def account(): form = UpdateAccountForm() if form.validate_on_submit(): if form.picture.data: picture_path = os.path.join(current_app.root_path, 'static/profile_pics', current_user.image_file) if current_user.image_file != 'default.jpg': os.remove(picture_path) picture_file = save_picture(form.picture.data) current_user.image_file = picture_file if current_user.email != form.email.data: current_user.confirmed_email = False current_user.username = form.username.data current_user.email = form.email.data session.commit() flash('Your account has been updated', 'success') return redirect(url_for('users.account')) elif request.method == 'GET': form.username.data = current_user.username form.email.data = current_user.email image_file = url_for('static', filename='profile_pics/' + current_user.image_file) return render_template('account.html', title='Account', image_file=image_file, form=form, confirm_email=current_user.confirmed_email)
def confirm_email(token): user = User.verify_confirm_email(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('main.home')) user.confirmed_email = True session.commit() flash('Email has been confirmed.', 'success') return redirect(url_for('main.home'))
def delete_post(post_id): post = session.query(Post).get(post_id) if post: if post.author != current_user: return render_template("errors/403.html") session.delete(post) session.commit() flash('Your post has been deleted!', 'success') return redirect(url_for('main.home')) else: return render_template("errors/404.html")
def register(): if current_user.is_authenticated: return redirect(url_for('main.home')) form = RegistrationForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) session.add(user) session.commit() # flash('Account created for {}!'.format(form.username.data), 'success') send_confirm_email(user) flash('Your account has been created! You are now able to log in', 'success') return redirect(url_for('users.login')) return render_template('register.html', title='Register', form=form)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('main.home')) user = User.verify_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('users.reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash( form.password.data).decode('utf-8') user.password = hashed_password session.commit() flash('Your password has been updated! You are now able to login.', 'success') return redirect(url_for('users.login')) return render_template('reset_token.html', title="Reset Password", form=form)
def new_post(): print current_user.confirmed_email if current_user.confirmed_email == False: flash('Please confirm your email first before you can create a post.', 'info') return redirect(url_for('main.home')) form = PostForm() if form.validate_on_submit(): post = Post(title=form.title.data, content=form.content.data, author=current_user) session.add(post) session.commit() flash('Your post has been created!', 'success') return redirect(url_for('main.home')) return render_template('create_post.html', title='New Post', form=form, legend="New Post")
def update_post(post_id): post = session.query(Post).get(post_id) if post: if post.author != current_user: return render_template("errors/403.html") form = PostForm() if form.validate_on_submit(): post.title = form.title.data post.content = form.content.data session.commit() flash('Your post has been updated!', 'success') return redirect(url_for('posts.post', post_id=post.id)) elif request.method == 'GET': form.title.data = post.title form.content.data = post.content return render_template('create_post.html', title='Update Post', form=form, legend="Update Post") else: return render_template("errors/404.html")