def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
user = User(username=form.username.data, email=form.email.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash(_('Congratulations, you are now a registered user!'))
return redirect(url_for('auth.login'))
return render_template('auth/register.html',
title=_('Register'),
form=form)
def create_user():
data = request.get_json() or {}
if 'username' not in data or 'email' not in data or 'password' not in data:
return bad_request('must include username, email and password fields')
if User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
if User.query.filter_by(email=data['email']).first():
return bad_request('please use a different email address')
user = User()
user.from_dict(data, new_user=True)
db.session.add(user)
db.session.commit()
response = jsonify(user.to_dict())
response.status_code = 201
response.headers['Location'] = url_for('api.get_user', id=user.id)
return response
def get_followed(id):
user = User.query.get_or_404(id)
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 10, type=int), 100)
data = User.to_collection_dict(user.followed, page, per_page,
'api.get_followed', id=id)
return jsonify(data)
def login():
if request.method == 'GET':
return render_template("login.html")
username = request.form['username']
password = request.form['password']
password_blob = get_password(username)
db_password = decrypt(password_blob) if password_blob is not None else None
if db_password is not None:
if username != "admin" and password == db_password:
user = User(username, "user")
login_user(user)
return redirect(url_for('index'))
elif username == "admin" and password == db_password:
user = User(username, "admin")
login_user(user)
return redirect(url_for('manage'))
else:
return render_template("login.html",
msg="Wrong password, please try again")
return render_template("login.html", msg="User name not exists")
def reset_password(token):
if current_user.is_authenticated:
return redirect(url_for('main.index'))
user = User.verify_reset_password_token(token)
if not user:
return redirect(url_for('main.index'))
form = ResetPasswordForm()
if form.validate_on_submit():
user.set_password(form.password.data)
db.session.commit()
flash(_('Your password has been reset.'))
return redirect(url_for('auth.login'))
return render_template('auth/reset_password.html', form=form)
def register():
username = request.json['username'], #lấy dữ liệu từ file json vừa nhận
email = request.json['email'],
password = request.json['password']
hashed_password = bcrypt.generate_password_hash(password).decode('utf-8') #hash password
if User.query.filter_by(email = email).first():
return jsonify({"msg" : "Email already existed"}),409
if User.query.filter_by(username = username).first():
return jsonify({"msg" : "UserName already existed"}),409
else:
new_user = User(username =username, email = email, password = hashed_password)
db.session.add(new_user)
db.session.commit()
return user_schema.jsonify(new_user) #serialization
def test_follow(self):
u1 = User(username='******', email='*****@*****.**')
u2 = User(username='******', email='*****@*****.**')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
self.assertEqual(u1.followed.all(), [])
self.assertEqual(u1.followers.all(), [])
u1.follow(u2)
db.session.commit()
self.assertTrue(u1.is_following(u2))
self.assertEqual(u1.followed.count(), 1)
self.assertEqual(u1.followed.first().username, 'susan')
self.assertEqual(u2.followers.count(), 1)
self.assertEqual(u2.followers.first().username, 'john')
u1.unfollow(u2)
db.session.commit()
self.assertFalse(u1.is_following(u2))
self.assertEqual(u1.followed.count(), 0)
self.assertEqual(u2.followers.count(), 0)
def get_users():
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 10, type=int), 100)
data = User.to_collection_dict(User.query, page, per_page, 'api.get_users')
return jsonify(data)
def test_follow_posts(self):
# create four users
u1 = User(username='******', email='*****@*****.**')
u2 = User(username='******', email='*****@*****.**')
u3 = User(username='******', email='*****@*****.**')
u4 = User(username='******', email='*****@*****.**')
db.session.add_all([u1, u2, u3, u4])
# create four posts
now = datetime.utcnow()
p1 = Post(body="post from john",
author=u1,
timestamp=now + timedelta(seconds=1))
p2 = Post(body="post from susan",
author=u2,
timestamp=now + timedelta(seconds=4))
p3 = Post(body="post from mary",
author=u3,
timestamp=now + timedelta(seconds=3))
p4 = Post(body="post from david",
author=u4,
timestamp=now + timedelta(seconds=2))
db.session.add_all([p1, p2, p3, p4])
db.session.commit()
u1.follow(u2) # john follows susan
u1.follow(u4) # john follows david
u2.follow(u3) # susan follows mary
u3.follow(u4) # mary follows david
db.session.commit()
# check the followed posts of each user
f1 = u1.followed_posts().all()
f2 = u2.followed_posts().all()
f3 = u3.followed_posts().all()
f4 = u4.followed_posts().all()
self.assertEqual(f1, [p2, p4, p1])
self.assertEqual(f2, [p2, p3])
self.assertEqual(f3, [p3, p4])
self.assertEqual(f4, [p4])
def test_avatar(self):
u = User(username='******', email='*****@*****.**')
self.assertEqual(u.avatar(128), ('https://www.gravatar.com/avatar/'
'd4c74594d841139328695756648b6bd6'
'?d=retro&s=128'))
def test_password_hashing(self):
u = User(username='******')
u.set_password('cat')
self.assertFalse(u.check_password('dog'))
self.assertTrue(u.check_password('cat'))
def verify_token(token):
g.current_user = User.check_token(token) if token else None
return g.current_user is not None