def delete_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
db.session.delete(post)
db.session.commit()
flash('Successfully deleted a post!', 'success')
logger.info(f'Deleted post {post.title} by user: {post.author}')
return redirect(url_for('main.home'))
def new_post():
form = PostForm()
if form.validate_on_submit():
save_valid_post(form)
flash('Successfully created new post!', 'success')
logger.info(f'Added new post {form.title} by user: {current_user}')
return redirect(url_for('main.home'))
return render_template('create_post.html',
title='New Post',
form=form,
legend='New Post',
today=date.today())
def register():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = RegistrationForm()
if form.validate_on_submit():
save_valid_user(form)
new_user = form.username.data
logger.info(f'Registered new user: {new_user}')
flash(f'Successfully created account for {new_user}!', 'success')
return redirect(url_for('users.login'))
return render_template('register.html',
title='Register',
form=form,
today=date.today())
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = RequestResetForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
send_reset_email(user)
logger.info(
f'Email with password reset token was send to user: {user.username}'
)
flash(
'An email has been sent with instructions to reset your password.',
'info')
return redirect(url_for('users.login'))
return render_template('reset_request.html',
title='Reset Password',
form=form,
today=date.today())
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
if user and bcrypt.check_password_hash(user.password,
form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get('next')
logger.info(f'Logged user: {user.username}')
return redirect(next_page) if next_page else redirect(
url_for('main.home'))
else:
flash('Invalid email or password!', 'danger')
return render_template('login.html',
title='Login',
form=form,
today=date.today())
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('Invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user.password = hashed_password
db.session.commit()
logger.info(f'Password changed for user: {user}')
flash(f'Your password has been updated', 'success')
return redirect(url_for('users.login'))
return render_template('reset_token.html',
title='Reset Password',
form=form,
today=date.today())
def update_post(post_id):
post = Post.query.get_or_404(post_id)
if post.author != current_user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
db.session.commit()
flash('Successfully updated a post!', 'success')
logger.info(f'Updated post {post.title} by user: {post.author}')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend='Update Post',
today=date.today())
def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
current_user.username = form.username.data
current_user.email = form.email.data
db.session.commit()
flash('Successfully Updated Account!', 'success')
logger.info(f'Updated account for user: {current_user.username}')
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for('static',
filename='profile_pics/' + current_user.image_file)
return render_template('account.html',
title='Account',
image_file=image_file,
form=form,
today=date.today())