def register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() cur = db.cursor() cur.execute('SELECT username FROM users WHERE username = %s', (username, )) error = None if not username: error = 'You need a username to register' elif not password: error = 'Your password needs to be longer than 0 characters' elif len(password) < 5: error = 'Your password needs to be longer than 4 characters' elif cur.fetchone() is not None: error = 'This username is already taken' if error is None: cur.execute( 'INSERT INTO users (username, password) VALUES (%s, %s)', (username, generate_password_hash(password))) db.commit() return (redirect(url_for('auth.login'))) flash(error) return render_template('auth/register.html')
def delete(id): db = get_db() cur = db.cursor() cur.execute('DELETE FROM feeds WHERE id = %s', (id, )) db.commit() return redirect(url_for('feeds.index'))
def load_logged_in_user(): user = session.get('user') if user is None: g.user = None else: cur = get_db().cursor() cur.execute('SELECT username FROM users WHERE username = %s', (user, )) g.user = cur.fetchone()
def index(): db = get_db() cur = db.cursor() if g.user is not None: cur.execute('SELECT url, id FROM feeds WHERE username = %s', (g.user[0], )) urls = cur.fetchall() feeds = digest_feeds(urls) else: feeds = [] return render_template('feeds/index.html', feeds=feeds)
def subscribe(): #add error handling for http exceptions #add to make sure feed isn't duplicate url = request.form['url'] db = get_db() cur = db.cursor() #Co-opt users User-Agent headers = {'User-Agent': request.headers.get('User-Agent')} req = Request(url=url, headers=headers) xml_response = urlopen(req) cur.execute('INSERT INTO feeds (username, url) VALUES (%s, %s)', (g.user, url)) db.commit() return redirect(url_for('feeds.index'))
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() cur = db.cursor() cur.execute('SELECT username, password FROM users WHERE username = %s', (username, )) user = cur.fetchone() error = None if user is None: error = 'Make sure you type your username in right' elif not check_password_hash(user[1], password): error = 'Password doesn\'t match username' if error is None: session.clear() session['user'] = user[0] return redirect(url_for('index')) flash(error) return render_template('auth/login.html')