def post(post_id):
post = Post.query.get_or_404(
post_id) # give me post with id , if doesnt exist = 404
post.title = f.decrypt(post.title).decode() #decrypt posts using fernet
post.content = f.decrypt(post.content).decode()
return render_template('post.html', title=post.title, post=post)
def journal(journal_id):
journal = Journal.query.get_or_404(
journal_id) # give me journals with id , if doesnt exist = 404
if journal.author != current_user: # block access for other users to private journal as journals are visible only by account owner
abort(403)
journal.title = f.decrypt(journal.title).decode() #decrypt using fernet
journal.content = f.decrypt(journal.content).decode()
return render_template('journal.html',
title=journal.title,
journal=journal)
def home():
page = request.args.get('page', 1, type=int)
posts = Post.query.order_by(Post.date_posted.desc()).paginate(
page=page, per_page=7) #page pagination linked with home page
##show posts of all users (decrypt them using fernet)
print(posts.items)
# print(posts.post)
for i, items in enumerate(posts.items):
print(i, items)
print(posts.items[i].title)
posts.items[i].title = f.decrypt(posts.items[i].title).decode()
posts.items[i].content = f.decrypt(posts.items[i].content).decode()
return render_template('home.html', posts=posts)
def myblog():
if current_user.is_authenticated:
page = request.args.get('page', 1, type=int)
user = User.query.filter_by(username=current_user.username).first_or_404()
posts = Post.query.filter_by(author=user)\
.order_by(Post.date_posted.desc())\
.paginate(page=page, per_page=5) # didnt have time to finish pagination :)
#print all account owners posts
for i, items in enumerate(posts.items):
print(i, items)
print(posts.items[i].title)
posts.items[i].title = f.decrypt(posts.items[i].title).decode()
posts.items[i].content = f.decrypt(posts.items[i].content).decode()
return render_template('myblog.html', posts=posts, user=user)
def private_journal():
if current_user.is_authenticated:
page = request.args.get('page', 1, type=int)
user = User.query.filter_by(username=current_user.username).first_or_404()
journals = Journal.query.filter_by(author=user)\
.order_by(Journal.date_posted.desc())\
.paginate(page=page, per_page=100) #didnt have time to finish pagination for private journals :)
for i, items in enumerate(journals.items):
print(i, items)
print(journals.items[i].title)
journals.items[i].title = f.decrypt(journals.items[i].title).decode()
journals.items[i].content = f.decrypt(
journals.items[i].content).decode()
return render_template('private_journal.html',
journals=journals,
user=user)
def update_post(post_id):
post = Post.query.get_or_404(
post_id) # give me post with id , if doesnt exist = 404
if post.author != current_user: # don't let update posts if not logged as blog owner
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = f.encrypt(bytes(form.title.data, 'utf-8'))
post.content = f.encrypt(bytes(form.content.data, 'utf-8'))
db.session.commit()
flash('Your post has been updated', 'success')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = f.decrypt(post.title).decode()
form.content.data = f.decrypt(post.content).decode()
return render_template('create_post.html',
title='Update Post',
form=form,
legend='Update Post')