Ejemplo n.º 1
0
def list_posts():
    """
    shows all posts and lets signed-in users post a picture, text or both
    """
    form_post = PostForm()
    all_posts = PostsModel.query.all()
    authors = UserModel

    if request.method == 'POST' and check_auth():
        if form_post.text.data or form_post.media.data:
            text = form_post.text.data
            media = form_post.media.data
            time = datetime.now()

            if media:
                media = save_file(
                    current_user.username, media, 'post_uploads'
                )  # saves file to directory, returns filename

            PostsModel.add(time, text, media, current_user.id)

        return redirect('/posts')

    else:
        return render_template('posts.html',
                               pages=generate_pages(),
                               form=form_post,
                               all_posts=all_posts,
                               authors=authors)
Ejemplo n.º 2
0
def profile(username=None):
    """
    by default shows the profile of a signed-in user, lets them edit their data or log out
    if a username is specified, shows read-only data of a profile linked to the username
    """

    if request.method == 'POST':  # happens when editing own data
        form_register = RegisterForm()
        if current_user.check_password(form_register.password.data):
            from app.database import db
            formatted_date = dob_string_to_datetime(form_register.dob.data)

            for x in set(form_register):

                if x.name == 'dob':
                    x.data = formatted_date
                    setattr(current_user, 'age', calculate_age(x.data))

                if x.data and x.data != '' and x.name in current_user.__table__.c:
                    if x.name == 'picture':
                        x.data = save_file(current_user.username, x.data, 'profile_pictures')  # saves file to directory, returns filename

                    if x.name != 'password':
                        setattr(current_user, x.name, x.data)
                        db.session.commit()
            flash('მონაცემები წარმატებით განახლდა', 'alert-green')

        else:
            flash('პაროლი არასწორია – მონაცემები არ განახლდა', 'alert-red')

        return render_template('my_profile.html', pages=generate_pages(), form_register=RegisterForm())

    elif username:
        user = UserModel.find_by_username(username)
        return render_template('people_profile.html', pages=generate_pages(), user=user)

    else:
        if check_auth():
            return render_template('my_profile.html', pages=generate_pages(), form_register=RegisterForm())

    return redirect('/')
Ejemplo n.º 3
0
 def is_accessible(self):
     return check_auth()
Ejemplo n.º 4
0
def auth():
    form_sign_in = SignInForm()
    form_register = RegisterForm()

    if check_auth():
        return redirect(url_for('profiles.profile'))

    if request.method == 'POST':

        # Login Attempt
        if form_sign_in.validate_on_submit():
            target_account = None
            identifier = form_sign_in.identifier.data.lower()
            login_password = form_sign_in.login_password.data
            remember_me = form_sign_in.remember_me.data

            # Check if logging in through Email
            if UserModel.find_by_email(identifier):
                target_account = UserModel.find_by_email(identifier)

            # Check if logging in through Username
            elif UserModel.find_by_username(identifier):
                target_account = UserModel.find_by_username(identifier)

            #  Check Password only if the account was found either through Email or Username
            if target_account:
                if target_account.check_password(
                        login_password):  # Successful log-in
                    flash('წარმატებით შეხვედით სისტემაში!', 'alert-green')

                    if remember_me:
                        login_user(target_account, remember=True)
                    else:
                        login_user(target_account)

                    #  redirect to a previously chosen link
                    if request.args.get('next'):
                        return redirect(request.args.get('next'))

                    else:
                        return redirect(url_for('profiles.profile'))

                else:  # Wrong Password
                    form_sign_in.login_password.data = ''
                    flash('პაროლი არასწორია', 'alert-yellow')

            else:  # Wrong Email or Username
                form_sign_in.identifier.data = ''
                flash('ამ მეილით ან იუზერნეიმით მომხმარებელი არ მოიძებნა',
                      'alert-yellow')

        # Register Attempt
        elif form_register.validate_on_submit():
            success = True
            # initialize received data
            username = form_register.username.data.lower()
            name_first = form_register.name_first.data
            name_last = form_register.name_last.data
            email = form_register.email.data.lower()
            phone = form_register.phone.data
            dob = dob_string_to_datetime(form_register.dob.data)
            age = calculate_age(dob)
            sex = form_register.sex.data
            password = form_register.password.data

            # check if the username and email are unique
            if UserModel.find_by_username(username):
                success = False
                flash('იუზერნეიმი დაკავებულია', 'alert-yellow')
            elif UserModel.find_by_email(email):
                success = False
                flash('მეილი დაკავებულია', 'alert-yellow')

            if success:
                # check if picture was uploaded and save it
                picture_title = None
                picture = form_register.picture.data

                if picture:
                    picture_title = save_file(
                        username, picture, 'profile_pictures'
                    )  # saves file to directory, returns filename

                # add everything to DB           # needs to be changed
                role = 3
                received_data = (username, name_first, name_last, email, phone,
                                 dob, sex, password, role, age, picture_title)
                create(received_data, UserModel)
                new_user = UserModel(*received_data)
                db.session.add(new_user)
                db.session.commit()

                flash('რეგისტრაცია წარმატებით დასრულდა!', 'alert-green')
                login_user(UserModel.find_by_username(username))

                return redirect(url_for('success_register'))

        else:  # When data didn't pass WTForms validators
            flash('მონაცემები არასწორადაა შეყვანილი. თავიდან სცადეთ.',
                  'alert-yellow')

    return render_template('auth.html',
                           pages=generate_pages(),
                           form_sign_in=form_sign_in,
                           form_register=form_register)
Ejemplo n.º 5
0
 def is_accessible(self):
     if check_auth():
         if current_user.role_id <= 2:
             return True
     return False