def index(): board_id = int(request.args.get('board_id', -1)) if board_id == -1: ms = Topic.all() else: ms = Topic.all(board_id=board_id) token = new_csrf_token() bs = Board.all() return render_template('topic/index.html', ms=ms, token=token, bs=bs, bid=board_id)
def my_collect(): u = current_user() token = new_csrf_token() bs = Board.all() t = Collect.all(user_id=u.id) l = [] for c in t: l.append(Topic.one(id=c.topic_id)) return render_template("topic/collect.html", u=u, ms=l, bs=bs, token=token)
def write(): receiver_id = int(request.args['id']) r: User = User.one(id=receiver_id) if r.receive_message is False: result = '对方不接受私信' return redirect(url_for('index.user_detail', id=r.id, result=result)) else: u = current_user() token = new_csrf_token() return render_template('mail/write.html', r=r, user=u, token=token)
def new(): board_id = int(request.args.get('board_id')) bs = Board.all() user = current_user() token = new_csrf_token() return render_template("topic/new.html", bs=bs, bid=board_id, user=user, token=token)
def index(): # todo:add csrfCheck board_id = int(request.args.get('board_id', -1)) if board_id == -1: ms = Topic.all() else: ms = Topic.all(board_id=board_id) token = new_csrf_token() bs = Board.all() u = current_user() return render_template("topic/index.html", u=u, ms=ms, bs=bs, bid=board_id, token=token)
def detail(): result = request.args.get('result', ' ') topic_id = request.args['id'] m = Topic.get(topic_id) rs = Reply.all(topic_id=topic_id) token = new_csrf_token() return render_template("topic/detail.html", topic=m, replies=rs, token=token, result=result)
def detail(id): # id = int(request.args['id']) # http://localhost:3000/topic/1 # m = Topic.one(id=id) m = Topic.get(id) u = current_user() # 不应该放在路由里面 # m.views += 1 # m.save() token = new_csrf_token() # 传递 topic 的所有 reply 到 页面中 return render_template("topic/detail.html", topic=m, token=token, user=u)
def send_to_user(user): token = new_csrf_token(user.id) title = '找回密码邮件' content = '请尽快点击此链接更改密码 https://www.liruipan.com/find_password_view?token={}&user_id={}'.format(token, user.id) m = flask_mail.Message( subject=title, body=content, sender=admin_mail, recipients=[user.email] ) mail.send(m) return None
def index(): u = current_user() unread = Messages.all(receiver_id=u.id, read=False) reads = Messages.all(receiver_id=u.id, read=True) sends = Messages.all(sender_id=u.id) token = new_csrf_token() t = render_template('mail/index.html', user=u, unread=unread, read=reads, sends=sends, token=token) return t
def reset_send_mail(): username = request.form['username'] u = User.one(username=username) if u is None: flash('该用户不存在!') return redirect(url_for('index.index')) token = new_csrf_token(u) Messages.send( title='sc论坛重置密码', content='http://152.136.129.239/reset/view?token={}'.format(token), sender_id=0, receiver_id=u.id) flash('邮件发送成功!') return redirect(url_for('index.index'))
def register(): form = request.get_json() u = User.register(form) if u is not None: data = {'message': 'successful'} session['user_id'] = u.id session.permanent = True res = response(data=data, status=status.HTTP_201_CREATED) csrf_token = new_csrf_token() res.set_cookie("csrf_token", csrf_token) return res else: data = 'register failed' return response(data=data, status=status.HTTP_400_BAD_REQUEST)
def user_detail(): user_id = request.args['id'] u = User.find(user_id) if u is None: abort(404) else: result = request.args.get('result', ' ') c = current_user() if c is None: current_user_id = -1 else: current_user_id = c.id token = new_csrf_token() return render_template('user/profile.html', user=u, current=current_user_id, token=token, result=result)
def index(): u = current_user() board_id = int(request.args.get('board_id', -1)) if board_id == -1: ms = Topic.all() else: ms = Topic.all(board_id=board_id) token = new_csrf_token() bs = Board.all() return render_template("homepage.html", ms=ms, token=token, bs=bs, bid=board_id, user=u)
def search(): u = current_user() board_id = int(request.args.get('board_id', -1)) content = str(request.args.get('content', -1)) ts = Topic.all() ms = [] for topic in ts: if content in topic.title: ms.append(topic) token = new_csrf_token() bs = Board.all() return render_template("homepage.html", ms=ms, token=token, bs=bs, bid=board_id, user=u)
def login(): form = request.get_json() u = User.validate_login(form) if u is None: # 转到 topic.index 页面 data = 'invalid username or password' return response(data, status=status.HTTP_401_UNAUTHORIZED) else: # session 中写入 user_id session['user_id'] = u.id # 设置 cookie 有效期为 永久 session.permanent = True data = {'message': 'successful'} res = response(data, status=status.HTTP_200_OK) csrf_token = new_csrf_token() res.set_cookie("csrf_token", csrf_token) return res
def change_password(): cap_id = request.args['cap_id'] user_id = int(request.args['user_id']) form = request.form.to_dict() u = User.one(username=form['username']) if u is None or u.id != user_id: r = '请输入正确的用户名' else: content = form['content'] flag = Captcha.scan(cap_id, content) if flag: password = User.salted_password(form['password']) User.update(user_id, password=password) r = '修改成功,请登陆' return redirect(url_for('.index', result=r)) else: r = '验证码不正确,请重新输入' token = new_csrf_token(user_id) return redirect(url_for('.find_password_view', token=token, user_id=user_id, result=r))
def profile(): result = request.args.get('result', ' ') u = current_user() token = new_csrf_token() return render_template('user/profile.html', user=u, current=u.id, token=token, result=result)
def index(): ms = Topic.all() u = current_user() token = new_csrf_token() return render_template("topic/index.html", ms=ms, user=u, token=token)
def new(): bs = Board.all() token = new_csrf_token() return render_template("topic/new.html", bs=bs, token=token)
def new(): board_id = int(request.args.get('board_id')) bs = Board.all() token = new_csrf_token() return render_template('topic/new.html', bs=bs, token=token, bid=board_id)
def index(): u = current_user() token = new_csrf_token() return render_template('admin_index.html', user=u, token=token)
def csrf_new(): token = new_csrf_token() data = dict(token=token) return response(data=data, status=status.HTTP_200_OK)
def setting(): u = current_user() r = request.args.get('result', ' ') token = new_csrf_token() return render_template('setting.html', user=u, token=token, result=r)