def show_posts():
form = PostForm(request.form)
posts = list(Post.view('posts/by_date'))[::-1]
errors = []
if request.method == 'POST' and form.validate():
new_post = make_post_from_request(request)
g.db.save_doc(new_post)
flash('New post was successfully created')
return redirect(url_for('show_posts'))
errors.extend(format_form_errors(form.errors.items()))
return render_template \
('main.html', form = form, posts = posts, submit = 'Share', errors = errors)
def sign_up():
errors = []
form = SignUpForm(request.form)
if request.method == 'POST' and form.validate():
# looks like everything ok, check db
username = form.username.data
password = form.password.data
user = list(User.view('users/by_username', key=username))
if user:
errors.append('User already exists')
else:
new_user = make_user_from_request(request)
g.db.save_doc(new_user)
flash('You have successfully registered')
return redirect(url_for('show_posts'))
elif request.method == 'POST' and not form.validate():
errors.extend(format_form_errors(form.errors.items()))
return render_template('sign_up.html', form = form, errors = errors)
def login():
errors = []
form = LoginForm(request.form)
if request.method == 'POST' and form.validate():
username = form.username.data
password = form.password.data
user = list(User.view('users/by_username', key=username))
if not user:
errors.append('Invalid username')
elif make_password_hash(user[0].salt, password) != user[0].password:
errors.append('Invalid password')
else:
session['logged_in'] = True
session['uid'] = user[0]._id
session['privileged'] = user[0].privileged
flash('You were logged in')
return redirect(url_for('show_posts'))
elif request.method == 'POST' and not form.validate():
errors.extend(format_form_errors(form.errors.items()))
return render_template('login.html', form = form, errors = errors)
def edit_post(id):
if not g.db.doc_exist(id):
abort(404)
form = PostForm(request.form)
post = Post.get(id)
errors = []
if request.method == 'POST' and form.validate():
post.title = form.title.data
post.text = form.text.data
post.tags = set(form.tags.data.split())
post.save()
flash('Post was successfully updated')
return redirect(url_for('show_posts'))
elif request.method == 'POST' and not form.validate():
errors.extend(format_form_errors(form.errors.items()))
elif request.method == 'GET':
form.title.data = post.title
form.text.data = post.text
form.tags.data = ' '.join(post.tags)
return render_template \
('edit_post.html', id = id, form = form, submit = 'Update', errors = errors)
