def login():
session.permanent = True
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
user = User.objects(email=username).first()
if user is not None and check_user_password(username,password):
session['user'] = username
session['nickname'] = user.nickname
flash("login success!", 'success')
return redirect(url_for("main.index"))
else:
flash("username or password falid!", 'error')
return redirect(url_for("auth.login"))
else:
if session.get('user'):
flash("you are already logged in!", 'error')
return redirect(url_for('main.index'))
return render_template("auth/login.html", title="Login | "+ BLOG_TITLE)
def newpost():
if request.method == "POST":
posttitle = request.form.get("title")
posttag = request.form.get("tag")
posthtml = request.form.get("content")
author = User.objects(email=g.user).first()
if request.form.get("post-id"):
post = Post.objects(id=request.form.get("post-id")).first()
post.title = posttitle
post.tag = posttag
post.content = posthtml
post.author = author
post.created_at = datetime.datetime.now
post.save()
flash("Update success..","success")
else:
post = Post(title=posttitle, content = posthtml, tag=posttag, author = author)
post.save()
flash("Add success..","success")
return render_template("newpost.html", title = "New Post | "+BLOG_TITLE)