def register():
"""View function for Register."""
# Create the form object for RegisterForm.
form = RegisterForm()
# Create the form object for OpenIDForm.
openid_form = OpenIDForm()
# Send the request for login to relay party(URL).
if openid_form.validate_on_submit():
return openid.try_login(openid_from.openid_url.data,
ask_for=['nickname', 'email'],
ask_for_optional=['fullname'])
# Try to login the relay party failed.
openid_errors = openid.fetch_error()
if openid_errors:
flash(openid_errors, category='danger')
# Will be check the username whether exist.
if form.validate_on_submit():
new_user = User(username=form.username.data,
password=form.password.data)
db.session.add(new_user)
db.session.commit()
flash('Your user has been created, please login.', category="success")
return redirect(url_for('main.login'))
return render_template('register.html', form=form, openid_form=openid_form)
def twitter_authorized(resp):
if resp is None:
return 'Access denied: reason: {} error:{}'.format(
request.args['error_reason'], request.args['error_description'])
session['twitter_oauth_token'] = resp['oauth_token'] + \
resp['oauth_token_secret']
user = User.query.filter_by(username=resp['screen_name']).first()
if not user:
user = User(username=resp['screen_name'], password='******')
db.session.add(user)
db.session.commit()
flash("You have been logged in.", category="success")
return redirect(request.args.get('next') or url_for('blog.home'))
def create_or_login(resp):
"""Will be execute after pass the auth via openid."""
from jmilkfansblog.models import db, User
usernmae = resp.fullname or resp.nickname or resp.email
if not username:
flash('Invalid login. Please try again.', 'danger')
return redirect(url_for('main.login'))
user = User.query.filter_by(username=usernmae).first()
if user is None:
user = User(username=username, password='******')
db.session.add(user)
db.session.commit()
# Logged in via OpenID.
return redirect(url_for('blog.home'))
def delete(self, post_id=None):
"""Will be execute when receive the HTTP Request Method `DELETE`."""
if not post_id:
abort(400)
post = Post.query.filter_by(id=post_id).first()
if not post:
abort(404)
args = parsers.post_delete_parser.parse_args(strict=True)
user = User.verify_auth_token(args['token'])
if user != post.user:
abort(403)
# Will be delete relationship record with posts_tags too.
# But you have to ensure the number of record equal with len(post.tags)
db.session.delete(post)
db.session.commit()
return "", 204
def facebook_authorized(resp):
if resp is None:
return 'Access denied: reason=%s error=%s' % (
request.args['error_reason'], request.args['error_description'])
session['facebook_oauth_token'] = (resp['access_token'], '')
me = facebook.get('/me')
if me.data.get('first_name', False):
facebook_username = me.data['first_name'] + " " + me.data['last_name']
else:
facebook_username = me.data['name']
user = User.query.filter_by(username=facebook_username).first()
if user is None:
user = User(username=facebook_username, password='******')
db.session.add(user)
db.session.commit()
flash('You have been logged in.', category='success')
return redirect(url_for('blog.home'))
def post(self, post_id=None):
"""Can be execute when receive HTTP Method `POST`.
"""
if post_id:
abort(400)
else:
args = parsers.post_post_parser.parse_args(strict=True)
# Validate the user identity via token(/api/auth POST).
# Will be create the post(/api/posts POST), if pass with validate token.
user = User.verify_auth_token(args['token'])
if not user:
abort(401)
new_post = Post()
new_post.title = args['title']
new_post.date = datetime.datetime.now()
new_post.text = args['text']
new_post.user = user
if args['tags']:
for item in args['tags']:
tag = Tag.query.filter_by(name=item).first()
# If the tag already exist, append.
if tag:
new_post.tags.append(tag)
# If the tag not exist, create the new one.
# Will be write into DB with session do.
else:
new_tag = Tag()
new_tag.name = item
new_post.tags.append(new_tag)
db.session.add(new_post)
db.session.commit()
return (new_post.id, 201)
def put(self, post_id=None):
"""Will be execute when receive the HTTP Request Methos `PUT`."""
if not post_id:
abort(400)
post = Post.query.filter_by(id=post_id).first()
if not post:
abort(404)
args = parsers.post_put_parser.parse_args()
user = User.verify_auth_token(args['token'])
if not user:
abort(401)
if user != post.user:
abort(403)
if args['title']:
post.title = args['title']
if args['text']:
post.text = args['text']
if args['tags']:
for item in args['tags']:
tag = Tag.query.filter_by(name=item).first()
if tag:
post.tags.append(tag)
else:
new_tag = Tag()
new_tag.name = item
post.tags.append(new_tag)
db.session.add(post)
db.session.commit()
return (post.id, 201)
import random
import datetime
from uuid import uuid4
from jmilkfansblog.models import db, User, Post, Role, BrowseVolume
admin_role = Role(id=str(uuid4()), name='admin')
poster_role = Role(id=str(uuid4()), name='poster')
default_role = Role(id=str(uuid4()), name='default')
browse_volume = BrowseVolume(id=str(uuid4()))
db.session.add(default_role)
db.session.add(browse_volume)
db.session.commit()
admin_user = User(id=str(uuid4()),
username='******',
password='******')
admin_user.roles = [admin_role, poster_role, default_role]
db.session.add(admin_user)
db.session.commit()