Example #1
0
def topic_edit(topic_id):
    topic = db.query(Topic).get(int(topic_id))

    if request.method == "GET":
        return render_template("topic/topic_edit.html", topic=topic)

    elif request.method == "POST":
        title = request.form.get("title")
        text = request.form.get("text")

        session_token = request.cookies.get("session_token")
        user = db.query(User).filter_by(session_token=session_token).first()

        if not user:
            return redirect(url_for('auth.login'))
        elif topic.author.id != user.id:
            return "Nie jestes autorem posta!!!"
        else:
            topic.title = title
            topic.text = text
            db.add(topic)
            db.commit()

            return redirect(
                url_for('topic.topic_details', topic=topic, topic_id=topic_id))
Example #2
0
def singup():
    if request.method == "GET":
        return render_template("signup.html")
    elif request.method == "POST":
        username = request.form.get("username")
        password = request.form.get("password")
        repeat = request.form.get("repeat")

        if password != repeat:
            return "Hasła nie pasują do siebie!"

        print(username)
        print(password)
        print(repeat)
        user = User(username=username, password_hash=hashlib.sha256(password.encode()).hexdigest())
        user.session_token = str(uuid.uuid4())
        print(user.session_token)
        print(hashlib.sha256(password.encode()).hexdigest())
        db.add(user)
        db.commit()

        response = make_response(redirect(url_for('index')))
        response.set_cookie("session_token", user.session_token)

        return response
Example #3
0
def login():
    if request.method == "GET":
        return render_template("auth/login.html")
    elif request.method == "POST":
        username = request.form.get("username")
        password = request.form.get("password")

        user = db.query(User).filter_by(username=username).first()

        if not user:
            return "Bledne haslo lub nazwa uzytkownika"
        else:
            password_hash = hashlib.sha256(password.encode()).hexdigest()
            if password_hash == user.password_hash:
                user.session_token = str(uuid.uuid4())
                db.add(user)
                db.commit()

                response = make_response(redirect(url_for('topic.index')))
                response.set_cookie("session_token",
                                    user.session_token,
                                    httponly=True,
                                    samesite='Strict')

                return response

            else:
                return "Bledne haslo lub nazwa uzytkownika"
Example #4
0
def signup():
    if request.method == "GET":
        return render_template("auth/signup.html")
    elif request.method == "POST":
        username = request.form.get("username")
        password = request.form.get("password")
        repeat = request.form.get("repeat")
        email_address = request.form.get("email-address")

        if password != repeat:
            return "Hasła nie pasuja do siebie!"

        # print(username)
        # print(password)
        # print(repeat)

        user = User(username=username,
                    password_hash=hashlib.sha256(
                        password.encode()).hexdigest(),
                    session_token=str(uuid.uuid4()),
                    email_address=email_address)

        # print(user.session_token)
        # print(hashlib.sha256(password.encode()).hexdigest())

        db.add(user)
        db.commit()

        response = make_response(redirect(url_for('topic.index')))
        response.set_cookie("session_token",
                            user.session_token,
                            httponly=True,
                            samesite='Strict')

        return response
Example #5
0
    def create(cls, text, author, topic):
        comment = cls(text=text, author=author, topic=topic)
        db.add(comment)
        db.commit()

        if topic.author.email_address:
            send_email(
                "Ktos skomentowal twoj post {}! Sprawdz to szybko".format(
                    topic.title), "Nowy komentarz", topic.author.email_address)

        return comment
Example #6
0
    def create(cls, title, text, author):
        topic = cls(title=title, text=text, author=author)
        db.add(topic)
        db.commit()

        return topic