def article_update():
if 'token' not in session:
flash(u'You Need Login', 'error')
return redirect(url_for('auth.signin'))
user = User.verify_token(session['token'])
if user is None:
return redirect(url_for('auth.signin'))
form = ArticleUpdateForm()
if request.method == 'POST':
if form.validate_on_submit():
section = str(form.section.data)
section = section[section.find("'") + 1: section.find(">") - 1]
my_article = Article.find_by_id(form.id_article.data)
my_article.section_name = section
my_article.title = form.title.data
my_article.body = form.body.data
db.session.commit()
return 'update realizado'
else:
id_article = request.args.get('id')
my_article = Article.find_by_id(id_article)
if user.username != my_article.user_name:
return 'No tiene permisos'
form.id_article.data = id_article
form.user_name.data = my_article.user_name
form.title.data = my_article.title
form.body.data = my_article.body
form.section.data = my_article.section
return render_template('article/update.html', form=form)
def article_views():
if 'token' not in session:
flash(u'You Need Login', 'error')
return redirect(url_for('auth.signin'))
user = User.verify_token(session['token'])
if user is None:
return redirect(url_for('auth.signin'))
article = Article.find_by_author(user.username)
return render_template("article/views.html", article=article)
def profile():
if 'token' not in session:
return redirect(url_for('auth.signin'))
user = User.verify_token(session['token'])
if user is None:
flash(u'Token Time Out', 'error')
return redirect(url_for('auth.signin'))
else:
return render_template('authentication/profile.html')
def test_generate_token(self):
user = User(
username='******',
email='*****@*****.**',
password='******',
role=1,
status=1
)
db.session.add(user)
db.session.commit()
with app.test_request_context():
token = user.generate_token()
self.assertTrue(user.verify_token(token) == user)
def change_pass():
token = request.args.get("token", None)
verified_result = User.verify_token(token)
if token and verified_result:
print verified_result
password_submit_form = ResetPasswordSubmit(request.form)
if password_submit_form.validate_on_submit():
verified_result.password = generate_password_hash(password_submit_form.password.data)
db.session.commit()
flash("password updated successfully")
return redirect("users")
return render_template("change_pass.html", form=password_submit_form)
def test_verify_token(self):
user = User(
username='******',
email='*****@*****.**',
password='******',
role=1,
status=1
)
db.session.add(user)
db.session.commit()
usertest = User.query.filter(User.username == 'Testuser').first()
with app.test_request_context():
token = user.generate_token(expiration=10)
self.assertIs(user.verify_token(token), user)
self.assertIsNot(user, usertest.verify_token(token))
def signin():
form = LoginForm(request.form)
if 'token' in session:
user = User.verify_token(session['token'])
if user:
return redirect(url_for('auth.profile'))
if request.method == 'POST':
if form.validate():
user = User.query.filter_by(email=form.email.data).first()
session['user_id'] = user.id
session['token'] = user.generate_token()
session['email'] = user.email
session['user_name'] = user.username
return redirect(url_for('auth.profile'))
return render_template("authentication/signin.html", form=form)
def article_delete():
if 'token' not in session:
flash(u'You Need Login', 'error')
return redirect(url_for('auth.signin'))
user = User.verify_token(session['token'])
if user is None:
return redirect(url_for('auth.signin'))
id = request.args.get('id', None)
if(id):
article = Article.query.filter_by(id=id).first()
if(not (article is None)):
db.session.delete(article)
db.session.commit()
flash(u'Article Deleted', 'messages')
return redirect(url_for('art.article_views'))
def article_create():
if 'token' not in session:
flash(u'You Need Login', 'error')
return redirect(url_for('auth.signin'))
user = User.verify_token(session['token'])
if user is None:
return redirect(url_for('auth.signin'))
username = user.username
form = ArticleCreateForm()
form.user_name.data = user.username
if request.method == 'POST':
if form.validate_on_submit():
article = Article()
form.populate_obj(article)
db.session.add(article)
db.session.commit()
return 'CREADO'
return render_template('article/create.html', form=form, user=user,
username=username)
def signup():
form = SignupForm()
if ('token' in session) and (User.verify_token(session['token'])):
return redirect(url_for('auth.profile'))
if request.method == 'POST':
if form.validate() is False:
return render_template("authentication/signup.html", form=form)
else:
new_user = User(form.username.data,
form.email.data,
form.password.data,
READ_ROLE + COMMENT_ROLE + WRITE_ROLE, 1)
db.session.add(new_user)
db.session.commit()
session['user_id'] = new_user.id
session['token'] = new_user.generate_token()
session['email'] = new_user.email
session['user_name'] = new_user.username
return redirect(url_for('auth.profile'))
elif request.method == 'GET':
return render_template("authentication/signup.html", form=form)
def testarticlecreateget(self):
test = app.test_client(self)
response = test.get('/art/create/', content_type='html/text')
self.assertEqual(response.status_code, 302)
assert 'token' in session
self.assertTrue(User.verify_token(session['token'])!=None)
