def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
db, c = get_db()
c.execute('select * from user where id = %s', (user_id, ))
g.user = c.fetchone()
def index():
db, c = get_db()
c.execute(
'select t.id, t.description, u.username, t.completed, t.created_at '
'from todo t JOIN user u on t.created_by = u.id where t.created_by = %s '
'order by created_at desc ', (g.user['id'], ))
todos = c.fetchall()
return render_template('todo/index.html', todos=todos)
def get_todo(id):
db, c = get_db()
c.execute(
'select t.id, t.description, t.completed, t.created_by, t.created_at, u.username '
'from todo t join user u on t.created_by = u.id where t.id = %s',
(id, ))
todo = c.fetchone()
if todo is None:
abort(404, "El id de la tarea {0} no existe").format(id)
return todo
def create():
if request.method == 'POST':
description = request.form['description']
error = None
if not description:
error = 'Descripción incompleta'
if error is not None:
flash(error)
else:
db, c = get_db()
c.execute(
'insert into todo (description, completed, created_by)'
' values(%s, %s, %s)', (description, False, g.user['id']))
db.commit()
return redirect(url_for('homa.index'))
return render_template('todo/create.html')
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db, c = get_db()
error = None
c.execute('select * from user where username = %s', (username, ))
user = c.fetchone()
if user is None:
error = 'Usuario y/o contraseña inválida'
elif not check_password_hash(user['password'], password):
error = 'Usuario y/o contraseña inválida'
if error is None:
session.clear()
session['user_id'] = user['id']
return redirect(url_for('homa.index'))
flash(error)
return render_template('auth/login.html')
def update(id):
todo = get_todo(id)
if request.method == 'POST':
description = request.form['description']
completed = True if request.form.get('completed') == 'on' else False
error = None
if not description:
error = "Descrpición requerida"
if error is not None:
flash(error)
else:
db, c = get_db()
c.execute(
'update todo set description = %s, completed = %s'
' where id = %s and created_by = %s',
(description, completed, id, g.user['id']))
db.commit()
return redirect(url_for('homa.index'))
return render_template('todo/update.html', todo=todo)
def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db, c = get_db()
error = None
c.execute('select id from user where username = %s', (username, ))
if not username:
error = 'Ingrese su usuario'
if not password:
error = 'Ingrese su contraseña'
elif c.fetchone() is not None:
error = 'Usuario {} ya esta registrado'.format(username)
if error is None:
c.execute('insert into user (username, password) values(%s, %s)',
(username, generate_password_hash(password)))
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def delete(id):
db, c = get_db()
c.execute('delete from todo where id = %s and created_by = %s',
(id, g.user['id']))
db.commit()
return redirect(url_for('homa.index'))