def dashboard(): if user_logged_in(): return render_template('dashboard.html', links=get_current_user_links(session['user']), user=get_current_user(), url_not_valid=request.args.get('url_not_valid')) return redirect(url_for('login'))
def register(): if user_logged_in(): return redirect(url_for('index')) if request.method == 'POST': name, email, password = request.form['name'], request.form[ 'email'], request.form['password'] if db_user.find({'email': email}).count() > 0: flash('User with these credentials already exists!', 'user_auth') return redirect(url_for('login')) if check_password(password) is None: flash( 'Password should have Minimum eight characters, at least one uppercase letter, one lowercase letter, one number and one special character', 'user_auth') return redirect(url_for('login')) user = insert_by_key_value('user', name=name, password=password, email=email, is_verified=0) send_account_verification_email(email, str(user.inserted_id)) flash( 'A verification email has been sent to your registered email account', 'email') return redirect(url_for('login')) return redirect('/login')
def item_new(): if 'username' not in login_session: return redirect('/login') try: if request.method == 'POST' and request.form['title'] != "": image = request.files['image'] image_filename = None if allowed_file(image.filename): image.save( os.path.join(app.config['UPLOAD_FOLDER'], image.filename)) image_filename = image.filename category = session.query(Category).filter_by( name=request.form['category']).one() if image_filename is None: item = Item(title=request.form['title'], description=request.form['description'], category=category) else: item = Item(title=request.form['title'], description=request.form['description'], category=category, picture=image_filename) session.add(item) session.commit() return redirect(url_for('index')) else: categories = session.query(Category).all() return render_template('item_add.html', categories=categories, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def item_edit(item_id): if 'username' not in login_session: return redirect('/login') try: item = session.query(Item).filter_by(id=item_id).one() if request.method == 'POST': item.title = request.form['title'] item.description = request.form['description'] item_category = session.query(Category).filter_by( name=request.form['category']).one() item.category = item_category image = request.files['image'] if allowed_file(image.filename): os.remove( os.path.join(app.config['UPLOAD_FOLDER'], item.picture)) image.save( os.path.join(app.config['UPLOAD_FOLDER'], image.filename)) item.picture = image.filename session.commit() return redirect(url_for('index')) else: categories = session.query(Category).all() return render_template('item_edit.html', item=item, categories=categories, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def category_items(category): try: category_item = session.query(Category).filter_by(name=category).one() items = session.query(Item).filter_by(category=category_item) return render_template('category_items.html', categories=get_all_categories(), items=items, curr_cat=category, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def delete_short_url(id): if user_logged_in(): if request.method=='GET': db_links.delete_one({'_id':ObjectId(id)}) update_cache_on_insert_or_delete_or_use(session['user']) return redirect('/') return redirect('/dashboard')
def item_description(category, item): try: category_item = session.query(Category).filter_by(name=category).one() item_content = session.query(Item).filter_by(category=category_item, title=item).one() return render_template('item_description.html', item=item, description=item_content.description, item_id=item_content.id, picture=item_content.picture, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def shorten_url(): #Access only if authenticated if user_logged_in(): if request.method=='POST': url = request.form['url'] if validate_url(url) is None: return redirect(url_for('dashboard',url_not_valid=True)) requests.post('http://www.nanourl.xyz/api/link',json={'url':url},headers={'Authorization':get_user_api_token()}) update_cache_on_insert_or_delete_or_use(session['user']) return redirect('/') #On getting a GET request return redirect('/') return redirect('/login')
def login(): if user_logged_in(): return redirect('/') if request.method == 'POST': user = find_by_key_value('user', email=request.form['email'], password=request.form['password']) if user is None: flash('User with these credentials does not exists!', 'user_auth') return redirect(url_for('login')) if user['is_verified'] == 0: flash('Your account hasnt been verified!', 'user_auth') return redirect(url_for('login')) else: session['user'] = str(user['_id']) return redirect('/') return render_template('login.html')
def item_delete(item_id): if 'username' not in login_session: return redirect('/login') try: item = session.query(Item).filter_by(id=item_id).one() if request.method == 'POST': # test for csrf validity token = login_session.pop('csrf_token', None) if not token or token != request.form.get('csrf_token'): abort(403) else: session.delete(item) session.commit() os.remove(os.path.join(app.config['UPLOAD_FOLDER'], item.picture)) return redirect(url_for('index')) else: return render_template('item_delete.html', item=item, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def item_delete(item_id): if 'username' not in login_session: return redirect('/login') item = session.query(Item).filter_by(id=item_id).one() if request.method == 'POST': # test for csrf validity token = login_session.pop('csrf_token', None) if not token or token != request.form.get('csrf_token'): abort(403) else: session.delete(item) session.commit() os.remove(os.path.join(app.config['UPLOAD_FOLDER'], item.picture)) return redirect(url_for('index', item_id=item_id)) else: return render_template('item_delete.html', item=item, login_state=user_logged_in()) if Item.user_id != login_session['user_id']: return "<script>function myFunction() {alert('You are not authorized to \
def item_delete(item_id): if 'username' not in login_session: return redirect('/login') try: item = session.query(Item).filter_by(id=item_id).one() if request.method == 'POST': # test for csrf validity token = login_session.pop('csrf_token', None) if not token or token != request.form.get('csrf_token'): abort(403) else: session.delete(item) session.commit() os.remove( os.path.join(app.config['UPLOAD_FOLDER'], item.picture)) return redirect(url_for('index')) else: return render_template('item_delete.html', item=item, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def item_edit(item_id): if 'username' not in login_session: return redirect('/login') try: item = session.query(Item).filter_by(id=item_id).one() if request.method == 'POST': item.title = request.form['title'] item.description = request.form['description'] item_category = session.query(Category).filter_by(name=request.form['category']).one() item.category = item_category image = request.files['image'] if allowed_file(image.filename): os.remove(os.path.join(app.config['UPLOAD_FOLDER'], item.picture)) image.save(os.path.join(app.config['UPLOAD_FOLDER'], image.filename)) item.picture = image.filename session.commit() return redirect(url_for('index')) else: categories = session.query(Category).all() return render_template('item_edit.html', item=item, categories=categories, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def index(): items = session.query(Item).order_by(desc(Item.created_date)) return render_template('index.html', categories=get_all_categories(), items=items, login_state=user_logged_in())
def item_new(): if 'username' not in login_session: return redirect('/login') try: if request.method == 'POST' and request.form['title'] != "": image = request.files['image'] image_filename = None if allowed_file(image.filename): image.save(os.path.join(app.config['UPLOAD_FOLDER'], image.filename)) image_filename = image.filename category = session.query(Category).filter_by(name=request.form['category']).one() if image_filename is None: item = Item(title=request.form['title'], description=request.form['description'], category=category) else: item = Item(title=request.form['title'], description=request.form['description'], category=category, picture=image_filename) session.add(item) session.commit() return redirect(url_for('index')) else: categories = session.query(Category).all() return render_template('item_add.html', categories=categories, login_state=user_logged_in()) except NoResultFound: return redirect(url_for('index'))
def index(): if not user_logged_in(): return redirect(url_for('login')) else: return redirect(url_for('dashboard'))