def login():
# 如果已经登陆,直接跳到主页
if current_user.is_authenticated:
return render_template("blog/index.html")
else:
form = LoginForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
rememberMe = form.rememberMe.data
admin = Admin.query.first()
if admin:
if username == admin.username and admin.validate_password(
password):
# login_user()是flask-login中提供的登录函数
# 将根据从数据库中查询到的对象和表单张是否记住我选项,
# 封装一个user_id和remember字段放入cookie的session中
login_user(admin, rememberMe)
flash('%s欢迎回来' % admin.name, 'info')
return redirect_back()
flash('用户名或密码错误.', 'warning')
# 数据库中还没有管理员记录
else:
flash('No account in database!', 'warning')
return render_template("auth/login.html", form=form)
def change_theme(theme_name):
if theme_name not in current_app.config["BLOG_THEMES"].keys():
abort(404)
# 回到主页
rsps = make_response(redirect_back())
rsps.set_cookie("theme", theme_name, max_age=24 * 60 * 60)
return rsps
def set_comment(post_id):
post = Post.query.get_or_404(post_id)
if post.can_comment: # 如果可以评论就设置为禁止评论
post.can_comment = False
flash("该文章评论功能已被关闭!", "info")
else:
post.can_comment = True
flash("该文章评论功能已被打开!", "info")
db.session.commit()
return redirect_back(url_for("my_blog.show_post", post_id=post_id))
def logout():
logout_user()
flash("退出登录成功!", "info")
return redirect_back()
def delete_post(post_id):
post = Post.query.get_or_404(post_id)
db.session.delete(post)
db.session.commit()
flash('删除文章成功!', 'success')
return redirect_back()
def delete_comment(comment_id):
comment = Comment.query.get_or_404(comment_id)
db.session.delete(comment)
db.session.commit()
flash('删除评论成功!', 'success')
return redirect_back()
def approve_comment(comment_id):
comment = Comment.query.get_or_404(comment_id)
comment.reviewed = True
db.session.commit()
flash("来自%s的评论审核通过!" % comment.author, "success")
return redirect_back()