def add_comment():
form = CommentForm()
if form.validate_on_submit():
comment = Comment(text=form.comment_text.data,
news_id=form.news_id.data,
user_id=current_user.id)
db.session.add(comment)
db.session.commit()
flash("Коментарий успешно добавлен", "success")
return redirect(get_redirect_target())
def add_comment():
form = CommentForm()
if form.validate_on_submit():
post = Post.objects(id=form.post_id.data).get()
comment = Comment(text=form.comment_text.data,
from_user=User.objects(id=current_user.id).get(),
post=post)
comment.save()
Post.objects(id=form.post_id.data).update_one(push__comments=comment)
return redirect(get_redirect_target())
def process_login():
form = LoginForm()
if form.validate_on_submit():
user = User.objects.get(username=form.username.data)
if user and user.check_password(form.password.data):
login_user(user)
flash('You are logged in')
return redirect(url_for('posts.index'))
else:
flash('Wrong username or password')
return redirect(get_redirect_target()) #url_for('posts.index'))
def login():
if current_user.is_authenticated:
return redirect(
get_redirect_target()) #redirect(url_for("posts.index"))
title = "Authentication"
login_form = LoginForm()
return render_template("user/login.html",
page_title=title,
form=login_form)
def test_get_redirect_target(self):
with self.app.test_request_context('/?next=http://externalsite.com'):
self.assertIsNone(get_redirect_target())
with self.app.test_request_context('/?next=safe_internal_link'):
self.assertEquals(get_redirect_target(), 'safe_internal_link')
def redirect(self, endpoint='index', **values):
if is_safe_url(self.next.data):
return redirect(self.next.data)
target = get_redirect_target()
return redirect(target or url_for(endpoint, **values))
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
if not self.next.data:
self.next.data = get_redirect_target() or ''
def delete_comment():
form = DeleteForm()
id_ = form.id_.data
comment = Comment.objects(id=id_).get()
comment.delete()
return redirect(get_redirect_target())
