def show_posts(): form = PostForm(request.form) posts = list(Post.view('posts/by_date'))[::-1] errors = [] if request.method == 'POST' and form.validate(): new_post = make_post_from_request(request) g.db.save_doc(new_post) flash('New post was successfully created') return redirect(url_for('show_posts')) errors.extend(format_form_errors(form.errors.items())) return render_template \ ('main.html', form = form, posts = posts, submit = 'Share', errors = errors)
def sign_up(): errors = [] form = SignUpForm(request.form) if request.method == 'POST' and form.validate(): # looks like everything ok, check db username = form.username.data password = form.password.data user = list(User.view('users/by_username', key=username)) if user: errors.append('User already exists') else: new_user = make_user_from_request(request) g.db.save_doc(new_user) flash('You have successfully registered') return redirect(url_for('show_posts')) elif request.method == 'POST' and not form.validate(): errors.extend(format_form_errors(form.errors.items())) return render_template('sign_up.html', form = form, errors = errors)
def login(): errors = [] form = LoginForm(request.form) if request.method == 'POST' and form.validate(): username = form.username.data password = form.password.data user = list(User.view('users/by_username', key=username)) if not user: errors.append('Invalid username') elif make_password_hash(user[0].salt, password) != user[0].password: errors.append('Invalid password') else: session['logged_in'] = True session['uid'] = user[0]._id session['privileged'] = user[0].privileged flash('You were logged in') return redirect(url_for('show_posts')) elif request.method == 'POST' and not form.validate(): errors.extend(format_form_errors(form.errors.items())) return render_template('login.html', form = form, errors = errors)
def edit_post(id): if not g.db.doc_exist(id): abort(404) form = PostForm(request.form) post = Post.get(id) errors = [] if request.method == 'POST' and form.validate(): post.title = form.title.data post.text = form.text.data post.tags = set(form.tags.data.split()) post.save() flash('Post was successfully updated') return redirect(url_for('show_posts')) elif request.method == 'POST' and not form.validate(): errors.extend(format_form_errors(form.errors.items())) elif request.method == 'GET': form.title.data = post.title form.text.data = post.text form.tags.data = ' '.join(post.tags) return render_template \ ('edit_post.html', id = id, form = form, submit = 'Update', errors = errors)