def edit_profile_admin(user_id):
user = User.query.get_or_404(user_id)
form = EditProfileAdminForm(user=user)
if form.validate_on_submit():
user.name = form.name.data
role = Role.query.get(form.role.data)
if role.name == 'Locked':
user.lock()
user.role = role
user.bio = form.bio.data
user.website = form.website.data
user.confirmed = form.confirmed.data
user.active = form.active.data
user.location = form.location.data
user.username = form.username.data
user.email = form.email.data
db.session.commit()
flash('Profile updated.', 'success')
return redirect_back()
form.name.data = user.name
form.role.data = user.role_id
form.bio.data = user.bio
form.website.data = user.website
form.location.data = user.location
form.username.data = user.username
form.email.data = user.email
form.confirmed.data = user.confirmed
form.active.data = user.active
return render_template('admin/edit_profile.html', form=form, user=user)
def logout():
"""
用户登出
:return:
"""
logout_user()
return redirect_back()
def change_theme(theme_name):
if theme_name not in current_app.config['BLOG_THEMES'].keys():
abort(404)
response = make_response(redirect_back())
response.set_cookie('theme', theme_name, max_age=30 * 24 * 60 * 60)
return response
def delete_teacher(id):
teacher = Teacher.query.get_or_404(id)
user = User.query.get_or_404(id)
db.session.delete(teacher)
db.session.delete(user)
db.session.commit()
flash('删除成功', 'success')
return redirect_back()
def delete_stu(id):
stu = Student.query.get_or_404(id)
user = User.query.get_or_404(id)
db.session.delete(stu)
db.session.delete(user)
db.session.commit()
flash('删除成功', 'success')
return redirect_back()
def lock_user(user_id):
user = User.query.get_or_404(user_id)
if user.role.name in ['Administrator', 'Moderator']:
flash('Permission denied.', 'warning')
else:
user.lock()
flash('Account locked.', 'info')
return redirect_back()
def unfollow(username):
user = User.query.filter_by(username=username).first_or_404()
if not current_user.is_following(user):
flash('Not follow yet.', 'info')
return redirect(url_for('.index', username=username))
current_user.unfollow(user)
flash('User unfollowed.', 'info')
return redirect_back()
def re_authenticate():
if login_fresh():
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit() and current_user.validate_password(
form.password.data):
confirm_login()
return redirect_back()
return render_template('auth/login.html', form=form)
def set_comment(post_id):
post = Post.query.get_or_404(post_id)
if post.can_comment:
post.can_comment = False
flash('Comment disabled.', 'success')
else:
post.can_comment = True
flash('Comment enabled.', 'success')
db.session.commit()
return redirect_back()
def follow(username):
user = User.query.filter_by(username=username).first_or_404()
if current_user.is_following(user):
flash('Already followed.', 'info')
return redirect(url_for('.index', username=username))
current_user.follow(user)
flash('User followed.', 'success')
#if user.receive_follow_notification:
#push_follow_notification(follower=current_user, receiver=user)
return redirect_back()
def login():
if request.method == 'GET' and session.get('logged_in'):
return redirect_back('home')
form = KeyForm()
if request.method == 'POST' and form.validate_on_submit():
key = form.key.data
if check_password_hash(Key.get_by_id(1).key, key):
session['logged_in'] = True
flash('<script>alert("登陆认证成功")</script>')
return redirect(url_for('home'))
else:
flash('<script>alert("密码验证失败")</script>')
return render_template('login.html', form=form)
def search():
q = request.args.get('q')
if q == '':
flash('请重新输入!', 'info')
return redirect_back()
page = request.args.get('page', 1, type=int)
pagination = Recipe.query.whooshee_search(q).paginate(page, per_page=20)
results = pagination.items
return render_template('search.html',
pagination=pagination,
results=results,
q=q)
def url_add():
pin_id = request.values.get('url_pin_id');
url = Url()
url.pin_id = pin_id
if request.method == 'POST':
form = UrlForm(request.form)
if form.validate():
for key, value in form.data.items():
setattr(url, key, value)
db.session.add(url)
db.session.commit()
return utils.redirect_back('map_list')
else:
flash('form not valid')
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user, form.remember_me.data):
flash('Login success.', 'info')
return redirect_back()
else:
flash('Your account is blocked.', 'warning')
return redirect(url_for('main.index'))
flash('Invalid email or password.', 'warning')
return render_template('auth/login.html', form=form)
def detail(uid):
headers = {
'user-agent':
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36',
'authority': 'home.meishichina.com',
}
recipe = Recipe.query.filter_by(uid=uid).first()
url = 'https://home.meishichina.com/recipe-' + str(uid) + '.html'
data = requests.get(url, headers=headers).content.decode('utf-8')
step = re.compile(
'<div class="recipeStep">([\s\S]*?)</div>\n<div class="mo">').findall(
data)
ingredient = recipe.ingredient.split('、')
message = re.compile(
'<span class="txt_tart">“</span>(.*?)<span class="txt_end">”').findall(
data)
imageurl = re.compile('<span></span><img src="(.*?)" alt').findall(data)
print(message)
if (len(message)) == 0:
message = '无介绍'
else:
message = message[0]
if len(step) != 0:
step = '<div class="recipeStep">' + step[0] + '</div>'
return render_template('detail.html',
step=step,
ingredient=ingredient,
recipe=recipe,
message=message,
imageurl=imageurl[0])
else:
print('第一次获取数据失败!')
print(recipe.uid)
step = re.compile(
'<div class="recipeStep">([\s\S]*?)</div>\n<div class="recipeTip mt16'
).findall(data)
step = '<div class="recipeStep">' + step[0] + '</div>'
if len(step) == 0:
flash('数据获取失败!', 'info')
return redirect_back()
else:
return render_template('detail.html',
step=step,
ingredient=ingredient,
recipe=recipe,
message=message,
imageurl=imageurl[0])
def login():
if current_user.is_authenticated:
return redirect(url_for('blog.index'))
form = LoginForm()
if form.validate_on_submit():
username = form.username.data
password = form.password.data
remember = form.remember.data
admin = Admin.query.first()
if admin:
if username == admin.username and admin.validate_password(
password):
login_user(admin, remember)
flash('Welcome back', 'info')
return redirect_back()
flash('Invalid username or password', 'warning')
else:
flash('No account', 'warning')
return render_template('auth/login.html', form=form)
def pin_add(map_id):
m = db.session.query(Map).filter_by(id=map_id).first()
if m.manager_id != g.user.id and g.user.privileged is not True:
flash('no privilige')
return utils.redirect_back('map_list')
mp = Mappin()
name = request.values.get("name")
description = request.values.get("description")
lat = request.values.get("lat")
lng = request.values.get("lng")
score = request.values.get("score")
address = request.values.get("address")
pin = Pin(name=name, description=description, lat=lat, lng=lng,
score=score, address=address)
mp.pin = pin
m.pins.append(mp)
db.session.commit()
return redirect(url_for("map_view", id=map_id))
def login():
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(id=form.id.data.lower()).first()
if user is not None and user.validate_password(form.password.data):
if login_user(user):
if user.role == 1:
flash(Student.query.filter_by(id=form.id.data.lower()).first().name+'同学你好', 'info')
return redirect(url_for('index_stu.index_stu'))
if user.role == 2:
flash(Teacher.query.filter_by(id=form.id.data.lower()).first().name+'老师你好','info')
return redirect(url_for('index_teachers.index_teachers'))
if user.role == 3:
flash('管理员你好', 'info')
return redirect(url_for('index_admin.index_admin'))
return redirect_back()
else:
flash('您的账号被锁定了.', 'warning')
return redirect(url_for('index_main.index'))
flash('账号或者密码错误', 'warning')
return render_template('index/login.html',form=form)
def login():
if request.method == 'GET':
return render_template('auth/login.html')
res = request.get_json()
username = res['username']
password = res['password']
user = None
if (User.objects(username=username).count()):
user = User.objects(username=username).get()
if not user:
return jsonify({
'status': 'error',
'message': 'no such user'
})
if user.password == password:
session['logged_in'] = True
session['current_user'] = username
return redirect_back()
else:
return jsonify({
'status': 'error',
'message': 'password incorrect'
})
def logout():
logout_user()
flash('Logout success.', 'info')
return redirect_back()
def decorated_function(*args, **kwargs):
if current_user() is None:
return redirect(url_for('login', next=request.url))
if current_user().privileged is not True:
return utils.redirect_back('map_list')
return f(*args, **kwargs)
def unblock_user(user_id):
user = User.query.get_or_404(user_id)
user.unblock()
flash('Block canceled.', 'info')
return redirect_back()
def delete_tag(tag_id):
tag = Tag.query.get_or_404(tag_id)
db.session.delete(tag)
db.session.commit()
flash('Tag deleted.', 'info')
return redirect_back()
def delete_post(post_id):
post = Post.query.get_or_404(post_id)
db.session.delete(post)
db.session.commit()
flash('Post deleted.', 'success')
return redirect_back()
def delete_comment(comment_id):
comment = Comment.query.get_or_404(comment_id)
db.session.delete(comment)
db.session.commit()
flash('Comment deleted.', 'success')
return redirect_back()
def approve_comment(comment_id):
comment = Comment.query.get_or_404(comment_id)
comment.reviewed = True
db.session.commit()
flash('Comment published.', 'success')
return redirect_back()
def delete_course(id):
course = Course.query.get_or_404(id)
db.session.delete(course)
db.session.commit()
flash('删除成功', 'success')
return redirect_back()
def delete_banji(id):
banji = Banji.query.get_or_404(id)
db.session.delete(banji)
db.session.commit()
flash('删除成功', 'success')
return redirect_back()
