-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.py
150 lines (121 loc) · 4.6 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
from flask import (Flask, request, redirect,
render_template, flash, session)
from models import db, connect_db, User, Feedback
from forms import RegisterUserForm, LoginUserForm, AddFeedbackForm
app = Flask(__name__)
app.config["SQLALCHEMY_DATABASE_URI"] = "postgresql:///feedback"
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
app.config["SQLALCHEMY_ECHO"] = True
app.config["SECRET_KEY"] = "super secret"
connect_db(app)
db.create_all()
@app.route('/')
def redirect_register():
return redirect('/register')
@app.route('/register', methods=['GET', 'POST'])
def register():
if "username" in session:
return redirect(f"/users/{session['username']}")
form = RegisterUserForm()
if form.validate_on_submit():
user_attrs = {
'username': form.username.data,
'password': form.password.data,
'email': form.email.data,
'first_name': form.first_name.data,
'last_name': form.last_name.data
}
# new_user = User(**user_attrs)
new_user = User.register(**user_attrs)
db.session.add(new_user)
db.session.commit()
return redirect(f'/users/{new_user.username}')
else:
return render_template('register.html', form=form)
@app.route('/login', methods=['GET', 'POST'])
def login():
form = LoginUserForm()
if "username" in session:
return redirect(f"/users/{session['username']}")
if form.validate_on_submit():
username = form.username.data
password = form.password.data
user = User.authenticate(username, password)
if user:
session["username"] = user.username
return redirect(f'/users/{user.username}')
else:
form.username.errors = ["Bad name/password"]
return render_template('login.html', form=form)
@app.route('/logout')
def logout():
session.pop("username")
return redirect('/')
@app.route('/users/<username>')
def show_secret(username):
if "username" in session:
user = User.query.get(username)
return render_template('user.html', user=user)
return redirect('/login')
@app.route('/users/<username>/feedback/add', methods=['GET', 'POST'])
def show_feedback_form(username):
# user = User.query.get(username)
if username == session['username']:
form = AddFeedbackForm()
if form.validate_on_submit():
title = form.title.data
content = form.content.data
new_feedback = Feedback(title=title,
content=content, username=username)
db.session.add(new_feedback)
db.session.commit()
flash("Feedback added!")
return redirect(f"/users/{username}")
else:
flash("Please login")
return render_template('add-feedback-form.html', form=form)
# else if "username" not in session:
# and is a different user, log into their PF page
else:
return redirect("/login")
@app.route('/feedback/<feedback_id>/update', methods=['GET', 'POST'])
def edit_feedback(feedback_id):
feedback = Feedback.query.get_or_404(feedback_id)
# pretty much need this whenever you have a user
if "username" not in session:
flash("Please login")
return redirect("/login")
if feedback.username == session['username']:
form = AddFeedbackForm(title=feedback.title, content=feedback.content)
if form.validate_on_submit():
feedback.title = form.title.data
feedback.content = form.content.data
db.session.commit()
flash("Feedback edited!")
return redirect(f"/users/{feedback.username}")
else:
return render_template('edit-feedback-form.html', form=form)
else:
return redirect(f"/user/{feedback.username}")
@app.route('/feedback/<feedback_id>/delete', methods=['POST'])
def delete_feedback(feedback_id):
feedback = Feedback.query.get_or_404(feedback_id)
if feedback.username == session['username']:
db.session.delete(feedback)
db.session.commit()
flash("Feedback deleted!")
return redirect(f"/users/{feedback.username}")
else:
return redirect("/login")
@app.route('/users/<username>/delete', methods=['POST'])
def delete_user(username):
user = User.query.get(username)
if username == session['username']:
db.session.delete(user)
db.session.commit()
# remove the user from the session
session.pop("username")
flash("User deleted!")
return redirect(f"/login")
else:
return redirect("/login")