def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash('Not follow yet.', 'info')
return redirect_back(url_for('.index', username=username))
current_user.unfollow(user)
flash('User followed.', 'info')
return redirect_back()
def login():
"""
用户登录
"""
logger.info('url = ' + str(request.url))
# 如果用户已经登录,就不再需要登录,直接返回主页
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
# 登录
if form.validate_on_submit():
# 将email转成小写然后取用户数据,注册时也转成了小写
user = User.query.filter_by(email=form.email.data.lower()).first()
# 用户不存在或者验证密码错误
# 取出用户数据后,调用validate_password来判断密码是否匹配,密码都是加密的
if user is not None and user.validate_password(form.password.data):
# login_user是flask-login库的,用来保存用户信息
if login_user(user, form.remember_me.data):
flash('登录成功!', 'info')
return redirect_back()
else:
flash('你的账号已被禁止登录!', 'warning')
return redirect(url_for('main.index'))
flash('错误的邮箱或者密码,请确认后再登录!', 'warning')
return render_template('auth/login.html', form=form)
def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.name = form.username.data
role = Role.query.get(form.role.data)
if role.name == 'Locked':
user.lock()
user.role = role
user.bio = form.bio.data
user.website = form.website.data
user.confirmed = form.confirmed.data
user.active = form.active.data
user.location = form.location.data
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash('Profile updated.', 'success')
return redirect_back()
form.name.data = user.name
form.role.data = user.role_id
form.bio.data = user.bio
form.website.data = user.website
form.location.data = user.location
form.username.data = user.username
form.email.data = user.email
form.confirmed.data = user.confirmed
form.active.data = user.active
return render_template('admin/edit_profile.html', form=form, user=user)
def lock_user(user_id):
user = User.query.get_or_404(user_id)
if user.role.name in ['Administrator', 'Moderator']:
flash('没有权限, 拒绝访问', 'warning')
else:
user.lock()
flash('锁定用户成功', 'info')
return redirect_back()
def block_user(user_id):
user = User.query.get_or_404(user_id)
if user.role.name in ['Administrator', 'Moderator']:
flash('Permission denied.', 'warning')
else:
user.block()
flash('Account blocked.', 'info')
return redirect_back()
def delete_account():
form = DeleteAccountForm()
if form.validate_on_submit():
db.session.delete(current_user)
db.session.commit()
flash('You are free good bay!', 'success')
return redirect_back(url_for('main.index'))
return render_template('user/settings/delete_account.html', form=form)
def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash('还没有关注。', 'info')
return redirect(url_for('.index', username=username))
current_user.unfollow(user)
flash('取消关注成功。', 'success')
return redirect_back()
def re_authenticate():
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash("Not followed yet.", "info")
return redirect(url_for("user.index", username=username))
current_user.unfollow(user)
flash("User unfollowed.", "info")
return redirect_back()
def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash('Not followed yet!', 'info')
return redirect(url_for('.index', username=username))
current_user.unfollow(user)
flash('You have unfollowed {}'.format(username), 'info')
return redirect_back()
def unlock_user(user_id):
"""
解除禁用
:param user_id: 用户id
"""
logger.info('url = ' + str(request.url))
user = User.query.get_or_404(user_id)
user.unlock()
flash("Lock canceled.", "info")
return redirect_back()
def block_user(user_id):
"""
禁止登录
:param user_id: 用于id
"""
logger.info('url = ' + str(request.url))
user = User.query.get_or_404(user_id)
user.block()
flash("Account blocked.", "info")
return redirect_back()
def follow(username):
user = User.query.filter_by(username=username).first_or_404()
if current_user.is_following(user):
flash('Already followed', 'info')
return redirect(url_for('user.index', username=username))
current_user.follow(user)
flash('User followed', 'success')
if user.receive_follow_notification:
push_follow_notification(follower=current_user, receiver=user)
return redirect_back()
def lock_user(user_id):
"""
禁用用户,停止使用某些功能
:param user_id:
:return:
"""
logger.info('url = ' + str(request.url))
user = User.query.get_or_404(user_id)
user.lock()
flash("Account locked.", "info")
return redirect_back()
def unfollow(username):
if username == current_user.username:
flash('Can not unfollow yourself.', 'info')
return redirect(url_for('.index', username=username))
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash('Not followed yet.', 'info')
return redirect(url_for('.index', username=username))
current_user.unfollow(user)
flash('User unfollowed.', 'success')
return redirect_back()
def delete_tag(tag_id):
"""
删除标签
:param tag_id: 标签id
"""
logger.info('url = ' + str(request.url))
tag = Tag.query.get_or_404(tag_id)
db.session.delete(tag)
db.session.commit()
flash("Tag deleted.", "info")
return redirect_back()
def follow(username):
user = User.query.filter_by(username=username).first_or_404()
if current_user.is_following(user):
flash("Already followed.", "info")
return redirect(url_for("user.index", username=username))
current_user.follow(user)
flash("User followed.", "success")
if current_user.receive_follow_notification:
push_follow_notification(follower=current_user, receiver=user)
return redirect_back()
def rate(photo_id, username):
awarded_user = User.query.filter_by(username=username).first_or_404()
print("======")
print(request.values)
rating_value = request.form.get('rating', 0, type=int)
rater_photo = Photo.query.get_or_404(photo_id)
rate = Rate(rater_photo=rater_photo,
awarded=awarded_user,
rate_value=rating_value)
db.session.add(rate)
db.session.commit()
return redirect_back()
def re_authenticate():
''''对已经登录的用户重新认证,保持 “新鲜”。
类似 Github 等认证。对于一些敏感操作需要重新认证,例如修改密码。
'''
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(
form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user, form.remember_me.data):
flash("login success", 'info')
return redirect_back()
else:
flash("Your account is blocked.", "warning")
return redirect(url_for('main.index'))
flash("Invalid email or password.", 'warning')
return render_template('auth/login.html', form=form)
def follow(username):
user = User.query.filter_by(username=username).first_or_404()
if current_user.is_following(user):
flash('Already followed.', 'info')
return redirect(url_for('.index', username=username))
current_user.follow(user)
flash('User followed.', 'success')
if user.receive_follow_notification:
push_follow_notification(
follower=current_user, receiver=user
) #这个函数里面实现了一个向被关注者推送提醒的功能,它跟这个函数里始终是current user的主体有区别,要注意
return redirect_back()
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
login_user(user, form.remember_me.data)
flash('Login success.', 'info')
return redirect_back()
flash('Invalid email or password.', 'warning')
return render_template('auth/login.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
login_form = LoginForm()
if login_form.validate_on_submit():
email = login_form.email.data.lower()
password = login_form.password.data
user = User.query.filter_by(email=email).first()
if user and user.validate_password(password):
login_user(user, login_form.remember_me.data)
return redirect_back()
flash('Invalid email or password.', 'warning')
return render_template('auth/login.html', form=login_form)
def re_authenticate():
"""
重新认证
"""
logger.info('url = ' + str(request.url))
# 刷新
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def unfollow(username):
"""
取消关注
:param username: 被关注者的用户名
"""
logger.info('url = ' + str(request.url))
user = User.query.filter_by(username=username).first_or_404()
# 在取消之前没有关注该用户
if not current_user.is_following(user):
flash('你没有关注该用户!', 'info')
return redirect(url_for('.index', username=username))
# 取消该用户
current_user.unfollow(user)
flash('取消关注成功!', 'info')
return redirect_back()
def search():
q = request.args.get('q', '')
if q == '':
flash('请输入用户名、照片名或照片标签名', 'warning')
return redirect_back()
if len(q.strip()) < current_app.config['WHOOSHEE_MIN_STRING_LEN']:
flash('请输入 3 个字符及以上。', 'warning')
return redirect_back()
category = request.args.get('category', 'photo')
page = request.args.get('page', 1, type=int)
per_page = current_app.config['ALBUMY_SEARCH_RESULT_PER_PAGE']
if category == 'user':
pagination = User.query.whooshee_search(q).paginate(page, per_page)
elif category == 'tag':
pagination = Tag.query.whooshee_search(q).paginate(page, per_page)
else:
pagination = Photo.query.whooshee_search(q).paginate(page, per_page)
results = pagination.items
return render_template('main/search.html',
q=q,
results=results,
pagination=pagination,
category=category)
def forget_password():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ForgetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = generate_token(user=user,
operation=Operation.RESET_PASSWORD)
send_reset_password_email(user=current_user, token=token)
flash('Password reset email sent, check your inbox.', 'info')
return redirect(url_for('.login'))
flash('Invalid email')
return redirect_back()
return render_template('auth/reset_password.html', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for("main.index"))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user, form.remember_me.data):
flash("Login success.", "info")
return redirect_back()
else:
flash("Your account is blocked.", "warning")
return redirect(url_for("main.index"))
flash("Invalid Email or password.", "warning")
return render_template("auth/login.html", form=form)
def search():
q = request.args.get('q', '')
if q == '':
flash('Enter keyword about photo, user or tag.', 'warning')
return redirect_back()
category = request.args.get('category', 'photo')
page = request.args.get('page', 1, type=int)
per_page = current_app.config['ALBUMY_SEARCH_RESULT_PER_PAGE']
if category == 'user':
pagination = User.query.whooshee_search(q).paginate(page, per_page)
elif category == 'tag':
pagination = Tag.query.whooshee_search(q).paginate(page, per_page)
else:
pagination = Photo.query.whooshee_search(q).paginate(page, per_page)
results = pagination.items
return render_template('main/search.html', q=q, results=results, pagination=pagination, category=category)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
# login_user(user,form.remember_me.data)
# 如果用户对象的is_active属性为False,Flask-Login将拒绝登录用户
if login_user(user, form.remember_me.data):
flash('登陆成功', 'info')
return redirect_back()
else:
flash('你的账号已被封禁', 'warning')
return redirect(url_for('main.index'))
flash('邮箱或密码错误', 'warning')
return render_template('auth/login.html', form=form)
