diff --git a/app.db b/app.db index 84e8525..c9af415 100644 Binary files a/app.db and b/app.db differ diff --git a/app/__init__.py b/app/__init__.py index e9c10e1..e63cd40 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -2,6 +2,7 @@ from flask import Flask from config import Config from flask_sqlalchemy import SQLAlchemy from flask_migrate import Migrate +from flask_login import LoginManager app = Flask(__name__) app.config.from_object(Config) @@ -11,5 +12,8 @@ app.jinja_env.auto_reload = True app.config["TEMPLATES_AUTO_RELOAD"] = True db = SQLAlchemy(app) migrate = Migrate(app, db) +login = LoginManager(app) +# sets de default login view +login.login_view = "login" from app import routes, models diff --git a/app/forms.py b/app/forms.py index 55a4d2d..7ec3fc3 100644 --- a/app/forms.py +++ b/app/forms.py @@ -1,6 +1,7 @@ from flask_wtf import FlaskForm from wtforms import StringField, PasswordField, BooleanField, SubmitField -from wtforms.validators import DataRequired +from wtforms.validators import DataRequired, EqualTo, Email, ValidationError +from app.models import User class LoginForm(FlaskForm): @@ -8,3 +9,23 @@ class LoginForm(FlaskForm): password = PasswordField("Password", validators=[DataRequired()]) remember_me = BooleanField("Remember Me") submit = SubmitField("Sign In") + + +class RegistrationForm(FlaskForm): + username = StringField("Username", validators=[DataRequired()]) + email = StringField("Email", validators=[DataRequired(), Email()]) + password = PasswordField("Password", validators=[DataRequired()]) + password2 = PasswordField( + "Repeat Password", validators=[DataRequired(), EqualTo("password")] + ) + submit = SubmitField("Register") + + def validate_username(self, username): + user = User.query.filter_by(username=username.data).first() + if user is not None: + raise ValidationError("Please use a different username.") + + def validate_email(self, email): + user = User.query.filter_by(email=email.data).first() + if user is not None: + raise ValidationError("Please use a different email address.") diff --git a/app/models.py b/app/models.py index 1dffb58..5a9a6fc 100644 --- a/app/models.py +++ b/app/models.py @@ -1,8 +1,15 @@ from datetime import datetime -from app import db +from werkzeug.security import generate_password_hash, check_password_hash +from flask_login import UserMixin +from app import db, login -class User(db.Model): +@login.user_loader +def load_user(id): + return User.query.get(int(id)) + + +class User(UserMixin, db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(64), index=True, unique=True) email = db.Column(db.String(120), index=True, unique=True) @@ -12,6 +19,12 @@ class User(db.Model): def __repr__(self): return "".format(self.username) + def set_password(self, password): + self.password_hash = generate_password_hash(password) + + def check_password(self, password): + return check_password_hash(self.password_hash, password) + class Post(db.Model): id = db.Column(db.Integer, primary_key=True) diff --git a/app/routes.py b/app/routes.py index f5b5e4f..667b5d4 100644 --- a/app/routes.py +++ b/app/routes.py @@ -1,27 +1,56 @@ -from flask import render_template, flash, redirect, url_for -from app import app -from app.forms import LoginForm +from flask import render_template, flash, redirect, url_for, request +from flask_login import current_user, login_user, logout_user, login_required +from werkzeug.urls import url_parse +from app import app, db +from app.forms import LoginForm, RegistrationForm +from app.models import User @app.route("/") @app.route("/index") +@login_required def index(): - user = {"username": "Miguel"} posts = [ {"author": {"username": "John"}, "body": "Beautiful day in Portland!"}, {"author": {"username": "Susan"}, "body": "The Avengers movie was so cool!"}, ] - return render_template("index.html", title="Home", user=user, posts=posts) + return render_template("index.html", title="Home", posts=posts) @app.route("/login", methods=["GET", "POST"]) def login(): + if current_user.is_authenticated: + return redirect(url_for("index")) form = LoginForm() if form.validate_on_submit(): - flash( - "Login requested for user {}, remember_me={}".format( - form.username.data, form.remember_me.data - ) - ) - return redirect(url_for("index")) + user = User.query.filter_by(username=form.username.data).first() + if user is None or not user.check_password(form.password.data): + flash("Invalid username or password") + return redirect(url_for("login")) + login_user(user, remember=form.remember_me.data) + next_page = request.args.get("next") + if not next_page or url_parse(next_page).netloc != "": + next_page = url_for("index") + return redirect(next_page) return render_template("login.html", title="Sign In", form=form) + + +@app.route("/logout") +def logout(): + logout_user() + return redirect(url_for("index")) + + +@app.route("/register", methods=["GET", "POST"]) +def register(): + if current_user.is_authenticated: + return redirect(url_for("index")) + form = RegistrationForm() + if form.validate_on_submit(): + user = User(username=form.username.data, email=form.email.data) + user.set_password(form.password.data) + db.session.add(user) + db.session.commit() + flash("Congratulations, you are now a registered user!") + return redirect(url_for("login")) + return render_template("register.html", title="Register", form=form) diff --git a/app/templates/base.html b/app/templates/base.html index 917a93a..dcd5803 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -10,7 +10,11 @@
Microblog: Home - Login + {% if current_user.is_anonymous %} + Login + {% else %} + Logout + {% endif %}
{% with messages = get_flashed_messages() %} diff --git a/app/templates/index.html b/app/templates/index.html index 40f912e..76dbc10 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -1,8 +1,12 @@ -{% extends "base.html" %} +{% extends 'base.html' %} {% block content %} -

Hi, {{ user.username }}!

- {% for post in posts %} -

{{ post.author.username }} says: {{ post.body }}

- {% endfor %} -{% endblock %} \ No newline at end of file +

Hi, {{ current_user.username }}!

+ {% for post in posts %} +
+

+ {{ post.author.username }} says: {{ post.body }} +

+
+ {% endfor %} +{% endblock %} diff --git a/app/templates/login.html b/app/templates/login.html index 68103f2..8c0205d 100644 --- a/app/templates/login.html +++ b/app/templates/login.html @@ -21,4 +21,7 @@

{{ form.remember_me() }} {{ form.remember_me.label }}

{{ form.submit() }}

+

+ New User? Click to Register! +

{% endblock %} diff --git a/app/templates/register.html b/app/templates/register.html new file mode 100644 index 0000000..d931042 --- /dev/null +++ b/app/templates/register.html @@ -0,0 +1,37 @@ +{% extends 'base.html' %} + +{% block content %} +

Register

+
+ {{ form.hidden_tag() }} +

+ {{ form.username.label }}
+ {{ form.username(size = 32) }}
+ {% for error in form.username.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.email.label }}
+ {{ form.email(size = 64) }}
+ {% for error in form.email.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.password.label }}
+ {{ form.password(size = 32) }}
+ {% for error in form.password.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.password2.label }}
+ {{ form.password2(size = 32) }}
+ {% for error in form.password2.errors %} + [{{ error }}] + {% endfor %} +

+

{{ form.submit() }}

+
+{% endblock %}