Esempio n. 1
0
def register():
    """View function for Register."""

    # Create the form object for RegisterForm.
    form = RegisterForm()
    # Create the form object for OpenIDForm.
    openid_form = OpenIDForm()

    # Send the request for login to relay party(URL).
    if openid_form.validate_on_submit():
        return openid.try_login(openid_from.openid_url.data,
                                ask_for=['nickname', 'email'],
                                ask_for_optional=['fullname'])

    # Try to login the relay party failed.
    openid_errors = openid.fetch_error()
    if openid_errors:
        flash(openid_errors, category='danger')

    # Will be check the username whether exist.
    if form.validate_on_submit():
        new_user = User(username=form.username.data,
                        password=form.password.data)

        db.session.add(new_user)
        db.session.commit()

        flash('Your user has been created, please login.', category="success")

        return redirect(url_for('main.login'))
    return render_template('register.html', form=form, openid_form=openid_form)
Esempio n. 2
0
def twitter_authorized(resp):
    if resp is None:
        return 'Access denied: reason: {} error:{}'.format(
            request.args['error_reason'], request.args['error_description'])

    session['twitter_oauth_token'] = resp['oauth_token'] + \
        resp['oauth_token_secret']

    user = User.query.filter_by(username=resp['screen_name']).first()

    if not user:
        user = User(username=resp['screen_name'], password='******')
        db.session.add(user)
        db.session.commit()

    flash("You have been logged in.", category="success")
    return redirect(request.args.get('next') or url_for('blog.home'))
Esempio n. 3
0
def create_or_login(resp):
    """Will be execute after pass the auth via openid."""

    from jmilkfansblog.models import db, User

    usernmae = resp.fullname or resp.nickname or resp.email
    if not username:
        flash('Invalid login. Please try again.', 'danger')
        return redirect(url_for('main.login'))

    user = User.query.filter_by(username=usernmae).first()
    if user is None:
        user = User(username=username, password='******')
        db.session.add(user)
        db.session.commit()

    # Logged in via OpenID.
    return redirect(url_for('blog.home'))
Esempio n. 4
0
    def delete(self, post_id=None):
        """Will be execute when receive the HTTP Request Method `DELETE`."""

        if not post_id:
            abort(400)

        post = Post.query.filter_by(id=post_id).first()
        if not post:
            abort(404)

        args = parsers.post_delete_parser.parse_args(strict=True)
        user = User.verify_auth_token(args['token'])
        if user != post.user:
            abort(403)

        # Will be delete relationship record with posts_tags too.
        # But you have to ensure the number of record equal with len(post.tags)
        db.session.delete(post)
        db.session.commit()

        return "", 204
Esempio n. 5
0
def facebook_authorized(resp):
    if resp is None:
        return 'Access denied: reason=%s error=%s' % (
            request.args['error_reason'], request.args['error_description'])

    session['facebook_oauth_token'] = (resp['access_token'], '')

    me = facebook.get('/me')

    if me.data.get('first_name', False):
        facebook_username = me.data['first_name'] + " " + me.data['last_name']
    else:
        facebook_username = me.data['name']

    user = User.query.filter_by(username=facebook_username).first()
    if user is None:
        user = User(username=facebook_username, password='******')
        db.session.add(user)
        db.session.commit()

    flash('You have been logged in.', category='success')

    return redirect(url_for('blog.home'))
Esempio n. 6
0
    def post(self, post_id=None):
        """Can be execute when receive HTTP Method `POST`.
        """

        if post_id:
            abort(400)
        else:
            args = parsers.post_post_parser.parse_args(strict=True)

            # Validate the user identity via token(/api/auth POST).
            # Will be create the post(/api/posts POST), if pass with validate token.
            user = User.verify_auth_token(args['token'])
            if not user:
                abort(401)

            new_post = Post()
            new_post.title = args['title']
            new_post.date = datetime.datetime.now()
            new_post.text = args['text']
            new_post.user = user

            if args['tags']:
                for item in args['tags']:
                    tag = Tag.query.filter_by(name=item).first()
                    # If the tag already exist, append.
                    if tag:
                        new_post.tags.append(tag)
                    # If the tag not exist, create the new one.
                    # Will be write into DB with session do.
                    else:
                        new_tag = Tag()
                        new_tag.name = item
                        new_post.tags.append(new_tag)

        db.session.add(new_post)
        db.session.commit()
        return (new_post.id, 201)
Esempio n. 7
0
    def put(self, post_id=None):
        """Will be execute when receive the HTTP Request Methos `PUT`."""

        if not post_id:
            abort(400)

        post = Post.query.filter_by(id=post_id).first()
        if not post:
            abort(404)

        args = parsers.post_put_parser.parse_args()
        user = User.verify_auth_token(args['token'])

        if not user:
            abort(401)
        if user != post.user:
            abort(403)

        if args['title']:
            post.title = args['title']
        if args['text']:
            post.text = args['text']
        if args['tags']:
            for item in args['tags']:
                tag = Tag.query.filter_by(name=item).first()
                if tag:
                    post.tags.append(tag)
                else:
                    new_tag = Tag()
                    new_tag.name = item
                    post.tags.append(new_tag)

        db.session.add(post)
        db.session.commit()

        return (post.id, 201)
Esempio n. 8
0
import random
import datetime
from uuid import uuid4

from jmilkfansblog.models import db, User, Post, Role, BrowseVolume

admin_role = Role(id=str(uuid4()), name='admin')
poster_role = Role(id=str(uuid4()), name='poster')
default_role = Role(id=str(uuid4()), name='default')

browse_volume = BrowseVolume(id=str(uuid4()))

db.session.add(default_role)
db.session.add(browse_volume)
db.session.commit()

admin_user = User(id=str(uuid4()),
                  username='******',
                  password='******')
admin_user.roles = [admin_role, poster_role, default_role]

db.session.add(admin_user)
db.session.commit()