def post(self):
# If not a logged in user redirect to login
if not self.user:
self.redirect('/login')
else:
comment = self.request.get('comment')
post_id = int(self.request.get('post_id'))
post = Post.get_by_id(post_id, parent=blog_key())
author = self.user
if not comment:
return # do nothing if empty comment
else:
c = Comment(content=comment, author=author.key, post=post.key)
c.put()
comment = Comment.render_single_comment(c)
# return JSON to Ajax
self.write(json.dumps(({'comment': comment})))
def post(self, topic_id):
user = users.get_current_user()
time = datetime.datetime.now()
csrf_token = self.request.get("csrf_token")
mem_token = memcache.get(key=csrf_token)
if mem_token:
return self.write("Hacker at the doors")
comment = self.request.get("comment")
topic = Topic.get_by_id(int(topic_id))
new_comment = Comment(content=comment,
topic_id=topic.key.id(),
author_email=user.email(),
topic_title=topic.title,
created=time)
new_comment.put()
return self.redirect_to("topic-details", topic_id=topic.key.id())
