def account():
form = UpdateAccountForm()
if form.validate_on_submit():
#check if there's picture data
if form.picture.data:
picture_file = save_picture(form.picture.data)
current_user.image_file = picture_file
User.objects(email=current_user.email).update_one(
image_file=picture_file)
current_user.username = form.username.data
current_user.email = form.email.data
User.objects(email=current_user.email).update_one(
username=form.username.data, email=form.email.data)
flash('account updated', 'success')
return redirect(url_for('users.account'))
elif request.method == 'GET':
# populate form fields
form.username.data = current_user.username
form.email.data = current_user.email
image_file = url_for('static',
filename="profile_pics/" + current_user.image_file)
return render_template('account.html',
title='Account',
image_file=image_file,
form=form)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
User.objects(email=user.email).update_one(password=hashed_password)
flash(f'Password has been updated', 'success')
return redirect(url_for('main.home'))
return render_template('reset_token.html', title='Reset Password', form=form)
def register():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
# form = RegistrationForm()
# if form.validate_on_submit():
if request.method == 'POST':
data = json.loads(request.data)
email = data['email']
user = None
for query in User.objects(email=email):
user = query
if user:
# todo: email exists
return json.dumps({'success': False}), 400, {
'ContentType': 'application/json'
}
hashed_password = bcrypt.generate_password_hash(
data['password']).decode('utf-8')
user = User(username=data['username'],
email=data['email'],
password=hashed_password).save()
return json.dumps({'success': True}), 200, {
'ContentType': 'application/json'
}
return render_template('register.html', title='Register', form=form)
def delete_post(post_id):
post = Post.objects(id=post_id).first()
if not post:
abort(404)
user = User.objects(id=current_user.id).first()
if post.author != user:
abort(403)
post.delete()
flash('Your post has been deleted!', 'success')
return redirect(url_for('home'))
def profile(user_id):
if current_user.id == user_id:
return redirect(url_for('users.account'))
for query in User.objects(id=user_id):
user = query
image_file = url_for('static', filename="profile_pics/" + user.image_file)
return render_template('profile.html',
title='Profile',
image_file=image_file,
user=user)
def reset_request():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = RequestResetForm()
if form.validate_on_submit():
for query in User.objects(email=form.email.data):
user = query
send_reset_email(user)
flash("An email has been sent with instructions to reset your password", "info")
return redirect(url_for('users.login'))
return render_template('reset_request.html', title='Reset Password', form=form)
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = LoginForm()
if form.validate_on_submit():
for query in User.objects(email=form.email.data):
user = query
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get("next") # gets next param in url link
return redirect(next_page) if next_page else redirect(url_for('main.home'))
else:
flash('Login Unsuccessful. Please check email and password', 'danger')
return render_template('login.html', title='Login', form=form)
def new_post():
form = PostForm()
if form.validate_on_submit():
user = User.objects(username=current_user.username).first()
post = Post(title=form.title.data,
content=form.content.data,
author=user)
post.save()
flash('Your post has been created!', 'success')
return redirect(url_for('home'))
return render_template('create_post.html',
title="New Post",
form=form,
legend="Create New Post")
def update_post(post_id):
post = Post.objects(id=post_id).first()
if not post:
abort(404)
user = User.objects(id=current_user.id).first()
if post.author != user:
abort(403)
form = PostForm()
if form.validate_on_submit():
post.update(title=form.title.data, content=form.content.data)
flash('Your post has been updated!', 'success')
return redirect(url_for('post', post_id=post.id))
elif request.method == 'GET':
form.title.data = post.title
form.content.data = post.content
return render_template('create_post.html',
title="Update Post",
form=form,
legend="Update Post")
def login():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
if request.method == 'POST':
data = json.loads(request.data)
email = data['email']
pw = data['password']
user = None
for query in User.objects(email=email):
user = query
if user:
if bcrypt.check_password_hash(user.password, password):
login_user(user, remember=form.remember.data)
next_page = request.args.get(
"next") # gets next param in url link
return json.dumps({'success': True}), 200, {
'ContentType': 'application/json'
}
else:
return json.dumps({'success': False}), 400, {
'ContentType': 'application/json'
}
else:
return json.dumps({'success': False}), 400, {
'ContentType': 'application/json'
}
#login_pw = login_data['password']
'''
for query in User.objects(email=form.email.data):
user = query
if user and bcrypt.check_password_hash(user.password, form.password.data):
login_user(user, remember=form.remember.data)
next_page = request.args.get("next") # gets next param in url link
return redirect(next_page) if next_page else redirect(url_for('main.home'))
else:
flash('Login Unsuccessful. Please check email and password', 'danger')
'''
if request.method == 'GET':
return render_template('login.html', title='Login')
