def verify_reset_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
user_id = s.loads(token)['user_id']
except:
return None
return session.query(User).get(user_id)
def validate_username(self, username):
if username.data != current_user.username:
user = session.query(User).filter_by(
username=username.data).first()
if user:
raise ValidationError(
'That username is taken. Please choose a different one')
def user_posts(username):
page = request.args.get('page', 1, type=int)
user = session.query(User).filter_by(username=username).first()
if not user:
return render_template("errors/404.html")
query = session.query(Post).filter_by(author=user).order_by(
Post.date_posted.desc())
posts = Paginator(query, 5)
if page > posts.pages_range[-1]:
return render_template("errors/404.html")
posts_page = posts.page(page)
show_pages = pagination(page, posts.pages_range)
return render_template('user_posts.html',
query=query,
posts_page=posts_page,
posts=posts,
show_pages=show_pages,
user=user)
def home():
page = request.args.get('page',1,type=int)
query = session.query(Post).order_by(Post.date_posted.desc())
posts = Paginator(query, 5)
if page > posts.pages_range[-1]:
return render_template("errors/404.html")
posts_page = posts.page(page)
show_pages = pagination(page, posts.pages_range)
return render_template('home.html', posts_page=posts_page, posts=posts, show_pages=show_pages)
def delete_post(post_id):
post = session.query(Post).get(post_id)
if post:
if post.author != current_user:
return render_template("errors/403.html")
session.delete(post)
session.commit()
flash('Your post has been deleted!', 'success')
return redirect(url_for('main.home'))
else:
return render_template("errors/404.html")
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = RequestResetForm()
if form.validate_on_submit():
user = session.query(User).filter_by(email=form.email.data).first()
send_reset_email(user)
flash('An email has been sent with instructions to reset the password',
'info')
return redirect(url_for('users.login'))
return render_template('reset_request.html',
title="Reset Password",
form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('users.login'))
form = LoginForm()
if form.validate_on_submit():
user = session.query(User).filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
# flash('You have been logged in!', 'success')
return redirect(next_page) if next_page else redirect(
url_for('main.home'))
else:
flash('Login Unsuccessful. Please check email and password',
'danger')
return render_template('login.html', title='Login', form=form)
def update_post(post_id):
post = session.query(Post).get(post_id)
if post:
if post.author != current_user:
return render_template("errors/403.html")
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
session.commit()
flash('Your post has been updated!', 'success')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend="Update Post")
else:
return render_template("errors/404.html")
def load_user(user_id):
return session.query(User).get(int(user_id))
def post(post_id):
post = session.query(Post).get(post_id)
if post:
return render_template('post.html', title=post.title, post=post)
else:
return render_template("errors/404.html")
def validate_email(self, email):
user = session.query(User).filter_by(email=email.data).first()
if user is None:
raise ValidationError(
'There is no account with that email. You must register first.'
)
def validate_email(self, email):
if email.data != current_user.email:
user = session.query(User).filter_by(email=email.data).first()
if user:
raise ValidationError(
'That email is taken. Please choose a different one')
