+    def logout(self):
+        session['remembered_username'] = self.get_username()
+        logout_user()
+        write('users.log', f'User \'{self.get_username()}\' has logged out.')
+        flash(message='You have successfully logged out.', category='success')
+    
+    def reset_password(self):
+        new_password = secrets.token_hex(12)
+        self.set_password(new_password)
+        self.reset_token = secrets.token_urlsafe(16)
+        self.verification_token = secrets.token_urlsafe(16)
+        db.session.commit()
+        email = Message(
+            subject='RefTest | Password Reset',
+            recipients=[self.get_email()],
+            body=f"""
+            Hello {self.get_username()},\n\n
+            This email was generated because we received a request to reset the password for your administrator account for the SKA RefTest app.\n\n
+            If you did not make this request, please ignore this email.\n\n
+            If you did make this request, then you have two options to recover your account.\n\n
+            Your password has been reset to the following:\n\n
+            {new_password}\n\n
+            You may use this to log back in to your account, and subsequently change your password to something more suitable.\n\n
+            Alternatively, you may visit the following private link using your unique token to override your password. Copy and paste the following link in a web browser. Please note that this token is only valid once:\n\n
+            {url_for('admin._reset', token = self.reset_token, verification = self.verification_token, _external = True)}\n\n
+            Hopefully, this should enable access to your account once again.\n\n
+            Have a nice day!\n\n
+            SKA Refereeing
+            """,
+            html=f"""
+            <p>Hello {self.get_username()},</p>
+            <p>This email was generated because we received a request to reset the password for your administrator account for the SKA RefTest app.</p>
+            <p>If you did not make this request, please ignore this email.</p>
+            <p>If you did make this request, then you have two options to recover your account.</p>
+            <p>Your password has been reset to the following:</p>
+            <strong>{new_password}</strong>
+            <p>You may use this to log back in to your account, and subsequently change your password to something more suitable.</p>
+            <p>Alternatively, you may visit the following private link using your unique token to override your password. Copy and paste the following link in a web browser. Please note that this token is only valid once:</p>
+            <p><a href='{url_for('admin._reset', token = self.reset_token, verification = self.verification_token, _external = True)}'>{url_for('admin._reset', token = self.reset_token, verification = self.verification_token, _external = True)}</a></p>
+            <p>Hopefully, this should enable access to your account once again.</p>
+            <p>Have a nice day!</p>
+            <p>SKA Refereeing</p>
+            """
+        )
+        mail.send(email)
+        print('Password', new_password)
+        print('Reset Token', self.reset_token)
+        print('Verification Token', self.verification_token)
+        print('Reset Link', f'{url_for("admin._reset", token=self.reset_token, verification=self.verification_token, _external=True)}')
+        return jsonify({'success': 'Your password reset link has been generated.'}), 200
+
+    def clear_reset_tokens(self):
+        self.reset_token = self.verification_token = None
+        db.session.commit()
+    
+    def delete(self, notify:bool=False):
+        username = self.get_username()
+        email_address = self.get_email()
+        db.session.delete(self)
+        db.session.commit()
+        message = f'User \'{username}\' was deleted by \'{current_user.get_username()}\'.'
+        write('users.log', message)
+        if notify:
+            email = Message(
+                subject='RefTest | Account Deletion',
+                recipients=[email_address],
+                bcc=[current_user.get_email()],
+                body=f"""
+                Hello {username},\n\n
+                Your administrator account for the SKA RefTest App, as well as all data associated with the account, have been deleted by {current_user.get_username()}.\n\n
+                If you believe this was done in error, please contact them immediately.\n\n
+                If you would like to register to administer the app, please ask an existing administrator to create a new account.\n\n
+                Have a nice day!\n\n
+                SKA Refereeing
+                """,
+                html=f"""
+                <p>Hello {username},</p>
+                <p>Your administrator account for the SKA RefTest App, as well as all data associated with the account, have been deleted by {current_user.get_username()}.</p>
+                <p>If you believe this was done in error, please contact them immediately.</p>
+                <p>If you would like to register to administer the app, please ask an existing administrator to create a new account.</p>
+                <p>Have a nice day!</p>
+                <p>SKA Refereeing</p>
+                """
+            )
+            mail.send(email)
+        return True, message
+
+    def update(self, password:str=None, email:str=None, notify:bool=False):
+        if not password and not email: return False, 'There were no changes requested.'
+        if password: self.set_password(password)
+        old_email = self.get_email()
+        if email: self.set_email(email)
+        db.session.commit()
+        write('system.log', f'Information for user {self.get_username()} has been updated by {current_user.get_username()}.')
+        if notify:
+            message = Message(
+                subject='RefTest | Account Update',
+                recipients=[email],
+                bcc=[old_email,current_user.get_email()],
+                body=f"""
+                Hello {self.get_username()},\n\n
+                Your administrator account for the SKA RefTest App has been updated by {current_user.get_username()}.\n\n
+                Your new account details are as follows:\n\n
+                Email: {email}\n
+                Password: {password if password else '<same as old>'}\n\n
+                You can update your email address and password by logging in to the admin console using the following URL:\n\n
+                {url_for('admin._home', _external=True)}\n\n
+                Have a nice day!\n\n
+                SKA Refereeing
+                """,
+                html=f"""
+                <p>Hello {self.get_username()},</p>
+                <p>Your administrator account for the SKA RefTest App has been updated by {current_user.get_username()}.</p>
+                <p>Your new account details are as follows:</p>
+                <p>Email: {email} <br/> Password: <strong>{password if password else '&lt;same as old&gt;'}</strong></p>
+                <p>You can update your email address and password by logging in to the admin console using the following URL:</p>
+                <p><a href='{url_for('admin._home', _external=True)}'>{url_for('admin._home', _external=True)}</a></p>
+                <p>Have a nice day!</p>
+                <p>SKA Refereeing</p>
+                """
+            )
+            mail.send(message)
+        return True, f'Account {self.get_username()} has been updated.'

ref-test/app/modules.py

@@ -0,0 +1,10 @@
+from flask_bootstrap import Bootstrap
+bootstrap = Bootstrap()
+from flask_wtf.csrf import CSRFProtect
+csrf = CSRFProtect()
+from flask_sqlalchemy import SQLAlchemy
+db = SQLAlchemy()
+from flask_login import LoginManager
+login_manager = LoginManager()
+from flask_mail import Mail
+mail = Mail()

ref-test/app/quiz/static/css/quiz.css

@@ -0,0 +1,158 @@
+/*! Generated by Font Squirrel (https://www.fontsquirrel.com) on November 23, 2021 */
+
+@font-face {
+    font-family: 'opendyslexic3bold';
+    src: url('../fonts/opendyslexic3-bold-webfont.woff2') format('woff2'),
+         url('../fonts/opendyslexic3-bold-webfont.woff') format('woff');
+    font-weight: normal;
+    font-style: normal;
+
+}
+
+@font-face {
+    font-family: 'opendyslexic3regular';
+    src: url('../fonts/opendyslexic3-regular-webfont.woff2') format('woff2'),
+         url('../fonts/opendyslexic3-regular-webfont.woff') format('woff');
+    font-weight: normal;
+    font-style: normal;
+
+}
+
+@font-face {
+    font-family: 'opendyslexicmonoregular';
+    src: url('../fonts/opendyslexicmono-regular-webfont.woff2') format('woff2'),
+         url('../fonts/opendyslexicmono-regular-webfont.woff') format('woff');
+    font-weight: normal;
+    font-style: normal;
+
+}
+
+/* Class Definitions */
+
+.form-quiz-configure {
+    width: 100%;
+    padding: 15px;
+    margin: auto;
+}
+
+.q-f-opendyslexic {
+    font-family: 'opendyslexic3bold';
+}
+
+.q-f-comicsans {
+    font-family: 'Comic Sans MS', 'Comic Sans';
+}
+
+.q-f-osdefault {
+    font-family: -apple-system, system-ui, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+}
+
+.q-f-verdana {
+    font-family: Verdana, sans-serif;
+}
+
+.q-f-tahoma {
+    font-family: Tahoma, sans-serif;
+}
+
+.q-f-arial {
+    font-family: Arial, Helvetica, sans-serif;
+}
+
+.q-f-12pt {
+    font-size: 12pt;
+}
+
+.q-f-14pt {
+    font-size: 14pt;
+}
+
+.q-f-16pt {
+    font-size: 16pt;
+}
+
+.q-f-18pt {
+    font-size: 18pt;
+}
+
+.q-settings-element {
+    margin-bottom: 2rem;
+}
+
+.q-bg-light-1 {
+    background-color: beige;
+}
+
+.q-bg-light-2 {
+    background-color: #EBE3E1;
+}
+
+#sample-question {
+    margin: 2rem auto;
+    padding: 2rem;
+}
+
+.question-container {
+    margin: 2rem auto;
+    padding: 2 rem;
+}
+
+.question-title {
+    margin: 2rem 0;
+}
+
+.question-header {
+    margin: 1rem auto 3rem;
+    width: 90%;
+}
+
+.btn-quiz-control {
+    width: fit-content;
+}
+
+#q-topbar a.btn {
+    padding: 2px 6px 0px 6px;
+    font-size: 14pt;
+    height: fit-content;
+    width: fit-content;
+    margin: 0px 4px;
+}
+
+.q-timer {
+    padding-top: 0px;
+    margin: 0px auto;
+    font-size: 16pt;
+}
+
+.q-navigator-button {
+    margin: 5px;
+}
+
+.control-button-container {
+    width: fit-content;
+    margin: 2rem auto;
+}
+
+.control-button-container a {
+    width: fit-content;
+    margin: 0 5px;
+}
+
+.navigator-help {
+    margin: 4rem auto;
+}
+
+#navigator-container {
+    margin-bottom: 2rem;
+}
+
+/* Layout for Mobile Devices */
+@media only screen and (max-width: 576px) {
+    body {
+      padding-top: 140px;
+    }
+
+    .navbar .container {
+        justify-content: space-evenly;
+    }
+}

ref-test/app/quiz/static/css/style.css

@@ -1,13 +1,27 @@
-.bg-light {
-    background-color: #EBE3E1!important;
-}
-
 body {
     padding: 80px 0;
     line-height: 1.5;
     font-size: 14pt;
 }
 
+#cookie-alert {
+    padding-right: 16px;
+}
+
+#dismiss-cookie-alert {
+    margin-top: 16px;
+    width: fit-content;
+}
+
+.button-container {
+    margin: 2rem auto;
+    width: fit-content;
+}
+
+.instruction-container {
+    margin: 2rem auto;
+}
+
 .site-footer {
     background-color: lightgray;
     font-size: small;
@@ -111,7 +125,7 @@ body {
     color: #777;
 }
 
-.form-check {
+.form-check-margin {
     margin-bottom: 2rem;
 }
 
@@ -137,33 +151,47 @@ body {
     margin: 0 2px;
 }
 
-/*! Generated by Font Squirrel (https://www.fontsquirrel.com) on November 23, 2021 */
+.results-name {
-
+    margin: 3rem auto;
-@font-face {
-    font-family: 'opendyslexic3bold';
-    src: url('../fonts/opendyslexic3-bold-webfont.woff2') format('woff2'),
-         url('../fonts/opendyslexic3-bold-webfont.woff') format('woff');
-    font-weight: normal;
-    font-style: normal;
-
 }
 
-@font-face {
+.results-name .surname {
-    font-family: 'opendyslexic3regular';
+    font-variant: small-caps;
-    src: url('../fonts/opendyslexic3-regular-webfont.woff2') format('woff2'),
+    font-size: 24pt;
-         url('../fonts/opendyslexic3-regular-webfont.woff') format('woff');
-    font-weight: normal;
-    font-style: normal;
-
 }
 
-@font-face {
+.results-score {
-    font-family: 'opendyslexicmonoregular';
+    margin: 2rem auto;
-    src: url('../fonts/opendyslexicmono-regular-webfont.woff2') format('woff2'),
+    width: fit-content;
-         url('../fonts/opendyslexicmono-regular-webfont.woff') format('woff');
+    font-size: 36pt;
-    font-weight: normal;
+}
-    font-style: normal;
 
+.results-score::after {
+    content: '%';
+}
+
+.results-grade {
+    margin: 2rem auto;
+    width: fit-content;
+    font-size: 26pt;
+}
+
+.button-icon {
+    font-size: 20px;
+    margin-right: 2px;
+}
+
+/* Change Autocomplete styles in Chrome*/
+input:-webkit-autofill,
+input:-webkit-autofill:hover, 
+input:-webkit-autofill:focus,
+textarea:-webkit-autofill,
+textarea:-webkit-autofill:hover,
+textarea:-webkit-autofill:focus,
+select:-webkit-autofill,
+select:-webkit-autofill:hover,
+select:-webkit-autofill:focus {
+  transition: background-color 5000s ease-in-out 0s;
 }
 
 /* Fallback for Edge

ref-test/app/quiz/static/js/quiz.js

@@ -0,0 +1,650 @@
+// Bind Listeners
+
+$("input[name='font-select']").change(function(){
+    let $choice = $(this).val();
+    set_font($choice);
+});
+
+$("input[name='font-size']").change(function(){
+    let $choice = $(this).val();
+    set_font_size($choice);
+});
+
+$("input[name='bg-select']").change(function(){
+    let $choice = $(this).val();
+    set_bg_colour($choice);
+});
+
+$(".bg-select-area").click(function(event){
+    $(this).find("input[name='bg-select']").prop("checked", true).change();
+});
+
+$("#btn-toggle-navigator").click(function(event){
+    check_answered();
+    update_navigator();
+    if ($quiz_navigator.is(":hidden")) {
+        if ($quiz_settings.is(":visible")) {
+            toggle_settings = true;
+            $quiz_settings.fadeOut();
+        }
+        $quiz_render.fadeOut();
+        $quiz_navigator.fadeIn();
+        $(".navigator-text").fadeIn();
+        $(".review-text").fadeOut();
+        toggle_navigator = false;
+        $(window).scrollTop(0);
+    } else {
+        $quiz_navigator.fadeOut();
+        if (toggle_settings) {
+            $quiz_settings.fadeIn();
+            $(window).scrollTop(0);
+            toggle_settings = false;
+        } else {
+            $quiz_render.fadeIn();
+            $(window).scrollTop(0);
+        }
+    }
+    event.preventDefault();
+});
+
+$("#btn-toggle-settings").click(function(event){
+    if (($quiz_settings).is(":hidden")) {
+        if ($quiz_navigator.is(":visible")) {
+            toggle_navigator = true;
+            $quiz_navigator.fadeOut();
+        }
+        $quiz_render.fadeOut();
+        $quiz_settings.fadeIn();
+        $(window).scrollTop(0);
+        toggle_settings = false;
+    } else {
+        $quiz_settings.fadeOut();
+        if (toggle_navigator) {
+            $quiz_navigator.fadeIn();
+            toggle_navigator = false;
+            $(window).scrollTop(0);
+        } else {
+            $quiz_render.fadeIn();
+            $(window).scrollTop(0);
+        }
+    }
+    event.preventDefault();
+});
+
+$(".btn-quiz-return").click(function(event){
+    $quiz_navigator.fadeOut();
+    $quiz_settings.fadeOut();
+    $quiz_render.fadeIn();
+    $(window).scrollTop(0);
+    toggle_settings = false;
+    toggle_navigator = false;
+    event.preventDefault();
+});
+
+$(".btn-dummy").click(function(event){
+    event.preventDefault();
+});
+
+$("#navigator-container").on("click", ".q-navigator-button", function(event){
+    check_answered();
+    update_navigator();
+    current_question = parseInt($(this).prop("name"));
+    $quiz_navigator.fadeOut();
+    $quiz_render.fadeIn();
+    $question_title.focus();
+    $(window).scrollTop(0);
+    toggle_navigator = false;
+    toggle_settings = false;
+    render_question();
+    check_flag();
+    event.preventDefault();
+});
+
+$(".q-question-nav").click(function(event){
+    check_answered();
+    update_navigator();
+    if ($(this).prop("id") == "q-nav-next") {
+        if (current_question < questions.length) {
+            current_question ++;
+        }
+    } else if ($(this).prop("id") == "q-nav-prev") {
+        if (current_question > 0) {
+            current_question --;
+        }
+    } else if ($(this).hasClass("q-navigator-button")) {
+        current_question = $(this).prop("name");
+        $quiz_render.fadeIn();
+        $quiz_navigator.fadeOut();
+        toggle_navigator = false;
+        toggle_settings = false;
+    }
+    render_question();
+    check_flag();
+    event.preventDefault();
+});
+
+$("#q-nav-flag").click(function(event){
+    if (question_status[current_question] != 1) {
+        question_status[current_question] = 1;
+        $(this).removeClass().addClass("btn btn-warning");
+        $(this).prop("title", "Question Flagged for revision. Click to un-flag.");
+    } else {
+        question_status[current_question] = 0;
+        $(this).removeClass().addClass("btn btn-secondary");
+        $(this).prop("title", "Question Un-Flagged. Click to flag for revision.");
+    }
+    window.localStorage.setItem('question_status', JSON.stringify(question_status));
+    update_navigator();
+    event.preventDefault();
+});
+
+$("#btn-start-quiz").click(function(event){
+
+    $.ajax({
+        url: `/api/questions/`,
+        type: 'POST',
+        data: JSON.stringify({'id': id}),
+        contentType: "application/json",
+        success: function(response) {
+            $(this).fadeOut();
+            $(".btn-quiz-return").fadeIn();
+            $(".quiz-console").fadeIn();
+            $("#quiz-settings").fadeOut();
+            $("#quiz-navigator").fadeOut();
+            $(".quiz-start-text").fadeOut();
+            time_limit = response.time_limit;
+            start_time = response.start_time;
+            questions = response.questions;
+            total_questions = questions.length;
+            window.localStorage.setItem('questions', JSON.stringify(questions));
+            window.localStorage.setItem('start_time', JSON.stringify(start_time));
+            window.localStorage.setItem('time_limit', JSON.stringify(time_limit));
+            render_question();
+            build_navigator();
+            check_flag();
+            if (time_limit != 'null' && time_limit != null) {
+                $("#q-timer-widget").fadeIn();
+                time_remaining = get_time_remaining();
+                clock = setInterval(timer, 1000);
+            }
+            if (response.time_adjustment > 0) {
+                const $alert = $("#alert-box");
+                $alert.html(
+                    `<div class="alert alert-primary alert-dismissible fade show" role="alert">
+                    <i class="bi bi-exclamation-triangle-fill" title="Alert"></i>
+                    User code validated. Extra time of ${response.time_adjustment} minutes added to the exam time limit.
+                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+                </div>
+                `
+                );
+                $alert.focus();
+            }
+        },
+        error: function(response) {
+            error_response(response);
+        }
+    });
+
+    event.preventDefault();
+});
+
+$("#quiz-question-options").on("change", ".quiz-option", function(event){
+    $name = parseInt($(this).prop("name"));
+    $value = $(this).prop("value");
+    answers[$name] = $value;
+    window.localStorage.setItem('answers', JSON.stringify(answers));
+});
+
+$("#q-review-answers").click(function(event){
+    check_answered();
+    update_navigator();
+    if ($quiz_navigator.is(":hidden")) {
+        if ($quiz_settings.is(":visible")) {
+            toggle_settings = true;
+            $quiz_settings.fadeOut();
+        }
+        $quiz_render.fadeOut();
+        $quiz_navigator.fadeIn();
+        $(".navigator-text").fadeOut();
+        $(".review-text").fadeIn();
+        toggle_navigator = false;
+        $(window).scrollTop(0);
+    } else {
+        $quiz_navigator.fadeOut();
+        if (toggle_settings) {
+            $quiz_settings.fadeIn();
+            toggle_settings = false;
+        } else {
+            $quiz_render.fadeIn();
+        }
+    }
+    event.preventDefault();
+});
+
+$(".quiz-button-submit").click(function(event){
+    let submission = {
+        'id': id,
+        'answers': answers
+    }
+
+    $.ajax({
+        url: `/api/submit/`,
+        type: 'POST',
+        data: JSON.stringify(submission),
+        contentType: "application/json",
+        success: function(response) {
+            window.localStorage.clear();
+            window.location.href = `/result/`;
+        },
+        error: function(response) {
+            error_response(response);
+        }
+    });
+
+    event.preventDefault();
+});
+
+// Functions
+
+function set_font(value = 'osdefault') {
+    let font_styles = ['arial', 'comicsans', 'opendyslexic', 'tahoma', 'verdana']
+
+    for (let i = 0; i < font_styles.length; i ++) {
+        if (font_styles[i] != value) {
+            $("body").removeClass( `q-f-${font_styles[i]}` );
+        };
+    };
+
+    if (value != 'osdefault') {
+        $("body").addClass(`q-f-${value}`);
+    };
+    
+    display_settings['font-select'] = value;
+    window.localStorage.setItem('display_settings', JSON.stringify(display_settings));
+    $('input[name="font-select"][value="' + value + '"]').prop('checked', true);
+}
+
+function set_font_size(value = '14pt') {
+    let font_sizes = ['12pt', '16pt', '18pt']
+
+    for (let i = 0; i < font_sizes.length; i ++) {
+        if (font_sizes[i] != value) {
+            $("body").removeClass( `q-f-${font_sizes[i]}` );
+        };
+    };
+
+    if (value != '14pt') {
+        $("body").addClass(`q-f-${value}`);
+    };
+
+    display_settings['font-size'] = value;
+    window.localStorage.setItem('display_settings', JSON.stringify(display_settings));
+    $('input[name="font-size"][value="' + value + '"]').prop('checked', true);
+}
+
+function set_bg_colour(value = 'bg-light') {
+    let backgrounds = ['bg-light', 'q-bg-light-1', 'q-bg-light-2', 'alert-primary', 'alert-secondary', 'alert-dark', 'bg-dark']
+
+    for (let i = 0; i < backgrounds.length; i ++) {
+        if (backgrounds[i] != value) {
+            $("body").removeClass(backgrounds[i]);
+            if (backgrounds[i] == 'bg-dark') {
+                $("body").removeClass('text-light');
+            };
+            if (backgrounds[i] == 'alert-primary' || backgrounds[i] == 'alert-secondary' || backgrounds[i] == 'alert-dark') {
+                $("body").removeClass('text-dark');
+            };
+        };
+    };
+
+    $("body").addClass(value);
+    if (value == 'bg-dark') {
+        $("body").addClass('text-light');
+    };
+    if (value == 'alert-primary' || value == 'alert-secondary' || value == 'alert-dark') {
+        $("body").addClass('text-dark');
+    };
+
+    display_settings['bg-select'] = value;
+    window.localStorage.setItem('display_settings', JSON.stringify(display_settings));
+    $('input[name="bg-select"][value="' + value + '"]').prop('checked', true);
+}
+
+function get_settings_from_storage() {
+    let display_settings = window.localStorage.getItem('display_settings')
+    if (display_settings != null) {
+        return JSON.parse(display_settings);
+    };
+    return {
+        'font-select': 'osdefault',
+        'font-size': '14pt',
+        'bg-select': 'bg-light'
+    }
+}
+
+function apply_settings(settings) {
+    set_font(settings['font-select']);
+    set_font_size(settings['font-size']);
+    set_bg_colour(settings['bg-select']);
+}
+
+function render_question() {
+    if (current_question == 0) {
+        $nav_prev.addClass('disabled');
+    }
+    if (current_question == questions.length - 1) {
+        $nav_next.addClass('disabled');
+    }
+    if ($nav_prev.hasClass('disabled') && current_question > 0) {
+        $nav_prev.removeClass('disabled');
+    }
+    if ($nav_next.hasClass('disabled') && current_question < questions.length - 1) {
+        $nav_next.removeClass('disabled');
+    }
+    var question = questions[current_question];
+    let header_text = question.question_header;
+    var block_length = 0;
+    if ('block_length' in question) {
+        block_length = question['block_length'];
+    };
+    var block_q_no = 0;
+    if ('block_q_no' in question) {
+        block_q_no = question['block_q_no'];
+    }
+    let remaining_qs = (block_length - block_q_no).toString();
+    if (block_length - block_q_no > 1) {
+        remaining_qs += ' questions';
+    } else {
+        remaining_qs += ' question';
+    }
+    header_text = header_text.replace('<block_remaining_questions>', remaining_qs);
+    $question_header.html(header_text);
+    $question_text.html(question.text);
+    $question_title.html(`Question ${current_question + 1} of ${ questions.length }.`);
+
+    var q_no = question['q_no'];
+    var options = question.options;
+    var options_output = '';
+    for (let i = 0; i < options.length; i ++) {
+        var add_checked = ''
+        if (q_no in answers) {
+            if (answers[q_no] == options[i][0]) {
+                add_checked = 'checked';
+            }
+        }
+        options_output += `<div class="form-check">
+            <input type="radio" class="form-check-input quiz-option" id="q${current_question}-${i}" name="${q_no}" value="${options[i][0]}" ${add_checked}>
+            <label for="q${current_question}-${i}" class="form-check-label">${options[i][1]}</label>
+        </div>`;
+    }
+    $question_options.html(options_output);
+    let skipped = count_questions(-1);
+    let answered = count_questions(2);
+    let flagged = count_questions(1);
+
+    $progress_skipped.prop('title', `Skipped: ${skipped}`);
+    $progress_skipped.prop('aria-valuenow', skipped);
+    $progress_skipped.css('width', `${skipped}%`);
+    $skipped_count.text(`Skipped: ${skipped}`);
+    if (skipped < 1) {
+        $skipped_count.fadeOut()
+    } else {
+        $skipped_count.fadeIn()
+    }
+
+    $progress_flagged.prop('title', `Flagged: ${flagged}`);
+    $progress_flagged.prop('aria-valuenow', flagged);
+    $progress_flagged.css('width', `${flagged}%`);
+    $flagged_count.text(`Flagged: ${flagged}`);
+    if (flagged < 1) {
+        $flagged_count.fadeOut()
+    } else {
+        $flagged_count.fadeIn()
+    }
+
+    $progress_answered.prop('title', `Answered: ${answered}`);
+    $progress_answered.prop('aria-valuenow', answered);
+    $progress_answered.css('width', `${answered}%`);
+    $answered_count.text(`Answered: ${answered}`);
+    if (answered < 1) {
+        $answered_count.fadeOut()
+    } else {
+        $answered_count.fadeIn()
+    }
+
+    $question_title.focus();
+    $(window).scrollTop(0);
+}
+
+function check_answered() {
+    var question = questions[current_question];
+    var name = question.q_no;
+    if (question_status[current_question] == 0 || question_status[current_question] == -1) {
+        if (!$(`input[name='${name}']:checked`).val()) {
+            question_status[current_question] = -1;
+        } else {
+            question_status[current_question] = 2;
+        }
+        window.localStorage.setItem('question_status', JSON.stringify(question_status));
+    }
+}
+
+function check_flag() {
+    if (!(current_question in question_status)) {
+        question_status[current_question] = 0;
+        window.localStorage.setItem('question_status', JSON.stringify(question_status));
+    }
+    switch (question_status[current_question]) {
+        case -1:
+            $nav_flag.removeClass().addClass('btn btn-danger progress-bar-striped');
+            $nav_flag.prop("title", "Question Incomplete. Click to flag for revision.");
+            break;
+        case 1:
+            $nav_flag.removeClass().addClass('btn btn-warning');
+            $nav_flag.prop("title", "Question Flagged for revision. Click to un-flag.");
+            break;
+        case 2:
+            $nav_flag.removeClass().addClass('btn btn-success');
+            $nav_flag.prop("title", "Question Answered. Click to flag for revision.");
+            break;
+        default:
+            $nav_flag.removeClass().addClass('btn btn-secondary');
+            $nav_flag.prop("title", "Question Un-Flagged. Click to flag for revision.");
+    }
+}
+
+function build_navigator() {
+    $nav_container.html('')
+    var output = ''
+    for (let i = 0; i < questions.length; i ++) {
+        let add_class, add_href, add_status = '';
+        switch (question_status[i]) {
+            case -1:
+                add_class = 'btn-danger progress-bar-striped';
+                add_href = 'href="#"';
+                add_status = 'Incomplete';
+                break;
+            case 1:
+                add_class = 'btn-warning';
+                add_href = 'href="#"';
+                add_status = 'Flagged';
+                break;
+            case 2:
+                add_class = 'btn-success';
+                add_href = 'href="#"';
+                add_status = 'Answered';
+                break;
+            default:
+                add_class = 'btn-secondary disabled';
+                add_href = '';
+                add_status = 'Unseen';
+        }
+        output += `<a ${add_href} class="q-navigator-button btn ${add_class}" name=${i} title="Question ${i+1}: ${add_status}">Q${i + 1}</a>`;
+    }
+    $nav_container.html(output);
+}
+
+function update_navigator() {
+    let button = $(`.q-navigator-button[name=${current_question}]`)
+    if (current_question in question_status) {
+        switch (question_status[current_question]) {
+            case -1:
+                button.removeClass().addClass("q-navigator-button btn btn-danger progress-bar-striped");
+                button.prop("title", `Question ${current_question + 1}: Incomplete`);
+                break;
+            case 1:
+                button.removeClass().addClass("q-navigator-button btn btn-warning");
+                button.prop("title", `Question ${current_question + 1}: Flagged`);
+                break;
+            case 2:
+                button.removeClass().addClass("q-navigator-button btn btn-success");
+                button.prop("title", `Question ${current_question + 1}: Answered`);
+                break;
+            default:
+                button.removeClass().addClass("q-navigator-button btn btn-secondary disabled");
+                button.prop("title", `Question ${current_question + 1}: Unseen`);
+        }
+    }
+}
+
+function start() {
+    $("#btn-start-quiz").fadeOut();
+    $(".btn-quiz-return").fadeIn();
+    $(".quiz-console").fadeIn();
+    $("#quiz-settings").fadeOut();
+    $("#quiz-navigator").fadeOut();
+    $(".quiz-start-text").fadeOut();
+
+    questions = JSON.parse(window.localStorage.getItem('questions'));
+    total_questions = questions.length;
+    start_time = window.localStorage.getItem('start_time');
+    time_limit = window.localStorage.getItem('time_limit');
+
+    let get_answers = window.localStorage.getItem('answers');
+    if (get_answers != null) {
+        answers = JSON.parse(get_answers);
+    }
+
+    let get_status = window.localStorage.getItem('question_status');
+    if (get_status != null) {
+        question_status = JSON.parse(get_status);
+    }
+
+    render_question();
+    build_navigator();
+    check_flag();
+    if (time_limit != 'null' && time_limit != null) {
+        $("#q-timer-widget").fadeIn();
+        time_remaining = get_time_remaining();
+        clock = setInterval(timer, 1000);
+    }
+}
+
+function check_started() {
+    let questions = window.localStorage.getItem('questions');
+    let time_limit = window.localStorage.getItem('time_limit');
+    let start_time = window.localStorage.getItem('start_time')
+    if (questions != null && start_time != null && time_limit != null) {
+        start();
+    }
+}
+
+function get_time_remaining() {
+    var end_time = new Date(time_limit).getTime();
+    var _start_time = new Date().getTime();
+    return end_time - _start_time;
+}
+
+function timer() {
+    var hours = Math.floor((time_remaining % (1000 * 60 * 60 * 24)) / (1000 * 60 * 60));
+    var minutes = Math.floor((time_remaining % (1000 * 60 * 60)) / (1000 * 60));
+    var seconds = Math.floor((time_remaining % (1000 * 60)) / 1000);
+
+    if (time_remaining > 0) {
+        var timer_display = '';
+        if (hours > 0) {
+            timer_display = `${hours.toString()}:`;
+        }
+        if (minutes > 0 || hours > 0) {
+            if (minutes < 10) {
+                timer_display += `0${minutes.toString()}:`;
+            } else {
+                timer_display += `${minutes.toString()}:`;
+            }
+        }
+        if (seconds < 10) {
+            timer_display += `0${seconds.toString()}`;
+        } else {
+            timer_display += seconds.toString();
+        }
+        $timer.html(timer_display);
+        time_remaining -= 1000
+    } else {
+        $timer.html('Expired');
+        clearInterval(clock);
+        stop()
+    }
+}
+
+function stop() {
+    $quiz_render.fadeOut();
+    $quiz_navigator.fadeOut();
+    $quiz_timeout.fadeIn();
+    $("#btn-toggle-navigator").addClass('disabled');
+    $("#btn-toggle-settings").addClass('disabled')
+}
+
+function count_questions(status) {
+    output = 0;
+    for (let i = 0; i < Object.keys(question_status).length; i++) {
+        key = Object.keys(question_status)[i];
+        if (question_status[key] == status){
+            output ++;
+        }
+    }
+    return output;
+}
+
+// Variable Definitions
+
+const id = window.localStorage.getItem('id');
+
+var current_question = 0;
+var total_questions = 0;
+var question_status = {};
+var answers = {};
+var questions = [];
+var time_limit, start_time, time_remaining;
+
+var display_settings = get_settings_from_storage();
+
+const $quiz_settings = $("#quiz-settings");
+const $quiz_navigator = $("#quiz-navigator");
+const $quiz_render = $("#quiz-render");
+const $quiz_timeout = $("#quiz-timeout");
+const $nav_flag = $("#q-nav-flag");
+const $nav_next = $("#q-nav-next");
+const $nav_prev = $("#q-nav-prev");
+const $nav_container = $("#navigator-container");
+const $timer = $("#q-timer-display");
+var clock
+
+var toggle_settings = false;
+var toggle_navigator = false;
+
+const $question_title = $("#quiz-question-title");
+const $question_header = $("#quiz-question-header");
+const $question_text = $("#quiz-question-text");
+const $question_options = $("#quiz-question-options");
+
+const $progress_skipped = $("#skipped-bar");
+const $progress_answered = $("#answered-bar");
+const $progress_flagged = $("#flagged-bar");
+const $skipped_count = $("#skipped-count");
+const $answered_count = $("#answered-count");
+const $flagged_count = $("#flagged-count");
+
+// Execution on Load
+
+apply_settings(display_settings);
+check_started();

ref-test/app/quiz/static/js/script.js

@@ -0,0 +1,86 @@
+$(document).ready(function() {
+    $("#od-font-test").click(function(){
+        $("body").css("font-family", "opendyslexic3regular")
+    });
+
+    $('.test-code-input').keyup(function() {
+        var input = $(this).val().split("-").join("").split("—").join("");
+        if (input.length > 0) {
+          input = input.match(new RegExp('.{1,4}', 'g')).join("—");
+        }
+        $(this).val(input);
+    });
+});
+
+$('form[name=form-quiz-start]').submit(function(event) {
+    
+    var $form = $(this);
+    var data = $form.serialize();
+
+    $.ajax({
+        url: window.location.pathname,
+        type: 'POST',
+        data: data,
+        dataType: 'json',
+        success: function(response) {
+            var id = response.id
+            window.localStorage.setItem('id', id);
+            window.location.href = `/quiz/`;
+        },
+        error: function(response) {
+            error_response(response);
+        }
+    });
+
+    event.preventDefault();
+});
+
+function error_response(response) {
+
+    const $alert = $("#alert-box");
+    $alert.html('');
+
+    if (typeof response.responseJSON.error === 'string' || response.responseJSON.error instanceof String) {
+        $alert.html(`
+        <div class="alert alert-danger alert-dismissible fade show" role="alert">
+            <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
+            ${response.responseJSON.error}
+            <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+        </div>
+        `);
+    } else if (response.responseJSON.error instanceof Array) {
+        var output = ''
+        for (var i = 0; i < response.responseJSON.error.length; i ++) {
+            output += `
+            <div class="alert alert-danger alert-dismissible fade show" role="alert">
+                <i class="bi bi-exclamation-triangle-fill" title="Danger"></i>
+                ${response.responseJSON.error[i]}
+                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+            </div>
+            `;
+            $alert.html(output);
+        }
+    }
+}
+
+// Dismiss Cookie Alert
+$('#dismiss-cookie-alert').click(function(event){
+
+    $.ajax({
+        url: '/cookies/',
+        type: 'POST',
+        data: {
+            time: Date.now()
+        },
+        dataType: 'json',
+        success: function(response){
+            console.log(response);
+        },
+        error: function(response){
+            console.log(response);
+        }
+    })
+
+    event.preventDefault();
+
+})

ref-test/app/quiz/templates/quiz/client.html

@@ -0,0 +1,279 @@
+{% extends "quiz/components/base.html" %}
+
+{% block style %}
+<link 
+    rel="stylesheet"
+    href="{{ url_for('.static', filename='css/quiz.css') }}"
+/>
+{% endblock %}
+
+{% block content %}
+    <div id="alert-box" tabindex="-1"></div>
+    <div class="container quiz-panel" id="quiz-settings" tabindex="-1">
+        <h1>Adjust Display Settings</h1>
+        <div class="container quiz-start-text">
+            You can use this panel to adjust the display settings for the exam. Please use the menu below to select the font face and font size. Below is a sample question so you can see how the exam will render with your chosen settings.
+        </div>
+        <div class="alert alert-primary quiz-start-text" role="alert">
+            <strong>Note</strong>: Some fonts may not be available depending on your device and/or operating system.
+        </div>
+        <form action="#" name="quiz-configuration">
+            <div class="container">
+                <div class="row gx-5 gy-5">
+                    <div class="col">
+                        <h5>
+                            Select Font
+                        </h5>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="osdefault" name="font-select" value="osdefault" checked>
+                            <label for="osdefault" class="form-check-label q-f-osdefault">OS Default</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="arial" name="font-select" value="arial">
+                            <label for="arial" class="form-check-label q-f-arial">Arial</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="comicsans" name="font-select" value="comicsans">
+                            <label for="comicsans" class="form-check-label q-f-comicsans">Comic Sans</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="opendyslexic" name="font-select" value="opendyslexic">
+                            <label for="opendyslexic" class="form-check-label q-f-opendyslexic">OpenDyslexic</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="tahoma" name="font-select" value="tahoma">
+                            <label for="tahoma" class="form-check-label q-f-tahoma">Tahoma</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="verdana" name="font-select" value="verdana">
+                            <label for="verdana" class="form-check-label q-f-verdana">Verdana</label>
+                        </div>
+                    </div>
+                    <div class="col">
+                        <h5>
+                            Select Font Size
+                        </h5>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="12pt" name="font-size" value="12pt" checked>
+                            <label for="12pt" class="form-check-label q-f-12pt">12pt</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="14pt" name="font-size" value="14pt" checked>
+                            <label for="14pt" class="form-check-label q-f-14pt">14pt (Default)</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="16pt" name="font-size" value="16pt">
+                            <label for="16pt" class="form-check-label q-f-16pt">16pt</label>
+                        </div>
+                        <div class="form-check">
+                            <input type="radio" class="form-check-input" id="18pt" name="font-size" value="18pt">
+                            <label for="18pt" class="form-check-label q-f-18pt">18pt</label>
+                        </div>
+                    </div>
+                </div>
+                <div class="row gx-5 gy-5 mt-1">
+                    <div class="col">
+                        <h5>Select Background Colour</h5>
+                        <div class="p-3 bg-light text-dark bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="bg-light" name="bg-select" value="bg-light" checked>
+                                <label for="bg-light" class="form-check-label">Default Light</label>
+                            </div>
+                        </div>
+                        <div class="p-3 q-bg-light-1 text-dark bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="q-bg-light-1" name="bg-select" value="q-bg-light-1">
+                                <label for="q-bg-light-1" class="form-check-label">Light Shade 1</label>
+                            </div>
+                        </div>
+                        <div class="p-3 q-bg-light-2 text-dark bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="q-bg-light-2" name="bg-select" value="q-bg-light-2">
+                                <label for="q-bg-light-2" class="form-check-label">Light Shade 2</label>
+                            </div>
+                        </div>
+                        <div class="p-3 alert-primary text-dark bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="alert-primary" name="bg-select" value="alert-primary">
+                                <label for="alert-primary" class="form-check-label">Blue</label>
+                            </div>
+                        </div>
+                        <div class="p-3 alert-secondary text-dark bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="alert-secondary" name="bg-select" value="alert-secondary">
+                                <label for="alert-secondary" class="form-check-label">Grey 1</label>
+                            </div>
+                        </div>
+                        <div class="p-3 alert-dark text-dark bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="alert-dark" name="bg-select" value="alert-dark">
+                                <label for="alert-dark" class="form-check-label">Grey 2</label>
+                            </div>
+                        </div>
+                        <div class="p-3 bg-dark text-light bg-select-area">
+                            <div class="form-check">
+                                <input type="radio" class="form-check-input" id="bg-dark" name="bg-select" value="bg-dark">
+                                <label for="bg-dark" class="form-check-label">Dark</label>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </form>
+        <div class="container question-container quiz-start-text">
+            <h4 class="question-title">Sample Question</h4>
+            <p class="question-header">
+                Korfball is a mixed-sex, controlled-contact, indoor, invasion ball sport. The sport originated in the Netherlands. It is a mixed-sex team sport. Its governing body is the International Korball Federation. There are numerous korfball leagues and associations around the world. A korfball match is officiated by a referee.
+            </p>
+            <p class="question-text">
+                In order to be a referee, what do you need to know?
+            </p>
+            <div class="options">
+                <div class="form-check">
+                    <input type="radio" class="form-check-input" id="sample0" name="sample" value="0">
+                    <label for="sample0" class="form-check-label">The rules of korfball</label>
+                </div>
+                <div class="form-check">
+                    <input type="radio" class="form-check-input" id="sample1" name="sample" value="1">
+                    <label for="sample1" class="form-check-label">The way of the Jedi Order</label>
+                </div>
+                <div class="form-check">
+                    <input type="radio" class="form-check-input" id="sample2" name="sample" value="2">
+                    <label for="sample2" class="form-check-label">The <i>Dungeons &amp; Dragons Fifth Edition Monster Manual</i>.</label>
+                </div>
+                <div class="form-check">
+                    <input type="radio" class="form-check-input" id="sample3" name="sample" value="2">
+                    <label for="sample3" class="form-check-label">The Trade Union and Labour Relations (Consolidation) Act 1992.</label>
+                </div>
+                <div class="form-check">
+                    <input type="radio" class="form-check-input" id="sample4" name="sample" value="4" checked>
+                    <label for="sample4" class="form-check-label">All of the above</i></label>
+                </div>
+            </div>
+        </div>
+        <div class="row mt-3">
+            <p class="quiz-start-text">
+                When you are happy with the settings, click <strong>&lsquo;Start the Exam&rsquo;</strong> below to proceed. You can change these settings at any time using the red gear <a class="btn btn-danger btn-dummy" tabindex="-1" aria-title="Settings" title="Settings"><i class="bi bi-gear-fill"></i></a> button on the exam console.
+            </p>
+            <div class="control-button-container">
+                <a href="#" class="btn btn-success btn-quiz-control" id="btn-start-quiz">Start the Exam</a>
+                <a href="#" class="btn btn-success btn-quiz-control btn-quiz-return" style="display: none;">Resume Exam</a>
+            </div>
+        </div>
+    </div>
+    <div class="container quiz-panel" style="display: none;" id="quiz-navigator" tabindex="-1">
+        <h1 class="navigator-text">
+            Question Grid
+        </h1>
+        <h1 class="review-text" style="display: none;">
+            Review Your Answers
+        </h1>
+        <div class="navigator-text">
+            This question grid displays the progress you have on the exam so far. Each question is represented by an icon below, and you can click on each icon to skip to that question.
+
+            The icons below are colour-coded to represent the status of each question.
+        </div>
+        <div class="review-text" style="display: none;">
+            You can use this panel to review your answers before you submit the exam. You will not be able to amend your answers after you submit.
+
+            Each question is represented by an icon below, and you can click on each icon to skip to that question. The icons below are colour-coded to represent the status of each question.
+        </div>
+        <table class="navigator-help">
+            <tr>
+                <td>
+                    <a class="q-navigator-button btn btn-danger progress-bar-striped btn-dummy" title="Question: Incomplete">Q</a>
+                </td>
+                <td>
+                    A red and striped icon represents a question that you have skipped, and have not otherwise flagged for revision.
+                </td>
+            </tr>
+            <tr>
+                <td>
+                    <a class="q-navigator-button btn btn-warning btn-dummy" title="Question: Flagged">Q</a>
+                </td>
+                <td>
+                    A yellow icon represents a question that you have flagged for revision.
+                </td>
+            </tr>
+            <tr>
+                <td>
+                    <a class="q-navigator-button btn btn-success btn-dummy" title="Question: Answered">Q</a>
+                </td>
+                <td>
+                    A green icon represents a question that you have answered, and have not otherwise flagged for revision.
+                </td>
+            </tr>
+            <tr>
+                <td>
+                    <a class="q-navigator-button btn btn-secondary disabled btn-dummy" title="Question: Unseen">Q</a>
+                </td>
+                <td>
+                    A greyed-out icon represents a question that you have not yet seen.
+                </td>
+            </tr>
+        </table>
+        <div id="navigator-container">
+        </div>
+        <div class="control-button-container navigator-text">
+            <a href="#" class="btn btn-success btn-quiz-control btn-quiz-return">Resume Exam</a>
+        </div>
+        <div class="control-button-container review-text">
+            <a href="#" class="btn btn-danger btn-quiz-control btn-quiz-return">Back to Exam</a>
+            <a href="#" class="btn btn-success quiz-button-submit">Submit Exam</a>
+        </div>
+    </div>
+    <div class="container quiz-panel quiz-console" style="display: none" id="quiz-render">
+        <h1>
+            Exam Console
+        </h1>
+        <div class="container question-container">
+            <div class="progress">
+                <div id="answered-bar" class="progress-bar bg-success" role="progressbar" aria-valuenow="0" aria-valuemin="0" aria-valuemax="100"></div>
+                <div id="flagged-bar" class="progress-bar bg-warning" role="progressbar" aria-valuenow="0" aria-valuemin="0" aria-valuemax="100"></div>
+                <div id="skipped-bar" class="progress-bar progress-bar-striped bg-danger" role="progressbar" aria-valuenow="0" aria-valuemin="0" aria-valuemax="100"></div>
+            </div>
+            <div class="counters">
+                <div id="answered-count" class="badge rounded-pill bg-success" style="display: none;">Answered: 0</div>
+                <div id="flagged-count" class="badge rounded-pill bg-warning"style="display: none;">Flagged: 0</div>
+                <div id="skipped-count" class="badge rounded-pill bg-danger progress-bar-striped"style="display: none;">Skipped: 0</div>
+            </div>
+            <h4 class="question-title" id="quiz-question-title" tabindex="-1">
+                Question x.
+            </h4>
+            <p class="question-header" id="quiz-question-header">
+                Question Header
+            </p>
+            <p class="question-text" id="quiz-question-text">
+                Question Text
+            </p>
+            <div class="options" id="quiz-question-options">
+                Options
+            </div>
+        </div>
+        <div class="control-button-container">
+            <a href="#" class="btn btn-success q-question-nav" id="q-nav-prev" title="Previous Question"><i class="bi bi-caret-left-square-fill"></i>&nbsp;Back</a>
+            <a href="#" class="btn btn-secondary" id="q-nav-flag" title="Question Un-Flagged. Click to flag for revision."><i class="bi bi-flag-fill"></i></a>
+            <a href="#" class="btn btn-success q-question-nav" id="q-nav-next" title="Next Question">Next&nbsp;<i class="bi bi-caret-right-square-fill"></i></a>
+        </div>
+        <div class="control-button-container">
+            <a href="#" class="btn btn-primary" id="q-review-answers" title="Submit Answers">Submit Answers</a>
+        </div>
+    </div>
+    <div class="container quiz-panel quiz-timeout" style="display: none;" id="quiz-timeout">
+        <h1>
+            Time Limit Expired
+        </h1>
+        <p>
+            The time limit set for this exam has expired. You must submit your answers immediately.
+        </p>
+        <div class="control-button-container">
+            <a href="#" class="btn btn-success quiz-button-submit" title="Submit Exam">Submit Exam</a>
+        </div>
+    </div>
+{% endblock %}
+{% block script %}
+<script
+    type="text/javascript"
+    src="{{ url_for('.static', filename='js/quiz.js') }}"
+></script>
+{% endblock %}

ref-test/app/quiz/templates/quiz/components/base.html

@@ -15,7 +15,10 @@
             rel="stylesheet"
             href="{{ url_for('.static', filename='css/style.css') }}"
         />
-        <title>{% block title %} SKA Referee Test {% endblock %}</title>
+        {% block style %}
+        {% endblock %}
+        <title>{% block title %} SKA Referee Test Beta {% endblock %}</title>
+        {% include "quiz/components/og-meta.html" %}
     </head>
     <body class="bg-light">
 
@@ -28,11 +31,11 @@
                 {% include "quiz/components/server-alerts.html" %}
             {% endblock %}
             {% block content %}{% endblock %}
-        </div>
 
-        <footer class="container site-footer">
+            <footer class="container site-footer">
-            {% include "quiz/components/footer.html" %}
+                {% include "quiz/components/footer.html" %}
-        </footer>
+            </footer>
+        </div>
 
         <!-- JQuery, Popper, and Bootstrap js dependencies -->
         <script
@@ -40,6 +43,9 @@
             integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4="
             crossorigin="anonymous">
         </script>
+        <script>
+            window.jQuery || document.write(`<script src="{{ url_for('.static', filename='js/jquery-3.6.0.min.js') }}"><\/script>`)
+        </script>
         <script
             src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js"
             integrity="sha384-7+zCNj/IqJ95wo16oMtfsKbZ9ccEh31eOz1HGyDuCQ6wgnyJNSYdrPa03rtR1zdB"
@@ -51,9 +57,22 @@
             crossorigin="anonymous"
         ></script>
         <!-- Custom js -->
+        <script type="text/javascript">
+            var csrf_token = "{{ csrf_token() }}";
+        
+            $.ajaxSetup({
+                beforeSend: function(xhr, settings) {
+                    if (!/^(GET|HEAD|OPTIONS|TRACE)$/i.test(settings.type) && !this.crossDomain) {
+                        xhr.setRequestHeader("X-CSRFToken", csrf_token);
+                    }
+                }
+            });
+        </script>
         <script
             type="text/javascript"
             src="{{ url_for('.static', filename='js/script.js') }}"
         ></script>
+        {% block script %}
+        {% endblock %}
     </body>
 </html>

ref-test/app/quiz/templates/quiz/components/footer.html

@@ -0,0 +1,3 @@
+<p>This web app was developed by Vivek Santayana. The source code for the web app, excluding any data pertaining to the questions in the quiz, is freely available at <a href="https://git.vsnt.uk/viveksantayana/ska-referee-test">Vivek&rsquo;s personal GIT repository</a> under an MIT License.</p>
+<p>All questions in the test are &copy; The Scottish Korfball Association {{ now.year }}. All rights are reserved.</p>
+<p>OpenDyslexic 3 is an open source typeface created by Abbie Gonzalez, licensed under a <a href="https://scripts.sil.org/OFL">SIL-OFL</a>. More information about OpenDyslexic is available <a href="https://opendyslexic.org/">on the project web site</a>.</p>

ref-test/app/quiz/templates/quiz/components/navbar.html

@@ -0,0 +1,14 @@
+<nav class="navbar fixed-top navbar-expand-md navbar-dark bg-dark" id="primary-nav">
+    <div class="container">
+        <p class="navbar-brand mb-0 h1">SKA Refereeing Test (Beta)</p>
+        <div class="quiz-console w-100" style="display: none;" id="q-topbar">
+            <div class="d-flex justify-content align-middle">
+                <div class="container d-flex justify-content-center">
+                    <span class="text-light q-timer" id="q-timer-widget" style="display: none;"><i class="bi bi-stopwatch-fill"></i>&nbsp;<span id="q-timer-display"></span></span>
+                </div>
+                <a href="#" class="btn btn-warning" aria-title="Question Grid" title="Question Grid" id="btn-toggle-navigator"><i class="bi bi-table"></i></a>
+                <a href="#" class="btn btn-danger" aria-title="Settings" title="Settings" id="btn-toggle-settings"><i class="bi bi-gear-fill"></i></a>
+            </div>
+        </div>
+    </div>
+</nav>

ref-test/app/quiz/templates/quiz/components/og-meta.html

@@ -0,0 +1,17 @@
+<meta name="description" content="A web app for taking the Scottish Korfball Association Refereeing Theory Exam on-line." />
+<meta property="og:locale" content="en_UK" />
+<meta property="og:type" content="website" />
+<meta property="og:description" content="A web app for taking the Scottish Korfball Association Refereeing Theory Exam on-line." />
+<meta property="og:url" content="{{ url_for(request.endpoint, _external = True, **request.view_args) }}" />
+<meta property="og:site_name" content="Scottish Korfball Association Referee Theory Exam" />
+<meta property="og:image" content="{{ url_for('static', filename='favicon.png', _external = True) }}" />
+<meta property="og:image:alt" content="Logo of the SKA Refereeing Exam App" />
+<meta property="og:image:width" content="512" />
+<meta property="og:image:height" content="512" />
+<meta name="twitter:card" content="summary" />
+<meta name="twitter:description" content="A web app for taking the Scottish Korfball Association Refereeing Theory Exam on-line." />
+<meta name="twitter:image" content="{{ url_for('static', filename='favicon.png', _external = True) }}" />
+<meta name="twitter:image:alt" content="Logo of the SKA Refereeing Exam App" />
+<meta name="twitter:creator" content="@viveksantayana" />
+<meta name="twitter:site" content="@viveksantayana" />
+<meta name="theme-color" content="#343a40" />

ref-test/app/quiz/templates/quiz/components/server-alerts.html

@@ -0,0 +1,43 @@
+{% with messages = get_flashed_messages(with_categories=true) %}
+    {% if messages %}
+        {% set cookie_flash_flag = namespace(value=False) %}
+        {% for category, message in messages %}
+            {% if category == "error" %}
+                <div class="alert alert-danger alert-dismissible fade show" role="alert">
+                    <i class="bi bi-exclamation-triangle-fill" title="Error" aria-title="Error"></i>
+                    {{ message|safe }}
+                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+                </div>
+            {% elif category == "success" %}
+                <div class="alert alert-success alert-dismissible fade show" role="alert">
+                    <i class="bi bi-check2-circle" title="Success" aria-title="Success"></i>
+                    {{ message|safe }}
+                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+                </div>
+            {% elif category == "warning" %}
+                <div class="alert alert-warning alert-dismissible fade show" role="alert">
+                    <i class="bi bi-info-circle-fill" aria-title="Warning" title="Warning"></i>
+                    {{ message|safe }}
+                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+                </div>
+            {% elif category == "cookie_alert" %}
+                {% if not cookie_flash_flag.value %}
+                    <div class="alert alert-primary alert-dismissible fade show" id="cookie-alert" role="alert">
+                        <i class="bi bi-info-circle-fill" title="Cookie Alert" aria-title="Cookie Alert"></i>
+                        {{ message|safe }}
+                        <div class="d-flex justify-content-center w-100">
+                            <button type="button" id="dismiss-cookie-alert" class="btn btn-success" data-bs-dismiss="alert" aria-label="Close">Accept</button>
+                        </div>
+                    </div>
+                    {% set cookie_flash_flag.value = True %}
+                {% endif %}
+            {% else %}
+                <div class="alert alert-primary alert-dismissible fade show" role="alert">
+                    <i class="bi bi-info-circle-fill" title="Alert"></i>
+                    {{ message|safe }}
+                    <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+                </div>
+            {% endif %}
+        {% endfor %}
+    {% endif %}
+{% endwith %}