def account(username): if current_user.username != username: abort(403) form = DeleteAccountForm() user = User.objects(username=username).first_or_404() return render_template("users/account.html", user=user, form=form, title="Account")
def dashboard(): if current_user.username != "admin": abort(403) users = User.objects() posts = Post.objects() categories = Categories.objects() return render_template("admin/dashboard.html", title="Dashboard", users=users, posts=posts, categories=categories,)
def users_posts(username): categories = Categories.objects() form = SearchForm() page = request.args.get('page', 1, type=int) user = User.objects(username=username).first_or_404() posts = Post.objects(author=user.id).order_by("-date_posted").paginate( page=page, per_page=4) return render_template("users/users_posts.html", title=f"{user.username}'s Posts", posts=posts, heading=f"{user.username}'s Posts", form=form, categories=categories, user=user)
def delete_account(username): if request.method == "POST": # find user in database and delete their details user = User.objects(username=username).first() posts = Post.objects(author=user) comments = Comment.objects(comment_author=user) user.delete() posts.delete() comments.delete() flash("Account deleted successfully", "success") return redirect(url_for("main.home")) # if the users types this route into the url it will # give an error so the account can only be deleted from the modal form # on the users account page. return abort(403)
def login(): # if the user has logged in and gets to # this route they will be redirected home if current_user.is_authenticated: return redirect(url_for("posts.all_posts")) form = LoginForm() if form.validate_on_submit(): # Finds the user in the database by their username user = User.objects(username=form.username.data).first() # if user exists use bycrpt check passsword hashes # function to check the passwords match if user and bcrypt.check_password_hash(user.password, form.password.data): login_user(user, remember=form.remember_user.data) flash("You've been logged in successfully", "success") return redirect(url_for("posts.all_posts")) # if no user exists or wrong details lets # user know and directs them back to the login page else: flash("Login Unsuccessful. Please check login details", "errors") return redirect(url_for("users.login")) return render_template("users/login.html", title="Login", form=form)
def validate_email(self, email): if email.data != current_user.email: user = User.objects(email=email.data).first() if user is not None: raise ValidationError("Email already in use.\ Please try another")
def validate_username(self, username): if username.data != current_user.username: user = User.objects(username=username.data).first() if user is not None: raise ValidationError("Username already in use.\ Please try another")
def validate_email(self, email): user = User.objects(email=email.data).first() if user is not None: raise ValidationError("Email already signedup.")
def validate_username(self, username): user = User.objects(username=username.data).first() if user is not None: raise ValidationError("Username already signedup.")