def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm(db)
if form.validate_on_submit():
user = User.fetch(db, form.username.data)
if not user.check_password(form.password.data):
flash('You shall not password.', 'error')
return redirect(url_for('login'))
login_user(user)
flash('Login successful!')
# flask_login.LoginManager sets 'next' url Argument by default.
next_page = request.args.get('next')
# Additional check if address is relative (no netloc component).
if not next_page or url_parse(next_page).netloc != '':
next_page = url_for('index')
return redirect(next_page)
return render_template('login.html', form=form)
def add_cardbox():
if not request.is_json:
abort(404)
# already returns dictionary
payload = request.get_json()
req = ('username', 'password', 'tags', 'content', 'name')
if not payload or not all(r in payload for r in req):
abort(404)
if User.exists(db, payload['username']):
user = User.fetch(db, payload['username'])
if not user.check_password(payload['password']):
abort(404)
new_box = CardBox(CardBox.gen_card_id(),
name=payload['name'],
owner=user._id,
rating=0,
tags=payload['tags'],
content=payload['content'])
new_box.store(db)
user.cardboxs.append(new_box._id)
user.store(db)
return 'OK'
def show_user(_id):
user = User.fetch(db, _id)
if not user:
flash('Invalid User Name.'
'Be the first User to have this name! :D', 'error')
return redirect(url_for('index'))
if user._id == current_user._id:
return render_template('show_user_myself.html', user=user)
return render_template('show_user.html', user=user)
def load_user(user_id: str):
return User.fetch(db, user_id)
