def show(id): found_user = User.query.get(id) if (request.method == 'GET' or current_user.is_anonymous or current_user.get_id() != str(id)): return render_template('users/show.html', user=found_user) if request.method == b'PATCH': form = EditForm(request.form) if form.validate(): if User.authenticate(found_user.username, form.password.data): found_user.username = form.username.data found_user.email = form.email.data found_user.first_name = form.first_name.data or None found_user.last_name = form.last_name.data or None found_user.bio = form.bio.data or None found_user.location = form.location.data or None found_user.image_url = form.image_url.data or None found_user.header_image_url = form.header_image_url.data or None db.session.add(found_user) db.session.commit() return redirect(url_for('users.show', id=id)) flash({ 'text': 'Wrong password, please try again.', 'status': 'danger' }) return render_template('users/edit.html', form=form, user=found_user) if request.method == b'DELETE': token = request.form.get('csrf_token') if validate_csrf(token) == None: db.session.delete(found_user) db.session.commit() return redirect(url_for('users.signup')) return render_template('404.html')
def show(id): found_user = User.query.get(id) if (request.method == 'GET' or current_user.is_anonymous or current_user.get_id() != str(id)): return render_template('users/show.html', user=found_user) if request.method == b"PATCH": form = UserForm(request.form) if form.validate(): if User.authenticate(found_user.username, form.password.data): found_user.username = form.username.data found_user.email = form.email.data found_user.image_url = form.image_url.data found_user.name = form.name.data found_user.location = form.location.data found_user.bio = form.bio.data found_user.header_image_url = form.header_image_url.data db.session.add(found_user) db.session.commit() return redirect(url_for('users.show', id=id)) flash({ 'text': "Wrong password, please try again.", 'status': 'danger' }) return render_template('users/edit.html', form=form, user=found_user) if request.method == b"DELETE": logout_user() db.session.delete(found_user) db.session.commit() return redirect(url_for('users.signup'))
def show(id): found_user = User.query.get_or_404(id) if (request.method == 'GET' or current_user.is_anonymous or current_user.get_id() != str(id)): return render_template('users/show.html', user=found_user) if request.method == b"PATCH": edit_user_form = EditUserForm(request.form) if edit_user_form.validate(): if User.authenticate(found_user.username, edit_user_form.password.data): found_user.username = edit_user_form.username.data found_user.email = edit_user_form.email.data found_user.image_url = edit_user_form.image_url.data or None found_user.first_name = edit_user_form.first_name.data or None found_user.last_name = edit_user_form.last_name.data or None found_user.location = edit_user_form.location.data or None found_user.bio = edit_user_form.bio.data or None found_user.header_image_url = edit_user_form.header_image_url.data or '/static/images/warbler-hero.jpg' db.session.add(found_user) db.session.commit() return redirect(url_for('users.show', id=id)) flash({ 'text': "Wrong password, please try again.", 'status': 'danger' }) # from IPython import embed; embed() return render_template('users/edit.html', form=edit_user_form, user=found_user) if request.method == b"DELETE": db.session.delete(found_user) db.session.commit() return redirect(url_for('users.signup'))
def login(): form = UserForm(request.form) if request.method == "POST" and form.validate(): user = User.authenticate(form.data["username"], form.data["password"]) if user: session["user_id"] = user.id flash("You've successfully logged in!") return redirect(url_for("users.welcome")) return render_template("login.html", form=form)
def login(): form = UserForm(request.form) if request.method == "POST": if form.validate(): user = User.authenticate(form.data['username'], form.data['password']) if user: login_user(user) flash("You've successfully logged in!") return redirect(url_for('users.welcome')) flash("Invalid credentials. Please try again.") return render_template('login.html', form=form)
def login(): form = LoginForm(request.form) if request.method == "POST": if form.validate(): user = User.authenticate( form.data['username'], form.data['password']) if user: login_user(user) flash("You are now logged in!") return redirect(url_for('users.users')) flash("Invalid Credentials") return render_template('users/login.html', form=form)
def login(): form = LoginForm() if request.method == "POST": if form.validate(): found_user = User.authenticate(form.username.data, form.password.data) if found_user: login_user(found_user) flash({ 'text': f"Hello, {found_user.username}!", 'status': 'success' }) return redirect(url_for('root')) flash({'text': "Invalid credentials.", 'status': 'danger'}) return render_template('users/login.html', form=form) return render_template('users/login.html', form=form)
def login(): form = UserForm(request.form) if request.method == "POST" and form.validate(): if User.authenticate(form.data['username'], form.data['password']): return redirect(url_for('users.welcome')) return render_template('login.html', form=form)