def login():
if current_user.is_authenticated:
return redirect(url_for('post.posts'))
form = LoginForm()
if not request.environ.get('HTTP_X_FORWARDED_FOR'):
ip = request.environ.get("REMOTE_ADDR")
else:
ip = request.environ.get('HTTP_X_FORWARDED_FOR')
device = request.headers.get("User-agent")
if form.validate_on_submit():
user = User.query.filter_by(username=form.username.data).first()
if user and user.check_password(form.password.data):
login_user(user, remember=form.remember_me.data)
new_login = Login(ip_address=ip, device=device, user=user)
db.session.add(new_login)
db.session.commit()
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(
url_for("post.posts"))
return render_template("login.html",
form=form,
last_updated=dir_last_updated('app/static'))
def posts():
all_posts = BlogPost.query.filter_by(is_published=True).order_by(
BlogPost.date_posted.desc()).all()
return render_template('posts.html',
posts=all_posts,
last_updated=dir_last_updated('app/static'),
posts_active="active",
posts_sr='<span class="sr-only">(current)</span>')
def forgot_password(done=False):
if current_user.is_authenticated:
return redirect(url_for('posts'))
form = ForgotPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data).first()
user.send_mail(reset)
return redirect(url_for("forgot_password", done=True))
return render_template("forgot-password.html",
form=form,
done=done,
last_updated=dir_last_updated('app/static'))
def register():
form = RegistrationForm()
if form.validate_on_submit():
new_user = User(username=form.username.data, email=form.email.data)
new_user.set_password(form.password.data)
db.session.add(new_user)
db.session.commit()
if form.sign_in.data:
login_user(new_user)
return redirect(url_for('post.posts'))
return redirect(url_for('auth.login'))
return render_template("register.html",
form=form,
title="Sign Up",
last_updated=dir_last_updated('app/static'))
def edit_profile():
if current_user != user:
abort(403)
form = EditProfileForm(obj=current_user)
form.user = current_user
if form.validate_on_submit():
current_user.set_password(form.new_password.data)
current_user.email = form.email.data
current_user.username = form.username.data
db.session.commit()
return redirect(url_for("post.home", username=current_user.username))
return render_template("edit-profile.html",
form=form,
last_updated=dir_last_updated('app/static'))
def reset_password(token):
if current_user.is_authenticated:
return redirect(url_for("posts"))
user = User.validate_token(token)
if user is None:
return render_template("reset-password.html")
form = ResetPasswordForm()
form.user = user
if form.validate_on_submit():
user.set_password(form.password.data)
db.session.commit()
print("ran")
return redirect(url_for("post.posts"))
return render_template("reset-password.html",
form=form,
last_updated=dir_last_updated('app/static'))
def editor(public_id=None):
#cleaned_data =
form = PostForm()
if public_id:
post = BlogPost.query.filter_by(public_id=public_id).first_or_404()
if post.author != current_user:
abort(403)
form = PostForm(obj=post)
if form.validate_on_submit():
form.content.data = bleach.clean(
form.content.data,
tags=bleach.sanitizer.ALLOWED_TAGS + TAGS,
attributes={
**bleach.sanitizer.ALLOWED_ATTRIBUTES,
**ATTRS
},
styles=bleach.sanitizer.ALLOWED_STYLES + STYLES)
form.populate_obj(post)
db.session.commit()
return redirect(url_for('post.preview', public_id=post.public_id))
if form.validate_on_submit():
new_post = BlogPost(title=form.title.data,
content=form.content.data,
author=current_user)
db.session.add(new_post)
db.session.commit()
return redirect(url_for('post.preview', public_id=new_post.public_id))
if form.is_submitted():
print(form.errors)
for error in form.content.errors:
flash(error, "danger")
for error in form.title.errors:
flash(error, "danger")
return render_template("editor.html",
form=form,
last_updated=dir_last_updated('app/static'),
profile_active="active",
profile_sr='<span class="sr-only">(current)</span>')
def home(username, post_id=None):
user = User.query.filter_by(username=username).first_or_404()
disabled = ""
posts = user.posts.filter_by(is_published=True).order_by(
BlogPost.date_posted.desc()).all()
if current_user == user:
posts = user.posts.order_by(BlogPost.date_posted.desc()).all()
if post_id:
posts = user.posts.filter_by(public_id=post_id,
is_published=True).all()
disabled = "disabled"
return render_template('home.html',
user=user,
posts=posts,
last_updated=dir_last_updated('app/static'),
home_active='active',
home_sr=' <span class="sr-only">(current)</span>',
disabled=disabled)
def preview(public_id):
post = BlogPost.query.filter_by(public_id=public_id).first_or_404()
if current_user != post.author:
abort(403)
if request.method == "POST":
if request.form.get("publish"):
if not post.is_published:
post.is_published = True
post.date_published = datetime.utcnow()
else:
post.published = False
db.session.commit()
print(post.is_published)
return redirect(url_for('post.home', username=current_user.username))
return render_template("preview.html",
post=post,
last_updated=dir_last_updated('app/static'),
profile_active='active',
profile_sr='<span class="sr-only">(current)</span>')
def single_post(public_id):
post = BlogPost.query.filter_by(public_id=public_id).first_or_404()
return render_template("post.html",
post=post,
last_updated=dir_last_updated('app/static'))