def authenticate(self):
try:
username = request.params['username']
password = request.params['password']
password = User.hash(password)
user = Session.query(User).filter(User.username == username).\
filter(User.password == password).\
one()
except:
session['flash'] = 'Authentication Failed'
session.save()
return redirect('/login')
session['user'] = {
'id': 'user.id',
'username': '******'
}
session['flash'] = 'Successfully logged in'
session.save()
if session.get('path_before_login'):
return redirect(session['path_before_login'])
else:
return redirect('/')
def create(self):
"""POST /pages: Create a new item"""
# url('pages')
create_form = page_form.bind(Page, data=request.POST)
if request.POST and create_form.validate():
page_args = {
'title': create_form.title.value,
'content': create_form.content.value
}
page = Page(**page_args)
Session.add(page)
Session.commit()
redirect('/pages/show/%s' % page.id)
context = {
'page_form': create_form.render()
}
return render('pages/edit.html', context)
def show(self, id, format='html'):
"""GET /pages/id: Show a specific item"""
# url('page', id=ID)
if id is None:
abort(404)
page = Session.query(Page).filter_by(id = id).first()
if page is None:
abort(404)
context = {'page': page}
return render('/pages/show.html', context)
def delete(self, id):
"""DELETE /pages/id: Delete an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="DELETE" />
# Or using helpers:
# h.form(url('page', id=ID),
# method='delete')
# url('page', id=ID)
if id is None:
abort(404)
page = Session.query(Page).filter_by(id = id).first()
if page is None:
abort(404)
if request.params.get('_method') == 'DELETE':
Session.delete(page)
Session.commit()
context = {'confirm': True}
else:
context = {'id': id}
return render('pages/delete.html', context)
def update(self, id):
"""PUT /pages/id: Update an existing item"""
# Forms posted to this method should contain a hidden field:
# <input type="hidden" name="_method" value="PUT" />
# Or using helpers:
# h.form(url('page', id=ID),
# method='put')
# url('page', id=ID)
if id is not None:
page = Session.query(Page).filter_by(id = id).first()
if page is None:
abort(404)
edit_form = page_form.bind(page, data=request.POST)
if request.POST and edit_form.validate():
edit_form.sync()
Session.commit()
redirect('/pages/show/%s' % id)
context = {
'edit_form': edit_form.render(),
'page': page
}
return render('pages/edit.html', context)
def edit(self, id, format='html'):
"""GET /pages/id/edit: Form to edit an existing item"""
# url('edit_page', id=ID)
if id is not None:
page = Session.query(Page).filter_by(id = id).first()
if page is None:
abort(404)
else:
redirect('/pages/new')
edit_form = page_form.bind(page)
context = {
'page_form': edit_form.render(),
'page': page
}
return render('pages/edit.html', context)
