Exemplo n.º 1
0
def login():
    if current_user.is_authenticated:
        return redirect(url_for('post.posts'))
    form = LoginForm()
    if not request.environ.get('HTTP_X_FORWARDED_FOR'):
        ip = request.environ.get("REMOTE_ADDR")
    else:
        ip = request.environ.get('HTTP_X_FORWARDED_FOR')
    device = request.headers.get("User-agent")

    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).first()
        if user and user.check_password(form.password.data):
            login_user(user, remember=form.remember_me.data)
            new_login = Login(ip_address=ip, device=device, user=user)
            db.session.add(new_login)
            db.session.commit()

            next_page = request.args.get('next')
            return redirect(next_page) if next_page else redirect(
                url_for("post.posts"))

    return render_template("login.html",
                           form=form,
                           last_updated=dir_last_updated('app/static'))
Exemplo n.º 2
0
def posts():
    all_posts = BlogPost.query.filter_by(is_published=True).order_by(
        BlogPost.date_posted.desc()).all()
    return render_template('posts.html',
                           posts=all_posts,
                           last_updated=dir_last_updated('app/static'),
                           posts_active="active",
                           posts_sr='<span class="sr-only">(current)</span>')
Exemplo n.º 3
0
def forgot_password(done=False):
    if current_user.is_authenticated:
        return redirect(url_for('posts'))
    form = ForgotPasswordForm()

    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        user.send_mail(reset)
        return redirect(url_for("forgot_password", done=True))

    return render_template("forgot-password.html",
                           form=form,
                           done=done,
                           last_updated=dir_last_updated('app/static'))
Exemplo n.º 4
0
def register():
    form = RegistrationForm()
    if form.validate_on_submit():
        new_user = User(username=form.username.data, email=form.email.data)
        new_user.set_password(form.password.data)
        db.session.add(new_user)
        db.session.commit()
        if form.sign_in.data:
            login_user(new_user)
            return redirect(url_for('post.posts'))
        return redirect(url_for('auth.login'))
    return render_template("register.html",
                           form=form,
                           title="Sign Up",
                           last_updated=dir_last_updated('app/static'))
Exemplo n.º 5
0
def edit_profile():
    if current_user != user:
        abort(403)
    form = EditProfileForm(obj=current_user)
    form.user = current_user

    if form.validate_on_submit():
        current_user.set_password(form.new_password.data)
        current_user.email = form.email.data
        current_user.username = form.username.data
        db.session.commit()
        return redirect(url_for("post.home", username=current_user.username))

    return render_template("edit-profile.html",
                           form=form,
                           last_updated=dir_last_updated('app/static'))
Exemplo n.º 6
0
def reset_password(token):
    if current_user.is_authenticated:
        return redirect(url_for("posts"))
    user = User.validate_token(token)
    if user is None:
        return render_template("reset-password.html")

    form = ResetPasswordForm()
    form.user = user
    if form.validate_on_submit():
        user.set_password(form.password.data)
        db.session.commit()
        print("ran")
        return redirect(url_for("post.posts"))

    return render_template("reset-password.html",
                           form=form,
                           last_updated=dir_last_updated('app/static'))
Exemplo n.º 7
0
def editor(public_id=None):
    #cleaned_data =
    form = PostForm()
    if public_id:
        post = BlogPost.query.filter_by(public_id=public_id).first_or_404()
        if post.author != current_user:
            abort(403)
        form = PostForm(obj=post)

        if form.validate_on_submit():
            form.content.data = bleach.clean(
                form.content.data,
                tags=bleach.sanitizer.ALLOWED_TAGS + TAGS,
                attributes={
                    **bleach.sanitizer.ALLOWED_ATTRIBUTES,
                    **ATTRS
                },
                styles=bleach.sanitizer.ALLOWED_STYLES + STYLES)
            form.populate_obj(post)
            db.session.commit()
            return redirect(url_for('post.preview', public_id=post.public_id))

    if form.validate_on_submit():

        new_post = BlogPost(title=form.title.data,
                            content=form.content.data,
                            author=current_user)
        db.session.add(new_post)
        db.session.commit()
        return redirect(url_for('post.preview', public_id=new_post.public_id))

    if form.is_submitted():
        print(form.errors)
        for error in form.content.errors:
            flash(error, "danger")
        for error in form.title.errors:
            flash(error, "danger")

    return render_template("editor.html",
                           form=form,
                           last_updated=dir_last_updated('app/static'),
                           profile_active="active",
                           profile_sr='<span class="sr-only">(current)</span>')
Exemplo n.º 8
0
def home(username, post_id=None):
    user = User.query.filter_by(username=username).first_or_404()
    disabled = ""
    posts = user.posts.filter_by(is_published=True).order_by(
        BlogPost.date_posted.desc()).all()
    if current_user == user:
        posts = user.posts.order_by(BlogPost.date_posted.desc()).all()

    if post_id:
        posts = user.posts.filter_by(public_id=post_id,
                                     is_published=True).all()
        disabled = "disabled"

    return render_template('home.html',
                           user=user,
                           posts=posts,
                           last_updated=dir_last_updated('app/static'),
                           home_active='active',
                           home_sr=' <span class="sr-only">(current)</span>',
                           disabled=disabled)
Exemplo n.º 9
0
def preview(public_id):
    post = BlogPost.query.filter_by(public_id=public_id).first_or_404()
    if current_user != post.author:
        abort(403)

    if request.method == "POST":
        if request.form.get("publish"):
            if not post.is_published:
                post.is_published = True
                post.date_published = datetime.utcnow()
        else:
            post.published = False
        db.session.commit()
        print(post.is_published)
        return redirect(url_for('post.home', username=current_user.username))

    return render_template("preview.html",
                           post=post,
                           last_updated=dir_last_updated('app/static'),
                           profile_active='active',
                           profile_sr='<span class="sr-only">(current)</span>')
Exemplo n.º 10
0
def single_post(public_id):
    post = BlogPost.query.filter_by(public_id=public_id).first_or_404()

    return render_template("post.html",
                           post=post,
                           last_updated=dir_last_updated('app/static'))