]>
Commit | Line | Data |
---|---|---|
1 | from flask import render_template, flash, redirect, session, url_for, request, g | |
2 | from flask_login import login_user, logout_user, current_user, login_required | |
3 | from app import app, db, lm | |
4 | from .forms import LoginForm, RegisterForm | |
5 | from .models import User | |
6 | from werkzeug.security import generate_password_hash, check_password_hash | |
7 | from sqlalchemy import exc | |
8 | ||
9 | class DBException(Exception): | |
10 | pass | |
11 | ||
12 | @app.before_request | |
13 | def before_request(): | |
14 | g.user = current_user | |
15 | ||
16 | @lm.user_loader | |
17 | def load_user(id): | |
18 | return User.query.get(int(id)) | |
19 | ||
20 | @app.route('/') | |
21 | @app.route('/index') | |
22 | def index(): | |
23 | user = g.user | |
24 | return render_template('index.html', | |
25 | title='Home', | |
26 | user=user) | |
27 | ||
28 | @app.route('/login', methods=['GET', 'POST']) | |
29 | def login(): | |
30 | if g.user is not None and g.user.is_authenticated: | |
31 | return redirect(url_for('index')) | |
32 | form = LoginForm() | |
33 | if form.validate_on_submit(): | |
34 | user = User.query.filter_by(username=form.username.data).first() | |
35 | if user is None: | |
36 | flash('Username or password is wrong. Please try again.') | |
37 | else: | |
38 | if check_password_hash(user.password, form.password.data): | |
39 | app.logger.info("Login: %s" % user) | |
40 | remember_me = form.remember_me.data | |
41 | if 'remember_me' in session: | |
42 | session.pop('remember_me', None) | |
43 | login_user(user, remember = remember_me) | |
44 | return redirect(request.args.get('next') or url_for('index')) | |
45 | else: | |
46 | flash('Username or password is wrong. Please try again') | |
47 | return render_template('login.html', | |
48 | title='Sign In', | |
49 | form=form) | |
50 | ||
51 | @app.route('/logout') | |
52 | def logout(): | |
53 | logout_user() | |
54 | return redirect(url_for('index')) | |
55 | ||
56 | @app.route('/user/<username>') | |
57 | @login_required | |
58 | def user(username): | |
59 | user = User.query.filter_by(username=username).first() | |
60 | if user is None: | |
61 | flash('User %s not found.' % username) | |
62 | return redirect(url_for('index')) | |
63 | app.logger.info("Show profile: %s" % user) | |
64 | return render_template('user.html', | |
65 | title='Profile', | |
66 | user=user) | |
67 | ||
68 | @app.route('/register', methods=['GET', 'POST']) | |
69 | def register(): | |
70 | form = RegisterForm() | |
71 | if form.validate_on_submit(): | |
72 | if form.password.data == form.passwordchk.data: | |
73 | try: | |
74 | username=form.username.data | |
75 | email=form.email.data | |
76 | u = User.query.filter_by(username=username).first() | |
77 | if u: | |
78 | raise DBException("%s: Username exist" % username) | |
79 | e = User.query.filter_by(email=email).first() | |
80 | if e: | |
81 | raise DBException("%s: Email exist" % email) | |
82 | hashed_password = generate_password_hash(form.password.data, method='sha256') | |
83 | new_user = User(name=form.name.data, username=form.username.data, email=form.email.data, password=hashed_password) | |
84 | except DBException as ex: | |
85 | db.session.rollback() | |
86 | flash(ex) | |
87 | except exc.IntegrityError as ex: | |
88 | db.session.rollback() | |
89 | flash('Create user failed: %s' % ex) | |
90 | except: | |
91 | db.session.rollback() | |
92 | flash('Unknown error') | |
93 | else: | |
94 | db.session.add(new_user) | |
95 | db.session.commit() | |
96 | app.logger.warning("Registered: %s" % new_user) | |
97 | flash('You have been registered with username "%s"' % form.username.data) | |
98 | return redirect(url_for('login')) | |
99 | else: | |
100 | flash('Password did not match password check') | |
101 | return render_template('register.html', | |
102 | title='Register', | |
103 | form=form) | |
104 | ||
105 | @app.route('/resetpwd') | |
106 | def resetpwd(): | |
107 | return '<h1>resetpwd</h1>' | |
108 | ||
109 | @app.route('/search') | |
110 | def search(): | |
111 | return '<h1>search</h1>' | |
112 | ||
113 | @app.route('/admin') | |
114 | #@login_required | |
115 | def admin(): | |
116 | try: | |
117 | if g.user is not None and g.user.is_admin: | |
118 | app.logger.warning("Enter Admin area: %s" % g.user) | |
119 | return '<h1>Admin</h1>' | |
120 | except AttributeError: | |
121 | pass | |
122 | app.logger.critical("Tried to enter Admin area: %s" % g.user) | |
123 | return redirect(url_for('index')) | |
124 | ||
125 |