def list_posts(): """ shows all posts and lets signed-in users post a picture, text or both """ form_post = PostForm() all_posts = PostsModel.query.all() authors = UserModel if request.method == 'POST' and check_auth(): if form_post.text.data or form_post.media.data: text = form_post.text.data media = form_post.media.data time = datetime.now() if media: media = save_file( current_user.username, media, 'post_uploads' ) # saves file to directory, returns filename PostsModel.add(time, text, media, current_user.id) return redirect('/posts') else: return render_template('posts.html', pages=generate_pages(), form=form_post, all_posts=all_posts, authors=authors)
def profile(username=None): """ by default shows the profile of a signed-in user, lets them edit their data or log out if a username is specified, shows read-only data of a profile linked to the username """ if request.method == 'POST': # happens when editing own data form_register = RegisterForm() if current_user.check_password(form_register.password.data): from app.database import db formatted_date = dob_string_to_datetime(form_register.dob.data) for x in set(form_register): if x.name == 'dob': x.data = formatted_date setattr(current_user, 'age', calculate_age(x.data)) if x.data and x.data != '' and x.name in current_user.__table__.c: if x.name == 'picture': x.data = save_file(current_user.username, x.data, 'profile_pictures') # saves file to directory, returns filename if x.name != 'password': setattr(current_user, x.name, x.data) db.session.commit() flash('მონაცემები წარმატებით განახლდა', 'alert-green') else: flash('პაროლი არასწორია – მონაცემები არ განახლდა', 'alert-red') return render_template('my_profile.html', pages=generate_pages(), form_register=RegisterForm()) elif username: user = UserModel.find_by_username(username) return render_template('people_profile.html', pages=generate_pages(), user=user) else: if check_auth(): return render_template('my_profile.html', pages=generate_pages(), form_register=RegisterForm()) return redirect('/')
def is_accessible(self): return check_auth()
def auth(): form_sign_in = SignInForm() form_register = RegisterForm() if check_auth(): return redirect(url_for('profiles.profile')) if request.method == 'POST': # Login Attempt if form_sign_in.validate_on_submit(): target_account = None identifier = form_sign_in.identifier.data.lower() login_password = form_sign_in.login_password.data remember_me = form_sign_in.remember_me.data # Check if logging in through Email if UserModel.find_by_email(identifier): target_account = UserModel.find_by_email(identifier) # Check if logging in through Username elif UserModel.find_by_username(identifier): target_account = UserModel.find_by_username(identifier) # Check Password only if the account was found either through Email or Username if target_account: if target_account.check_password( login_password): # Successful log-in flash('წარმატებით შეხვედით სისტემაში!', 'alert-green') if remember_me: login_user(target_account, remember=True) else: login_user(target_account) # redirect to a previously chosen link if request.args.get('next'): return redirect(request.args.get('next')) else: return redirect(url_for('profiles.profile')) else: # Wrong Password form_sign_in.login_password.data = '' flash('პაროლი არასწორია', 'alert-yellow') else: # Wrong Email or Username form_sign_in.identifier.data = '' flash('ამ მეილით ან იუზერნეიმით მომხმარებელი არ მოიძებნა', 'alert-yellow') # Register Attempt elif form_register.validate_on_submit(): success = True # initialize received data username = form_register.username.data.lower() name_first = form_register.name_first.data name_last = form_register.name_last.data email = form_register.email.data.lower() phone = form_register.phone.data dob = dob_string_to_datetime(form_register.dob.data) age = calculate_age(dob) sex = form_register.sex.data password = form_register.password.data # check if the username and email are unique if UserModel.find_by_username(username): success = False flash('იუზერნეიმი დაკავებულია', 'alert-yellow') elif UserModel.find_by_email(email): success = False flash('მეილი დაკავებულია', 'alert-yellow') if success: # check if picture was uploaded and save it picture_title = None picture = form_register.picture.data if picture: picture_title = save_file( username, picture, 'profile_pictures' ) # saves file to directory, returns filename # add everything to DB # needs to be changed role = 3 received_data = (username, name_first, name_last, email, phone, dob, sex, password, role, age, picture_title) create(received_data, UserModel) new_user = UserModel(*received_data) db.session.add(new_user) db.session.commit() flash('რეგისტრაცია წარმატებით დასრულდა!', 'alert-green') login_user(UserModel.find_by_username(username)) return redirect(url_for('success_register')) else: # When data didn't pass WTForms validators flash('მონაცემები არასწორადაა შეყვანილი. თავიდან სცადეთ.', 'alert-yellow') return render_template('auth.html', pages=generate_pages(), form_sign_in=form_sign_in, form_register=form_register)
def is_accessible(self): if check_auth(): if current_user.role_id <= 2: return True return False