def account():
form = UpdateAccountForm()
if form.validate_on_submit():
if form.picture.data:
picture_path = os.path.join(current_app.root_path,
'static/profile_pics',
current_user.image_file)
if current_user.image_file != 'default.jpg':
os.remove(picture_path)
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
if current_user.email != form.email.data:
current_user.confirmed_email = False
current_user.username = form.username.data
current_user.email = form.email.data
session.commit()
flash('Your account has been updated', 'success')
return redirect(url_for('users.account'))
elif request.method == 'GET':
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for('static',
filename='profile_pics/' + current_user.image_file)
return render_template('account.html',
title='Account',
image_file=image_file,
form=form,
confirm_email=current_user.confirmed_email)
def confirm_email(token):
user = User.verify_confirm_email(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('main.home'))
user.confirmed_email = True
session.commit()
flash('Email has been confirmed.', 'success')
return redirect(url_for('main.home'))
def delete_post(post_id):
post = session.query(Post).get(post_id)
if post:
if post.author != current_user:
return render_template("errors/403.html")
session.delete(post)
session.commit()
flash('Your post has been deleted!', 'success')
return redirect(url_for('main.home'))
else:
return render_template("errors/404.html")
def register():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password)
session.add(user)
session.commit()
# flash('Account created for {}!'.format(form.username.data), 'success')
send_confirm_email(user)
flash('Your account has been created! You are now able to log in',
'success')
return redirect(url_for('users.login'))
return render_template('register.html', title='Register', form=form)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user.password = hashed_password
session.commit()
flash('Your password has been updated! You are now able to login.',
'success')
return redirect(url_for('users.login'))
return render_template('reset_token.html',
title="Reset Password",
form=form)
def new_post():
print current_user.confirmed_email
if current_user.confirmed_email == False:
flash('Please confirm your email first before you can create a post.',
'info')
return redirect(url_for('main.home'))
form = PostForm()
if form.validate_on_submit():
post = Post(title=form.title.data,
content=form.content.data,
author=current_user)
session.add(post)
session.commit()
flash('Your post has been created!', 'success')
return redirect(url_for('main.home'))
return render_template('create_post.html',
title='New Post',
form=form,
legend="New Post")
def update_post(post_id):
post = session.query(Post).get(post_id)
if post:
if post.author != current_user:
return render_template("errors/403.html")
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.content = form.content.data
session.commit()
flash('Your post has been updated!', 'success')
return redirect(url_for('posts.post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title='Update Post',
form=form,
legend="Update Post")
else:
return render_template("errors/404.html")