def register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db, c = get_db() error = None c.execute('select id from user where username = %s', (username, )) if not username: error = 'Username is required' if not password: error = 'Password is required' elif c.fetchone() is not None: error = 'User {} is registered'.format(username) if error is None: c.execute('insert into user (username, password) values (%s, %s)', (username, generate_password_hash(password))) db.commit() return redirect(url_for('auth.login')) flash(error) return render_template('auth/register.html')
def index(): db, c = get_db() c.execute( 'select t.id, t.description, u.username, t.completed, t.created_at from todo t JOIN user u on t.created_by = u.id ' 'where t.created_by = %s order by created_at desc', (g.user['id'], )) todos = c.fetchall() return render_template('todo/index.html', todos=todos)
def load_logged_in_user(): user_id = session.get('user_id') if user_id is None: g.user = None else: db, c = get_db() c.execute('select * from user where id = %s', (user_id, )) g.user = c.fetchone( ) #Retorna el primer elemento que encuentra (list of dict)
def get_todo(id): db, c = get_db() c.execute( 'select t.id, t.description, t.completed, t.created_by, t.created_at, u.username from todo t join user u on t.created_by = u.id where t.id = %s', (id, )) todo = c.fetchone() if todo is None: abort(404, f" Task {id} not exists") return todo
def create(): if request.method == 'POST': description = request.form['description'] error = None if not description: error = 'Descipcion requerida' if error is not None: flash(error) else: db, c = get_db() c.execute( 'insert into todo (description, completed, created_by)' ' values (%s, %s, %s)', (description, False, g.user['id'])) db.commit() return redirect(url_for('todo.index')) return render_template('todo/create.html')
def update(id): todo = get_todo(id) if request.method == 'POST': description = request.form['description'] completed = True if request.form.get('completed') == 'on' else False error = None if not description: error = 'Description can\'t be empty' if error is not None: flash(error) else: db, c = get_db() c.execute( 'update todo set description = %s, completed = %s where id =%s and created_by = %s', (description, completed, id, g.user['id'])) db.commit() return redirect(url_for('todo.index')) return render_template('todo/update.html', todo=todo)
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db, c = get_db() error = None c.execute('select * from user where username = %s', (username, )) user = c.fetchone() if user is None: error = 'Usuario y/o Contraseña invalida' elif not check_password_hash(user['password'], password): error = 'Usuario y/o Contraseña invalida' if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('todo.index')) flash(error) return render_template('auth/login.html')
def delete(id): db, c = get_db() c.execute('delete from todo where id = %s and created_by = %s', (id, g.user['id'])) db.commit() return redirect(url_for('todo.index'))