def admin_login(): user_check = Users.check_any_exist() if not user_check: return redirect(url_for("create_account")) if "user" in session: return redirect(url_for("account", username=session["user"])) error = None if request.method == "POST": token = session.pop('_csrf_token', None) if not token or token != request.form.get('_csrf_token'): abort(403) username = request.form.get("username").strip() password = request.form.get("password").strip() user = Users.get_user_by_username(username) if not user: error = "Incorrect Credentials" return render_template("login.html", error=error) else: if not user.check_password(password): error = "Incorrect Credentials" return render_template("login.html", error=error) else: session["user"] = user.username return redirect(url_for("account", username=user.username)) return render_template("login.html", error=error)
def admin_login(): user_check = Users.check_any_exist() if not user_check: return redirect(url_for("create_account")) if "user" in session: return redirect(url_for("account", username=session["user"])) error = None if request.method == "POST": token = session.pop('_csrf_token', None) if not token or token != request.form.get('_csrf_token'): abort(403) username = request.form.get("username").strip() password = request.form.get("password").strip() user = Users.get_user_by_username(username) if not user: error = "Incorrect Credentials" return render_template("login.html", error=error) else: if not user.check_password(password): error = "Incorrect Credentials" return render_template("login.html", error=error) else: session["user"] = user.username return redirect(url_for("account", username=user.username)) return render_template("login.html", error=error)
def post(self): title = request.form.get("title").strip() body = request.form.get("body").strip() user = Users.get_user_by_username(session["user"]) context = dict(title=title, body=body, author=user) additional = self.get_context() context.update(additional) if not title or not body: error = "Entry can\'t have empty title or body" context.update(dict(error=error)) return self.render_template(context) model = self.get_model() check = model.check_exists(title) if check: error = "Entry with that title already exists, choose a new one.." context.update(dict(error=error)) return self.render_template(context) else: context.update(self.process_additional_fields()) try: func = getattr(model, self.create_method()) func(**context) with app.app_context(): cache.clear() flash("Created") return redirect(url_for("account", username=session["user"])) except Exception as e: logger.debug(e) error = "Processing error see error.log for details" context.update(dict(error=error)) return self.render_template(context)
def test_utility_methods(self): with test_database(db, (Users,)): Users.create_user(username="******", password="******", real_name="real_name") self.assertEquals("real_name", Users.get_user_by_username("konrad").real_name) konrad = Users.get_user(1) self.assertTrue(konrad.check_password("test")) self.assertFalse(konrad.check_password("wrong_password"))
def account(username): """ Main account view """ if username is None: return redirect("/admin") user = Users.get_user_by_username(username) if not user: abort(404) articles = Articles.get_user_articles(user.username) projects = UserProjects.get_all_projects() return render_template("dashboard.html", user=user, articles=articles, projects=projects)
def account(username): """ Main account view """ if username is None: return redirect("/admin") user = Users.get_user_by_username(username) if not user: abort(404) articles = Articles.get_user_articles(user.username) projects = UserProjects.get_all_projects() return render_template("dashboard.html", user=user, articles=articles, projects=projects )
def test_utility_methods(self): with test_database(db, (Users, )): Users.create_user(username="******", password="******", real_name="real_name") self.assertEquals("real_name", Users.get_user_by_username("konrad").real_name) konrad = Users.get_user(1) self.assertTrue(konrad.check_password("test")) self.assertFalse(konrad.check_password("wrong_password"))
def set_info(): """Set user information""" user = Users.get_user_by_username(session['user']) real_name = request.form.get("real-name", None) description = request.form.get("description", None) user.real_name = real_name user.description = description try: user.save() except Exception as e: handle_errors("Error updating user info") abort(500) finally: with app.app_context(): cache.clear() return redirect(url_for('account_settings', username=session['user']))
def set_info(): """Set user information""" user = Users.get_user_by_username(session['user']) real_name = request.form.get("real-name", None) description = request.form.get("description", None) user.real_name = real_name user.description = description try: user.save() except Exception as e: handle_errors("Error updating user info") abort(500) finally: with app.app_context(): cache.clear() return redirect(url_for('account_settings', username=session['user']))
def about_edit(): user = Users.get_user_by_username(session["user"]) context = dict(additional_controls=False, show_title=False, body=user.about or "", title_placeholder=None, body_placeholder="Enter about page content...") if request.method == "POST": new_info = request.form.get("body").strip() try: user.about = new_info user.save() return redirect(url_for("account", username=session["user"])) except: context.update(error="Error when saving info,\ see error log for details") return render_template("scratchpad.html", **context) else: return render_template("scratchpad.html", **context)
def about_edit(): user = Users.get_user_by_username(session["user"]) context = dict(additional_controls=False, show_title=False, body=user.about or "", title_placeholder=None, body_placeholder="Enter about page content...") if request.method == "POST": new_info = request.form.get("body").strip() try: user.about = new_info user.save() return redirect(url_for("account", username=session["user"])) except: context.update(error="Error when saving info,\ see error log for details") return render_template("scratchpad.html", **context) else: return render_template("scratchpad.html", **context)
def upload_image(): error = None if request.method == "POST": description = request.form.get('description', None) if request.form.get("imgur-img"): image = request.files["image"] if not image: error = "No image chosen" return render_template("upload_image.html", error=error) user_id = get_config().imgur_id extension = split_filename(image.filename, True) if extension not in app.config["ALLOWED_FILENAMES"]: error = "Allowed extensions are %r"\ % (", ".join(app.config["ALLOWED_FILENAMES"])) return render_template("upload_image.html", error=error) filename = secure_filename(image.filename.strip()) user = Users.get_user_by_username(session["user"]) config = dict( image=image, name=filename, description=description) response = ImgurHandler(user_id, config).send_image() if not response["success"]: error = "Error uploading to imgur" return render_template("upload_image.html", error=error) response_data = response["data"] image_link = response_data["link"] is_vertical = response_data["width"] + 10 < response_data["height"] delete_hash = response_data["deletehash"] try: UserImages.add_image(image_link=image_link, description=description, delete_hash=delete_hash, is_vertical=is_vertical, imgur_img=True, owner=user) return redirect(url_for("user_images", username=user.username)) except: error = "Error writing to database" return render_template("upload_image.html", error=error) return render_template("upload_image.html", error=response) elif request.form.get('save-link'): link = request.form.get('image-link', None) if not link: error = "No link given" return render_template("upload_image.html", error=error) user = Users.get_user_by_username(session["user"]) try: UserImages.add_image(image_link=link, description=description, is_vertical=True, imgur_img=False, owner=user) return redirect(url_for("user_images", username=user.username)) except Exception as e: error = "Error writing to database" return render_template("upload_image.html", error=error) else: return render_template("upload_image.html")
def account_settings(username): user = Users.get_user_by_username(username) if not user: abort(404) return render_template("settings_panel.html", user=user)
def upload_image(): error = None if request.method == "POST": description = request.form.get('description', None) if request.form.get("imgur-img"): image = request.files["image"] if not image: error = "No image chosen" return render_template("upload_image.html", error=error) user_id = get_config().imgur_id extension = split_filename(image.filename, True) if extension not in app.config["ALLOWED_FILENAMES"]: error = "Allowed extensions are %r"\ % (", ".join(app.config["ALLOWED_FILENAMES"])) return render_template("upload_image.html", error=error) filename = secure_filename(image.filename.strip()) user = Users.get_user_by_username(session["user"]) config = dict(image=image, name=filename, description=description) response = ImgurHandler(user_id, config).send_image() if not response["success"]: error = "Error uploading to imgur" return render_template("upload_image.html", error=error) response_data = response["data"] image_link = response_data["link"] is_vertical = response_data["width"] + 10 < response_data["height"] delete_hash = response_data["deletehash"] try: UserImages.add_image(image_link=image_link, description=description, delete_hash=delete_hash, is_vertical=is_vertical, imgur_img=True, owner=user) return redirect(url_for("user_images", username=user.username)) except: error = "Error writing to database" return render_template("upload_image.html", error=error) return render_template("upload_image.html", error=response) elif request.form.get('save-link'): link = request.form.get('image-link', None) if not link: error = "No link given" return render_template("upload_image.html", error=error) user = Users.get_user_by_username(session["user"]) try: UserImages.add_image(image_link=link, description=description, is_vertical=True, imgur_img=False, owner=user) return redirect(url_for("user_images", username=user.username)) except Exception as e: error = "Error writing to database" return render_template("upload_image.html", error=error) else: return render_template("upload_image.html")
def account_settings(username): user = Users.get_user_by_username(username) if not user: abort(404) return render_template("settings_panel.html", user=user)