Esempio n. 1
0
 def auth(request):
     logging.info('check usr: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             request.__user__ = user
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 2
0
 def auth(request):
     logging.info("check user: %s %s" % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info("set current user: %s" % user.email)
             request.__user__ = user
     if request.path.startswith("/manage/") and (request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound("/signin")
     return (yield from handler(request))
Esempio n. 3
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 4
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None  # 先把请求的__user__属性绑定None
     cookie_str = request.cookies.get(COOKIE_NAME)  # 通过cookie名取得加密cookie字符串,COOKIE_NAME是在headlers模块中定义的
     if cookie_str:
         user = yield from cookie2user(cookie_str)  # 验证cookie,并得到用户信息
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user  # 将用户信息绑定到请求上
     # 如果请求路径是管理页面,但是用户不是管理员,将重定向到登陆页面
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 5
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user
     # 这里的not去掉,让用户可以正常登陆admin(之前是: not request.__user__.admin)->省缺值是False
     if request.path.startswith('/manage/') and (request.__user__ is None or request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 6
0
 def auth(request):
     logging.info("check user: %s %s" % (request.method, request.path))
     request.__user__ = None # 先绑定一个None到请求的__user__属性
     cookie_str = request.cookies.get(COOKIE_NAME) # 通过cookie名取得加密cookie字符串(不明白的看看handlers.py)
     if cookie_str:
         user = yield from cookie2user(cookie_str) # 验证cookie,并得到用户信息
         if user:
             logging.info("set current user: %s" % user.email)
             request.__user__ = user # 将用户信息绑定到请求上
         # 请求的路径是管理页面,但用户非管理员,将会重定向到登录页面?
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 7
0
def search():
    page = request.args.get('page', '1')
    page_index = get_page_index(page)
    #keyword为搜索词,查询blog的name
    keyword = request.form['keyword']
    blogs = select(b for b in Blog if keyword in b.name)
    num = len(blogs[:])
    p = Page(num, page_index)
    user = cookie2user()
    if num == 0:
        return render_template('blogs.html', page_index=page_index, user=user, page=p, blogs=blogs)
    blogs = blogs.order_by(Blog.created_at)[p.offset: p.limit+p.offset]
    return render_template('blogs.html', page_index=page_index, user=user, page=p, blogs=blogs)
Esempio n. 8
0
 def auth(request):
     logging.info("check user: %s %s" % (request.method, request.path))
     request.__user__ = None # 先绑定一个None到请求的__user__属性
     cookie_str = request.cookies.get(COOKIE_NAME) # 通过cookie名取得加密cookie字符串(不明白的看看handlers.py)
     if cookie_str:
         user = yield from cookie2user(cookie_str) # 验证cookie,并得到用户信息
         if user:
             logging.info("set current user: %s" % user.email)
             request.__user__ = user # 将用户信息绑定到请求上
         # 请求的路径是管理页面,但用户非管理员,将会重定向到登录页面?
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 9
0
def index():
    page = request.args.get('page', '1')
    page_index = get_page_index(page)
    with db_session:
        num = len(select(b for b in Blog)[:])
    p = Page(num, page_index)
    if num == 0:
        blogs = []
    else:
        with db_session:
            blogs = select(b for b in Blog).order_by(desc(Blog.created_at))[p.offset: p.limit+p.offset]
    user = cookie2user()
    return render_template('blogs.html', page_index=page_index, blogs=blogs, user=user, page=p)
    def auth(request):
        logging.info('check user: %s %s' % (request.method, request.path))
        request.__user__ = None
        request.__guide__ = None
        request.__guide_text__ = None
        request.__guide_cur__ = None

        request.__manage_guide__ = None
        request.__manage_guide_text__ = None
        request.__manage_guide_cur__ = None

        guide = ('personal_video_manage', 'personal_video_owe', 'personal_video_collection', 'personal_study_plane', 'personal_message')
        guide_text = {}
        guide_text['personal_video_manage'] = '教程管理'
        guide_text['personal_video_owe'] = '拥有教程'
        guide_text['personal_video_collection'] = '教程收藏'
        guide_text['personal_study_plane'] = '学习计划'
        guide_text['personal_message'] = '我的消息'

        manage_guide = ('manage_user', 'manage_video', 'manage_advice')
        manage_guide_text = {}
        manage_guide_text['manage_user'] = '******'
        manage_guide_text['manage_video'] = '教程管理'
        manage_guide_text['manage_advice'] = '反馈信息管理'
		
        cookie_str = request.cookies.get(COOKIE_NAME)
        if cookie_str:
            user = yield from cookie2user(cookie_str)
            if user:
                logging.info('set current user: %s' % user.email)
                request.__user__ = user
                if request.path.startswith('/personal_'):
                    request.__guide__ = guide
                    request.__guide_text__ = guide_text
                    temp_cur_guide = request.path[request.path.find('/')+1:request.path.rfind('/')]
                    if temp_cur_guide == 'personal_video_create':
                        temp_cur_guide = 'personal_video_manage'
                    elif temp_cur_guide == 'personal_study_plane' or temp_cur_guide == 'personal_study_plane_create' or temp_cur_guide == 'personal_study_plane_history':
                        temp_cur_guide = 'personal_study_plane'
                    request.__guide__ = guide
                    request.__guide_cur__ = temp_cur_guide
                    
                if request.path.startswith('/manage_'):
                    request.__manage_guide__ = manage_guide
                    request.__manage_guide_text__ = manage_guide_text
                    temp_cur_guide = request.path[request.path.find('/')+1:request.path.rfind('/')]
                    request.__manage_guide__ = manage_guide
                    request.__manage_guide_cur__ = temp_cur_guide
        #if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
        #    return web.HTTPFound('/signin')
        return (yield from handler(request))
Esempio n. 11
0
    def auth(request):
        logging.info('check user: %s %s' % (request.method, request.path))
        request.__user__ = None
        cookie_str = request.cookies.get(COOKIE_NAME)
        # 把当前用户绑定到request上
        if cookie_str:
            user = yield from cookie2user(cookie_str)
            if user:
                logging.info('set current user:%s' % user.email)
                request.__user__ = user
        # 对URL/manage/进行拦截,检查当前用户是否是管理员身份
#        if request.path.startswith('/manage') and (request.__user__ is None or not request.__user__.admin):
#           return web.HTTPFound('/signin')
        return (yield from handler(request))
Esempio n. 12
0
 def auth(request):
     request.__user__ = None
     if not configs.auth:
         return (yield from handler(request))
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             request.__user__ = user
     if request.__user__ is None:
         if not request.path.endswith("login"):
             resp = json.dumps({"retcode": 100, "message": "Not login yet"})
             return web.Response(body=resp.encode("utf-8"))
     return (yield from handler(request))
Esempio n. 13
0
def manage_blogs():
    page = request.args.get('page', '1')
    #str转int
    page_index = get_page_index(page)
    #获得blog的数量
    with db_session:
        num = len(select(b for b in Blog)[:])
    p = Page(num, page_index)
    #查询当前页面下的blog并按照创建时间排序
    with db_session:
        blogs = select(b for b in Blog).order_by(Blog.created_at)[p.offset: p.limit+p.offset]
    #根据cookie获取当前登录用户
    user = cookie2user()
    return render_template('manage_blogs.html', page_index=page_index, user=user)
Esempio n. 14
0
 def auth(request):
     request.__user__ = None
     if not configs.auth:
         return (yield from handler(request))
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             request.__user__ = user
     if request.__user__ is None:
         if not request.path.endswith('login'):
             resp = json.dumps({"retcode": 100, "message": "Not login yet"})
             return web.Response(body=resp.encode('utf-8'))
     return (yield from handler(request))
Esempio n. 15
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     #若存在cookie,解析用户信息
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         #若有用户信息,将其息绑定到request中,没有则表明cookie是伪造的
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user
     #若请求路径是管理页面,但用户信息不存在或拥有管理员权限,则无法操作,跳转到登录页面
     if request.path.startswith('/manage/') and (request.__user__ is None or request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 16
0
    def auth(request):
        logging.info('check user:%s %s' % (request.method, request.path))
        request.__user__ = None

        cookie_str = request.cookies.get(COOKIE_NAME)
        print(cookie_str)
        if cookie_str:
            user = yield from cookie2user(cookie_str)
            print(user)
            if user:
                logging.info('set current user:%s' % user.username)
                request.__user__ = user
        if request.path.startswith('/homepage') and request.__user__ is None:
            return web.HTTPFound('/')
        return (yield from handler(request))
Esempio n. 17
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     # 获取要判断的cookie
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         # 通过cookie获取user信息
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
         # 路径重新定位
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 18
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user
     ## 去掉了Not 不然访问http://localhost:9000/manage/blogs/create时候总要跳掉登录界面
     ## 因为这里设置了只有管理员才能写日志
     #if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
     if request.path.startswith('/manage/') and (request.__user__ is None
                                                 or request.__user__.admin):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 19
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__ = user
     if request.path.startswith('/manage/user/'):
         if request.__user__ is None or (not request.__user__.admin and request.path.split('/')[3] != request.__user__.id):
             return web.HTTPFound('/signin')
     elif request.path.startswith('/manage/'):
         if request.__user__ is None or not request.__user__.admin:
             return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 20
0
	def auth(request):
		logging.info('check user: %s %s' % (request.method, request.path))
		request.__user__ = None
		#获取到cookie字符串
		cookie_str = request.cookies.get(COOKIE_NAME)
		if cookie_str:
			#通过反向解析字符串和与数据库对比获取出user
			user = yield from cookie2user(cookie_str)
			if user:
				logging.info('set current user: %s' % user.email)
				#user存在则绑定到request上,说明当前用户是合法的
				request.__user__ = user
		if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
			return web.HTTPFound('/signin')
		#执行下一步
		return (yield from handler(request))
Esempio n. 21
0
	def auth(request):
		logging.info('check user: %s %s' % (request.method, request.path))
		request.__user__ = None
		#获取到cookie字符串
		cookie_str = request.cookies.get(COOKIE_NAME)
		if cookie_str:
			#通过反向解析字符串和与数据库对比获取出user
			user = yield from cookie2user(cookie_str)
			if user:
				logging.info('set current user: %s' % user.email)
				#user存在则绑定到request上,说明当前用户是合法的
				request.__user__ = user
		if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
			return web.HTTPFound('/signin')
		#执行下一步
		return (yield from handler(request))
Esempio n. 22
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(
         COOKIE_NAME)  #从请求中提取COOKIE_NAME字段-》包含用户名和密码
     if cookie_str:  #如果存在
         user = yield from cookie2user(cookie_str)  #在服务端创建用户的cookie
         if user:
             logging.info('set current user: %s' %
                          user.email)  #打印user email
             request.__user__ = user  #想request中添加__user__
     if request.path.startswith('/manage/') and (request.__user__ is None
                                                 or request.__user__.admin):
         #mangage 开始的界面 或者__user__不存在 或者管理员都调到登录页
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 23
0
    def auth(request):
        logging.info("check user: %s %s" % (request.method, request.path))
        request.__user__ = None
        logging.info(request.cookies)
        cookie_str = request.cookies.get(COOKIE_NAME)

        if cookie_str:
            user = yield from cookie2user(cookie_str)
            if user:
                logging.info("set current user: %s" % user.email)
                request.__user__ = user
        logging.info(request.__user__)
        if request.__user__ is None:
            # 需要登录/sign/in
            # return return web.HTTPFound('/signin')
            pass
        return (yield from handler(request))
Esempio n. 24
0
def api_create_comment(id):
    ##通过Cookie查询登录用户
    user = cookie2user()
    if user is None:
        raise APIPermissionError('Please signin first.')
    content = request.json['content']
    if not content or not content.strip():
        raise APIValueError('content')
    blog = Blog.get(id=id)
    if blog is None:
        raise APIResourceNotFoundError('Blog')
    comment = Comment(blog_id=blog.id,
                      user_id=user.id,
                      user_name=user.name,
                      user_image=user.image,
                      content=content.strip())
    return comment.to_dict()
Esempio n. 25
0
 def auth(request) :
     logger.info('check user : %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(COOKIE_NAME)
     if cookie_str :
         user = yield from cookie2user(cookie_str)
         if user :
             logger.info('set current user: %s' % user.email)
             request.__user__ = user
     if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin) :
         return web.HTTPFound('/signin')
     logger.info('authenticate finished!')
     r = yield from handler(request)
     print()
     logger.info(r)
     print()
     return r
Esempio n. 26
0
 def auth(request):
     '''
     if not configs.useAuth:
         logging.info('not use auth_factory')
         return (yield from handler(request))
     '''
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__=None
     cookie_str=request.cookies.get(COOKIE_NAME)
     if cookie_str:
         user = yield from cookie2user(cookie_str)
         if user:
             logging.info('set current user: %s' % user.email)
             request.__user__=user
     #if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
     if request.path.startswith('/manage/') and (request.__user__ is None):
         return web.HTTPFound('/signin')
     return (yield from handler(request))
Esempio n. 27
0
    def auth(request):
        logger.info('check user: %s %s' % (request.method, request.path))
        request.__user__ = None

        cookie_str = request.cookies.get(COOKIE_NAME)
        # 获取到cookie字符串, cookies是用分号分割的一组名值对,在python中被看成dict
        if cookie_str:
            user = yield from cookie2user(cookie_str)
            # 通过反向解析字符串和与数据库对比获取出user
            if user:
                logger.info('set current user: %s' % user.email)
                request.__user__ = user
                # user存在则绑定到request上
        # if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
        # 	return web.HTTPFound('/signin')

        # 继续执行下一步
        return (yield from handler(request))
Esempio n. 28
0
    def auth(request):
        logging.info("check user: %s %s" % (request.method, request.path))
        request.__user__ = None
        logging.info(request.cookies)
        cookie_str = request.cookies.get(COOKIE_NAME)

        if cookie_str:
            user = yield from cookie2user(cookie_str)
            if user:
                logging.info("set current user: %s" % user.email)
                request.__user__ = user
        logging.info(request.__user__)
        # logging.info(request.__user__.admin)
        # 请求的路径是管理页面,但用户非管理员,将会重定向到登录页
        # if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
        if request.path.startswith('/manage/') and (request.__user__ is None):
            return web.HTTPFound('/signin')
        return (yield from handler(request))
Esempio n. 29
0
	def auth(request):
		logging.info('check user: %s %s' % (request.method, request.path))
		request.__user__ = None

		cookie_str = request.cookies.get(COOKIE_NAME)
		# 获取到cookie字符串, cookie是用分号分割的一组名值对,在python中被看成dict
		if cookie_str:
			user = yield from cookie2user(cookie_str)
			# 通过反向解析字符串和与数据库对比获取出user
			if user:
				logging.info('set current user: %s' % user.email)
				request.__user__ = user
				# user存在则绑定到request上
		# if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
		# 	return web.HTTPFound('/signin')
		
		# 继续执行下一步
		return (yield from handler(request))
Esempio n. 30
0
    def auth(request):
        logging.info("check user: %s %s" % (request.method, request.path))
        request.__user__ = None
        logging.info(request.cookies)
        cookie_str = request.cookies.get(COOKIE_NAME)

        if cookie_str:
            user = yield from cookie2user(cookie_str)
            if user:
                logging.info("set current user: %s" % user.email)
                request.__user__ = user
        logging.info(request.__user__)
        # logging.info(request.__user__.admin)
        # 请求的路径是管理页面,但用户非管理员,将会重定向到登录页
        # if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
        if request.path.startswith('/manage/') and (request.__user__ is None):
            return web.HTTPFound('/signin')
        return (yield from handler(request))
Esempio n. 31
0
    def auth(request):
        logging.info('check user: %s %s' % (request.method, request.path))
        request.__user__ = None
        cookie_str = request.cookies.get(COOKIE_NAME)
        if cookie_str:
            # 服务器拿到客户端的cookie后进行验证
            user = yield from cookie2user(cookie_str)
            if user:
                logging.info('set current user: %s' % user.email)
                # 将登陆用户绑定到request上,后续的url处理函数能够直接拿到登陆用户
                request.__user__ = user

        if request.path.startswith('/manage/') and (request.__user__ is None or not request.__user__.admin):
            '''
            检查当前用户是否为管理员
            '''

            return web.HTTPFound('/signin')
        return (yield from handler(request))
Esempio n. 32
0
    def auth(request):
        #不需要手动创建 Request实例 - aiohttp.web 会自动创建。
        #打印(请求方法,请求路径)日志:
        logging.info('check user: %s %s' % (request.method, request.path))
        request.__user__ = None
        cookie_str = request.cookies.get(COOKIE_NAME)
        if cookie_str:
            #根据COOKIE名解析对应cookie;
            user = yield from cookie2user(cookie_str)
            #解析cookie信息不为空则赋值到request.__user__:
            if user:
                #打印(设置当前用户信息)日志:
                logging.info('set current user: %s' % user.email)
                request.__user__ = user
        #请求路径以‘/manage/’开头,且cookie用户信息不为空或cookie用户权限是否为管理员权限:
        if request.path.startswith('/manage/') and (request.__user__ is None or request.__user__.admin):
            return web.HTTPFound('/signin')

        return (yield from handler(request))
Esempio n. 33
0
 def auth(request):
     logging.info('check user: %s %s' % (request.method, request.path))
     request.__user__ = None
     cookie_str = request.cookies.get(
         COOKIE_NAME)  # 从request的cookie中获取名称是COOKIE_NAME的cookie
     if cookie_str:
         user = yield from cookie2user(cookie_str)  # 从cookie中解析user出来
         if user:
             logging.info(
                 'set current user: %s' % user.email
             )  # cookie中保存的当前user,将其放在request的__user__属性中,位之后使用
             request.__user__ = user  # 将当前user绑定到request上
     if request.path.startswith('/manage/') and (
             request.__user__ is None or not request.__user__.admin):
         return web.HTTPFound(
             '/signin'
         )  # 若是访问的路径是/manage/,且__user__是空(空的cookie),或者__user__不是admin,则跳转到登录页/signin
     return (yield from handler(request)
             )  # handler 验证cookie之后的request,会去自动调用相应path的handler函数
Esempio n. 34
0
    def auth(request):
        #不需要手动创建 Request实例 - aiohttp.web 会自动创建。
        #打印(请求方法,请求路径)日志:
        logging.info('check user: %s %s' % (request.method, request.path))
        request.__user__ = None
        cookie_str = request.cookies.get(COOKIE_NAME)
        if cookie_str:
            #根据COOKIE名解析对应cookie;
            user = yield from cookie2user(cookie_str)
            #解析cookie信息不为空则赋值到request.__user__:
            if user:
                #打印(设置当前用户信息)日志:
                logging.info('set current user: %s' % user.email)
                request.__user__ = user
        #请求路径以‘/manage/’开头,且cookie用户信息不为空或cookie用户权限是否为管理员权限:
        if request.path.startswith('/manage/') and (request.__user__ is None
                                                    or request.__user__.admin):
            return web.HTTPFound('/signin')

        return (yield from handler(request))
Esempio n. 35
0
def api_update_blog():
    #获取?后的属性
    id = request.args.get('id')
    user = cookie2user()
    blog = Blog.get(id=id)
    if request.method == 'POST':
        blog_info = request.json
        name = blog_info['name']
        summary = blog_info['summary']
        content = blog_info['content']
        if not name or not name.strip():
            raise APIValueError('name', 'name cannot be empty.')
        if not summary or not summary.strip():
            raise APIValueError('summary', 'summary cannot be empty.')
        if not content or not content.strip():
            raise APIValueError('content', 'content cannot be empty.')
        blog.name = name.strip()
        blog.summary = summary.strip()
        blog.content = content.strip()
        commit()
        return blog.to_dict()
    else:
        return render_template('manage_blog_edit.html', user=user, id = blog.id)