From 428e022bd434d0a71cb9e9d9b2c32428b9257a36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Monta=C3=B1ana?= <rmontanana@gmail.com>
Date: Sat, 3 Jun 2023 17:32:23 +0200
Subject: [PATCH] Chapter 5

---
 app.db                      | Bin 32768 -> 32768 bytes
 app/__init__.py             |   4 +++
 app/forms.py                |  23 +++++++++++++++-
 app/models.py               |  17 ++++++++++--
 app/routes.py               |  51 ++++++++++++++++++++++++++++--------
 app/templates/base.html     |   6 ++++-
 app/templates/index.html    |  16 ++++++-----
 app/templates/login.html    |   3 +++
 app/templates/register.html |  37 ++++++++++++++++++++++++++
 9 files changed, 136 insertions(+), 21 deletions(-)
 create mode 100644 app/templates/register.html

diff --git a/app.db b/app.db
index 84e8525eea7533553cd57982d5c53dc547c2f603..c9af415a66de3f116f047e5be285f0ca7f2ed93a 100644
GIT binary patch
delta 398
zcmaKo&q@M80LEu`K`hWoQase5gEt{}=l^&Tf{IQdM0s;|XGW>qq)iJuxV}NXLi7UR
zWAp%Cy9ZtaPnq5d`r!L+Klt&bshg(m(~gsS-aT+~Z|&Dw*3B;fe9SMVg{^shJa#jn
zRGqXgZ@TeM8;R=mug!jR)9Z&<+M;^WRfw`WV*WCf_`cQbG|v$^)cw&Ap$fsu7bZ}a
z`9}FfDn&vZM2t|Om9&1Ot>Thv!iBPmGRw7!C=*;pnwzmj6W7Ura&6K|28oJS(=ZSJ
zTO6H?WT$g68lDAr$G3yH5-EcW(IMps>kuJ>F(cSu>sx}6pn;WGb4-0KgkoIEr6rP*
z6r+G+p(x!10Jv}l;0%5)pLvIL+p9Xi9&w9aZR3yO8l3|;hhNje=?5$Vko8I{*v)$7
JHSyBk`vx4!b+Z5f

delta 89
zcmZo@U}|V!njp={JyFJ)k$Ypp5`7K^0R{&C6Z|JO3kvM#XSA5uXfmmQlldC|HK4#*
eenzc{jcOo)cl_^w0{8hR2C(r9F`$4&2?_v$2Ny&D

diff --git a/app/__init__.py b/app/__init__.py
index e9c10e1..e63cd40 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -2,6 +2,7 @@ from flask import Flask
 from config import Config
 from flask_sqlalchemy import SQLAlchemy
 from flask_migrate import Migrate
+from flask_login import LoginManager
 
 app = Flask(__name__)
 app.config.from_object(Config)
@@ -11,5 +12,8 @@ app.jinja_env.auto_reload = True
 app.config["TEMPLATES_AUTO_RELOAD"] = True
 db = SQLAlchemy(app)
 migrate = Migrate(app, db)
+login = LoginManager(app)
+# sets de default login view
+login.login_view = "login"
 
 from app import routes, models
diff --git a/app/forms.py b/app/forms.py
index 55a4d2d..7ec3fc3 100644
--- a/app/forms.py
+++ b/app/forms.py
@@ -1,6 +1,7 @@
 from flask_wtf import FlaskForm
 from wtforms import StringField, PasswordField, BooleanField, SubmitField
-from wtforms.validators import DataRequired
+from wtforms.validators import DataRequired, EqualTo, Email, ValidationError
+from app.models import User
 
 
 class LoginForm(FlaskForm):
@@ -8,3 +9,23 @@ class LoginForm(FlaskForm):
     password = PasswordField("Password", validators=[DataRequired()])
     remember_me = BooleanField("Remember Me")
     submit = SubmitField("Sign In")
+
+
+class RegistrationForm(FlaskForm):
+    username = StringField("Username", validators=[DataRequired()])
+    email = StringField("Email", validators=[DataRequired(), Email()])
+    password = PasswordField("Password", validators=[DataRequired()])
+    password2 = PasswordField(
+        "Repeat Password", validators=[DataRequired(), EqualTo("password")]
+    )
+    submit = SubmitField("Register")
+
+    def validate_username(self, username):
+        user = User.query.filter_by(username=username.data).first()
+        if user is not None:
+            raise ValidationError("Please use a different username.")
+
+    def validate_email(self, email):
+        user = User.query.filter_by(email=email.data).first()
+        if user is not None:
+            raise ValidationError("Please use a different email address.")
diff --git a/app/models.py b/app/models.py
index 1dffb58..5a9a6fc 100644
--- a/app/models.py
+++ b/app/models.py
@@ -1,8 +1,15 @@
 from datetime import datetime
-from app import db
+from werkzeug.security import generate_password_hash, check_password_hash
+from flask_login import UserMixin
+from app import db, login
 
 
-class User(db.Model):
+@login.user_loader
+def load_user(id):
+    return User.query.get(int(id))
+
+
+class User(UserMixin, db.Model):
     id = db.Column(db.Integer, primary_key=True)
     username = db.Column(db.String(64), index=True, unique=True)
     email = db.Column(db.String(120), index=True, unique=True)
@@ -12,6 +19,12 @@ class User(db.Model):
     def __repr__(self):
         return "<User {}>".format(self.username)
 
+    def set_password(self, password):
+        self.password_hash = generate_password_hash(password)
+
+    def check_password(self, password):
+        return check_password_hash(self.password_hash, password)
+
 
 class Post(db.Model):
     id = db.Column(db.Integer, primary_key=True)
diff --git a/app/routes.py b/app/routes.py
index f5b5e4f..667b5d4 100644
--- a/app/routes.py
+++ b/app/routes.py
@@ -1,27 +1,56 @@
-from flask import render_template, flash, redirect, url_for
-from app import app
-from app.forms import LoginForm
+from flask import render_template, flash, redirect, url_for, request
+from flask_login import current_user, login_user, logout_user, login_required
+from werkzeug.urls import url_parse
+from app import app, db
+from app.forms import LoginForm, RegistrationForm
+from app.models import User
 
 
 @app.route("/")
 @app.route("/index")
+@login_required
 def index():
-    user = {"username": "Miguel"}
     posts = [
         {"author": {"username": "John"}, "body": "Beautiful day in Portland!"},
         {"author": {"username": "Susan"}, "body": "The Avengers movie was so cool!"},
     ]
-    return render_template("index.html", title="Home", user=user, posts=posts)
+    return render_template("index.html", title="Home", posts=posts)
 
 
 @app.route("/login", methods=["GET", "POST"])
 def login():
+    if current_user.is_authenticated:
+        return redirect(url_for("index"))
     form = LoginForm()
     if form.validate_on_submit():
-        flash(
-            "Login requested for user {}, remember_me={}".format(
-                form.username.data, form.remember_me.data
-            )
-        )
-        return redirect(url_for("index"))
+        user = User.query.filter_by(username=form.username.data).first()
+        if user is None or not user.check_password(form.password.data):
+            flash("Invalid username or password")
+            return redirect(url_for("login"))
+        login_user(user, remember=form.remember_me.data)
+        next_page = request.args.get("next")
+        if not next_page or url_parse(next_page).netloc != "":
+            next_page = url_for("index")
+        return redirect(next_page)
     return render_template("login.html", title="Sign In", form=form)
+
+
+@app.route("/logout")
+def logout():
+    logout_user()
+    return redirect(url_for("index"))
+
+
+@app.route("/register", methods=["GET", "POST"])
+def register():
+    if current_user.is_authenticated:
+        return redirect(url_for("index"))
+    form = RegistrationForm()
+    if form.validate_on_submit():
+        user = User(username=form.username.data, email=form.email.data)
+        user.set_password(form.password.data)
+        db.session.add(user)
+        db.session.commit()
+        flash("Congratulations, you are now a registered user!")
+        return redirect(url_for("login"))
+    return render_template("register.html", title="Register", form=form)
diff --git a/app/templates/base.html b/app/templates/base.html
index 917a93a..dcd5803 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -10,7 +10,11 @@
     <div>
       Microblog:
       <a href="{{ url_for('index') }}">Home</a>
-      <a href="{{ url_for('login') }}">Login</a>
+      {% if current_user.is_anonymous %}
+        <a href="{{ url_for('login') }}">Login</a>
+      {% else %}
+        <a href="{{ url_for('logout') }}">Logout</a>
+      {% endif %}
     </div>
     <hr />
     {% with messages = get_flashed_messages() %}
diff --git a/app/templates/index.html b/app/templates/index.html
index 40f912e..76dbc10 100644
--- a/app/templates/index.html
+++ b/app/templates/index.html
@@ -1,8 +1,12 @@
-{% extends "base.html" %}
+{% extends 'base.html' %}
 
 {% block content %}
-    <h1>Hi, {{ user.username }}!</h1>
-    {% for post in posts %}
-    <div><p>{{ post.author.username }} says: <b>{{ post.body }}</b></p></div>
-    {% endfor %}
-{% endblock %}
\ No newline at end of file
+  <h1>Hi, {{ current_user.username }}!</h1>
+  {% for post in posts %}
+    <div>
+      <p>
+        {{ post.author.username }} says: <b>{{ post.body }}</b>
+      </p>
+    </div>
+  {% endfor %}
+{% endblock %}
diff --git a/app/templates/login.html b/app/templates/login.html
index 68103f2..8c0205d 100644
--- a/app/templates/login.html
+++ b/app/templates/login.html
@@ -21,4 +21,7 @@
     <p>{{ form.remember_me() }} {{ form.remember_me.label }}</p>
     <p>{{ form.submit() }}</p>
   </form>
+  <p>
+    New User? <a href="{{ url_for('register') }}">Click to Register!</a>
+  </p>
 {% endblock %}
diff --git a/app/templates/register.html b/app/templates/register.html
new file mode 100644
index 0000000..d931042
--- /dev/null
+++ b/app/templates/register.html
@@ -0,0 +1,37 @@
+{% extends 'base.html' %}
+
+{% block content %}
+  <h1>Register</h1>
+  <form action="" method="post">
+    {{ form.hidden_tag() }}
+    <p>
+      {{ form.username.label }}<br />
+      {{ form.username(size = 32) }}<br />
+      {% for error in form.username.errors %}
+        <span style="color: red;">[{{ error }}]</span>
+      {% endfor %}
+    </p>
+    <p>
+      {{ form.email.label }}<br />
+      {{ form.email(size = 64) }}<br />
+      {% for error in form.email.errors %}
+        <span style="color: red;">[{{ error }}]</span>
+      {% endfor %}
+    </p>
+    <p>
+      {{ form.password.label }}<br />
+      {{ form.password(size = 32) }}<br />
+      {% for error in form.password.errors %}
+        <span style="color: red;">[{{ error }}]</span>
+      {% endfor %}
+    </p>
+    <p>
+      {{ form.password2.label }}<br />
+      {{ form.password2(size = 32) }}<br />
+      {% for error in form.password2.errors %}
+        <span style="color: red;">[{{ error }}]</span>
+      {% endfor %}
+    </p>
+    <p>{{ form.submit() }}</p>
+  </form>
+{% endblock %}