class ResetPasswordForm(FlaskForm):
password = PasswordField(_LT("Password"), validators=[DataRequired()])
password2 = PasswordField(_LT("Repeat Password"),
validators=[DataRequired(),
EqualTo("password")])
submit = SubmitField(_LT("Reset Password"))
class EditProfileForm(FlaskForm):
username = StringField(_LT("Username"), validators=[DataRequired()])
about_me = TextAreaField(_LT("About me"), validators=[Length(min=0, max=140)])
submit = SubmitField(_LT("Submit"))
def __init__(self, original_username, *args, **kwargs):
super(EditProfileForm, self).__init__(*args, **kwargs)
self.original_username = original_username
def validate_username(self, username):
# Validation must not fail when user doesn't change username
if username.data == self.original_username:
return
user = User.query.filter_by(username = username.data).first()
if user is not None:
raise ValidationError("Username is already taken")
class RegistrationForm(FlaskForm):
username = StringField(_LT("Username"), validators=[DataRequired()])
email = StringField(_LT("Email"), validators=[DataRequired(), Email()])
password = PasswordField(_LT("Password"), validators=[DataRequired()])
password2 = PasswordField(_LT("Repeat Password"),
validators=[DataRequired(),
EqualTo("password")])
submit = SubmitField(_LT("Register"))
def validate_username(self, username):
user = User.query.filter_by(username=username.data).first()
if user is not None:
raise ValidationError(_LT("Username is already taken"))
def validate_email(self, email):
user = User.query.filter_by(email=email.data).first()
if user is not None:
raise ValidationError(_LT("Email is already in use"))
class EmptyFollowForm(FlaskForm):
"""
Because the follow and unfollow actions introduce changes in the application,
we to implement them as POST requests, which are triggered from the web browser
as a result of submitting a web form. It would be easier to implement these routes
as GET requests, but then they could be exploited in CSRF attacks. Because GET
requests are harder to protect against CSRF, they should only be used on actions
that do not introduce state changes. Implementing these as a result of a form
submission is better because then a CSRF token can be added to the form.
"""
submit = SubmitField(_LT("Submit"))
class LoginForm(FlaskForm):
username = StringField(_LT("Username"), validators=[DataRequired()])
password = PasswordField(_LT("Password"), validators=[DataRequired()])
remember_me = BooleanField(_LT("Remember Me"))
submit = SubmitField(_LT("Sign In"))
class ResetPasswordRequestForm(FlaskForm):
email = StringField(_LT("Email"), validators=[DataRequired(), Email()])
submit = SubmitField(_LT("Request Password Reset"))
def validate_email(self, email):
user = User.query.filter_by(email=email.data).first()
if user is not None:
raise ValidationError(_LT("Email is already in use"))
def validate_username(self, username):
user = User.query.filter_by(username=username.data).first()
if user is not None:
raise ValidationError(_LT("Username is already taken"))
class UploadImagesForm(FlaskForm):
file = FileField(_LT("File"), validators = [FileRequired(), FileAllowed(["png"])])
submit = SubmitField(_LT("Submit"))
class PostForm(FlaskForm):
post = TextAreaField(_LT("Say something:"), validators = [DataRequired(), Length(min = 1, max = 140)])
submit = SubmitField(_LT("Submit"))
from flask_bootstrap import Bootstrap
from flask_login import LoginManager
from flask_mail import Mail
from flask_migrate import Migrate
from flask_moment import Moment
from flask_sqlalchemy import SQLAlchemy
from config import Config
db = SQLAlchemy()
migrate = Migrate()
login = LoginManager()
# Redirect users to login before accessing protected pages
login.login_view = "auth.login"
login.login_message = _LT("Please log in to access this page.")
mail = Mail()
bootstrap = Bootstrap()
moment = Moment()
babel = Babel()
def create_app(config_class=Config):
app = Flask(__name__)
app.config.from_object(config_class)
db.init_app(app)
migrate.init_app(app, db)
login.init_app(app)
mail.init_app(app)