def f(request):
# 加载任意内容前先验证是否登陆
uname = current_user(request)
u = User.find_by(username=uname)
if u is None:
# 说明用户没登陆,重定向到 login 页面
redirect('/login')
return route_function(request)
def wrapper(request):
# 验证管理员用户登陆
u = current_user(request)
if u.role == 1:
return route_function(request)
else:
return redirect('/login')
def wrapper(request):
u = current_user(request)
if u.id == -1:
log('非用户登陆')
return redirect('/login')
else:
return route_function(request)
def add(request):
# 添加事件前验证是否登陆
uname = current_user(request)
u = User.find_by(username=uname)
if u is None:
return redirect('/login')
if request.method == 'POST':
form = request.form()
t = Todo.new(form)
t.user_id = u.id
t.created_time = current_time()
t.save()
'''
我们看到页面刷新的过程:
README.md 中的 网络部分 5. 请求数据和发送数据(具体到各阶段的原始报文信息)
'''
return redirect('/todo')
def delete_todo(request):
# 删除事件前验证是否登陆
uname = current_user(request)
u = User.find_by(username=uname)
if u is None:
return redirect('/login')
todo_id = int(request.query.get('id'))
t = Todo.find_by(id=todo_id)
if t.user_id != u.id:
return redirect('login')
if t is not None:
t.remove()
return redirect('/todo')
def update(request):
if request.method == 'POST':
form = request.form()
todo_id = int(str(form.get('id', -1)))
t = Todo.find_by(id=todo_id)
t.title = form.get('title', t.title)
t.updated_time = current_time()
t.save()
return redirect('/todo')
def todo_update(request):
if request.method == 'POST':
data = request.form()
todo_id = int(data.get('id', -1))
if len(data) > 0:
t = Todo.find_by(id=todo_id)
t.title = data.get('title')
t.updated_time = formatted_time(int(time.time()))
t.save()
return redirect('/todo')
def todo_add(request):
if request.method == 'POST':
data = request.form()
u = current_user(request)
if len(data) > 0:
t = Todo.new(data)
t.user_id = u.id
t.created_time = formatted_time(int(time.time()))
t.updated_time = formatted_time(int(time.time()))
t.save()
return redirect('/todo')
def admin_update(request):
"""
类似于update函数,处理在 /admin/users 下提交的表单,修改指定用户 id 的密码
"""
if request.method == 'POST':
data = request.form()
user_id = int(data.get('id', -1))
if len(data) > 0:
us = User.find_by(id=user_id)
us.password = data.get('password')
us.save()
return redirect('/admin/users')
def wrapper(request):
u = current_user(request)
if request.method == 'POST':
data = request.form()
todo_id = int(data.get('id', -1))
else:
todo_id = int(request.query.get('id', -1))
t = Todo.find_by(id=todo_id)
if u.id != t.user_id:
return redirect('/login')
else:
return route_function(request)
def index(request):
# 加载主页前先验证是否登陆
uname = current_user(request)
u = User.find_by(username=uname)
if u is None:
# 说明用户没登陆,重定向到 login 页面
return redirect('/login')
headers = {
'Content-Type': 'text/html'
}
todo_list = Todo.find_all(user_id=u.id)
body = templateM('todo_index.html', todos=todo_list)
header = response_with_headers(headers)
r = header + '\r\n' + body
return r.encode(encoding='utf-8')
def todo_delete(request):
todo_id = int(request.query.get('id'))
Todo.remove(todo_id)
return redirect('/todo')