def register():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db, c = get_db()
error = None
c.execute('select id from user where username = %s', (username, ))
if not username:
error = 'Username is required'
if not password:
error = 'Password is required'
elif c.fetchone() is not None:
error = 'User {} is registered'.format(username)
if error is None:
c.execute('insert into user (username, password) values (%s, %s)',
(username, generate_password_hash(password)))
db.commit()
return redirect(url_for('auth.login'))
flash(error)
return render_template('auth/register.html')
def index():
db, c = get_db()
c.execute(
'select t.id, t.description, u.username, t.completed, t.created_at from todo t JOIN user u on t.created_by = u.id '
'where t.created_by = %s order by created_at desc', (g.user['id'], ))
todos = c.fetchall()
return render_template('todo/index.html', todos=todos)
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
db, c = get_db()
c.execute('select * from user where id = %s', (user_id, ))
g.user = c.fetchone(
) #Retorna el primer elemento que encuentra (list of dict)
def get_todo(id):
db, c = get_db()
c.execute(
'select t.id, t.description, t.completed, t.created_by, t.created_at, u.username from todo t join user u on t.created_by = u.id where t.id = %s',
(id, ))
todo = c.fetchone()
if todo is None:
abort(404, f" Task {id} not exists")
return todo
def create():
if request.method == 'POST':
description = request.form['description']
error = None
if not description:
error = 'Descipcion requerida'
if error is not None:
flash(error)
else:
db, c = get_db()
c.execute(
'insert into todo (description, completed, created_by)'
' values (%s, %s, %s)', (description, False, g.user['id']))
db.commit()
return redirect(url_for('todo.index'))
return render_template('todo/create.html')
def update(id):
todo = get_todo(id)
if request.method == 'POST':
description = request.form['description']
completed = True if request.form.get('completed') == 'on' else False
error = None
if not description:
error = 'Description can\'t be empty'
if error is not None:
flash(error)
else:
db, c = get_db()
c.execute(
'update todo set description = %s, completed = %s where id =%s and created_by = %s',
(description, completed, id, g.user['id']))
db.commit()
return redirect(url_for('todo.index'))
return render_template('todo/update.html', todo=todo)
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
db, c = get_db()
error = None
c.execute('select * from user where username = %s', (username, ))
user = c.fetchone()
if user is None:
error = 'Usuario y/o ContraseƱa invalida'
elif not check_password_hash(user['password'], password):
error = 'Usuario y/o ContraseƱa invalida'
if error is None:
session.clear()
session['user_id'] = user['id']
return redirect(url_for('todo.index'))
flash(error)
return render_template('auth/login.html')
def delete(id):
db, c = get_db()
c.execute('delete from todo where id = %s and created_by = %s',
(id, g.user['id']))
db.commit()
return redirect(url_for('todo.index'))