def reset_password(token): """ Handles the reset password process. """ if not current_user.is_anonymous(): return redirect(url_for("blog.index")) form = ResetPasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() expired, invalid, data = user.verify_reset_token(form.token.data) if invalid: flash(_("Your password token is invalid."), "danger") return redirect(url_for("auth.forgot_password")) if expired: flash(_("Your password token is expired."), "danger") return redirect(url_for("auth.forgot_password")) if user and data: user.password = form.password.data user.save() flash(_("Your password has been updated."), "success") return redirect(url_for("auth.login")) form.token.data = token return render_template("auth/reset_password.html", form=form)
def view_post(post_id, slug=None): post = Post.query.filter_by(id=post_id).first() # abort if no post is found if not post: abort(404) # if you do not initialize the form, it will raise an error when user is # not registered form = None # check if the current user is authenticated if current_user.is_authenticated(): # assign the `form` variable the `CommentForm` class form = CommentForm() # check if the form has any errors and is a `POST` request if form.validate_on_submit(): # save the post form.save(current_user, post) flash(_("Your comment has been saved!"), "success") # and finally redirect to the post return redirect(url_for("blog.view_post", post_id=post.id, slug=post.slug)) return render_template("blog/post.html", post=post, form=form)
def edit_post(post_id, slug=None): post = Post.query.filter_by(id=post_id).first() # abort if no post is found if not post: abort(404) # check if the user has the right permissions to edit this post if not can_modify(post, current_user): flash(_("You are not allowed to delete this post."), "danger") return redirect(url_for("blog.index")) form = PostForm() if form.validate_on_submit(): # this will update the changed attributes form.populate_obj(post) post.save() flash(_("This post has been edited"), "success") return redirect(url_for("blog.view_post", post_id=post.id, slug=post.slug)) else: form.title.data = post.title form.content.data = post.content return render_template("blog/post_form.html", post=post, form=form, mode="edit")
def new_bin(): form = BinForm() if form.validate_on_submit(): pastebin = form.save(current_user) flash(_("Your paste-bin has been saved!"), "success") return redirect(url_for("paste.view_bin", bin_id=pastebin.id, slug=pastebin.slug)) return render_template("paste/bin_form.html", form=form, mode="new")
def new_post(): form = PostForm() if form.validate_on_submit(): post = form.save(current_user) flash(_("Your post has been saved!"), "success") return redirect(url_for("blog.view_post", post_id=post.id)) return render_template("blog/post_form.html", form=form, mode="new")
def change_password(): form = ChangePasswordForm() if form.validate_on_submit(): current_user.password = form.new_password.data current_user.save() flash(_("Your password has been updated!"), "success") return redirect(url_for("user.change_password")) return render_template("user/change_password.html", form=form)
def change_email(): form = ChangeEmailForm(current_user) if form.validate_on_submit(): current_user.email = form.new_email.data current_user.save() flash(_("Your email has been updated!"), "success") return redirect(url_for("user.change_email")) return render_template("user/change_email.html", form=form)
def profile(username): user = User.query.filter_by(username=username).first() # if no user is found, abort with a 404 page if not user: abort(404) # only show public pastes in the profile pastes = user.pastes.filter_by(is_public=True) return render_template("user/profile.html", user=user, pastes=pastes)
def view_bin(bin_id, slug=None): pastebin = Bin.query.filter_by(id=bin_id).first() if not pastebin: abort(404) # Check if post is private and send user to login # if yes and user not logged in if not pastebin.is_public and not current_user.is_authenticated(): return redirect(url_for("auth.login")) return render_template("paste/bin.html", pastebin=pastebin)
def new_comment(post_id): post = Post.query.filter_by(id=post_id).first() if not post: abort(404) form = CommentForm() if form.validate_on_submit(): form.save(current_user, post) flash(_("Your comment has been saved!"), "success") return redirect(url_for("blog.view_post", post_id=post.id, slug=post.slug)) return render_template("blog/comment_form.html", post=post, form=form, mode="new")
def reauth(): """ Reauthenticates a user """ if not login_fresh(): form = ReauthForm(request.form) if form.validate_on_submit(): confirm_login() flash(_("Reauthenticated"), "success") return redirect(request.args.get("next") or url_for("user.profile")) return render_template("auth/reauth.html", form=form) return redirect(request.args.get("next") or url_for("user.profile", username=current_user.username))
def register(): """ Register a new user """ if current_user is not None and current_user.is_authenticated(): return redirect(url_for("user.profile")) form = RegisterForm(request.form) if form.validate_on_submit(): user = form.save(theme=current_app.config["DEFAULT_THEME"], language=current_app.config["BABEL_DEFAULT_LOCALE"]) login_user(user) flash(_("Thanks for registering"), "success") return redirect(url_for("user.profile", username=current_user.username)) return render_template("auth/register.html", form=form)
def login(): """ Logs the user in """ if current_user is not None and current_user.is_authenticated(): return redirect(url_for("user.profile")) form = LoginForm(request.form) if form.validate_on_submit(): user, authenticated = User.authenticate(form.login.data, form.password.data) if user and authenticated: login_user(user, remember=form.remember_me.data) return redirect(request.args.get("next") or url_for("blog.index")) flash(_("Wrong username or password"), "danger") return render_template("auth/login.html", form=form)
def change_user_details(): form = ChangeUserDetailsForm() if form.validate_on_submit(): form.populate_obj(current_user) current_user.save() flash(_("Your details have been updated!"), "success") return redirect(url_for("user.change_user_details")) else: form.birthday.data = current_user.birthday form.gender.data = current_user.gender form.firstname.data = current_user.firstname form.lastname.data = current_user.lastname form.location.data = current_user.location form.website.data = current_user.website form.avatar.data = current_user.avatar form.about_me.data = current_user.about_me return render_template("user/change_user_details.html", form=form)
def change_other(): form = ChangeOtherForm() form.language.choices = [(locale, name) for locale, name in current_app.config["AVAILABLE_LANGUAGES"]. iteritems()] form.theme.choices = [(theme.identifier, theme.name) for theme in get_themes_list()] if form.validate_on_submit(): form.populate_obj(current_user) current_user.save() flash(_("Your settings have been updated."), "success") return redirect(url_for("user.change_other")) else: form.theme.data = current_user.theme form.language.data = current_user.language return render_template("user/change_other.html", form=form)
def edit_comment(comment_id): comment = Comment.query.filter_by(id=comment_id).first() if not comment: abort(404) if not can_modify(comment, current_user): flash(_("You are not allowed to edit this comment"), "danger") return redirect(url_for("blog.view_post", post_id=comment.post.id, slug=comment.post.slug)) form = CommentForm() if form.validate_on_submit(): form.populate_obj(comment) comment.save() flash(_("Your comment has been edited."), "success") return redirect(url_for("blog.view_post", post_id=comment.post.id, slug=comment.post.slug)) else: form.content.data = comment.content return render_template("blog/comment_form.html", form=form, mode="edit")
def forgot_password(): """ Sends a reset password token to the user. """ if not current_user.is_anonymous(): return redirect(url_for("blog.index")) form = ForgotPasswordForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: token = user.make_reset_token() send_reset_token(user, token=token) flash(_("E-Mail sent! Please check your inbox."), "info") return redirect(url_for("auth.forgot_password")) else: flash(_("You have entered an username or email that is not linked \ with your account"), "error") return render_template("auth/forgot_password.html", form=form)
def edit_bin(bin_id, slug=None): pastebin = Bin.query.filter_by(id=bin_id).first() if not pastebin: abort(404) # Edit is more or less the same as creating a new one # You can not actually overwrite the existing one # You can just generate a new edited copy of it # Every user can edit a pastebin because you do not override the original one # Default Language is the one of the original (current/to edit) post form = BinForm(lang=pastebin.lang) if form.validate_on_submit(): pastebin = form.save(current_user) flash(_("Your paste-bin has been saved!"), "success") return redirect(url_for("paste.view_bin", bin_id=pastebin.id, slug=pastebin.slug)) else: form.description.data = "{}*".format(pastebin.description) form.content.data = pastebin.content return render_template("paste/bin_form.html", pastebin=pastebin, form=form, mode="edit")
def forbidden_page(error): return render_template("errors/forbidden_page.html"), 403
def server_error_page(error): return render_template("errors/server_error.html"), 500
def index(): public_pastes = Bin.query.filter_by(is_public=True).order_by(Bin.id.desc()).all() return render_template("paste/index.html", pastes=public_pastes)
def page_not_found(error): return render_template("errors/page_not_found.html"), 404
def index(): posts = Post.query.order_by(Post.id.desc()).all() return render_template("blog/index.html", posts=posts)