diff --git a/app/__init__.py b/app/__init__.py index 612a972..7366fef 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -1,11 +1,14 @@ from flask import Flask from flask_sqlalchemy import SQLAlchemy from flask_migrate import Migrate +from flask_login import LoginManager from config import Config app = Flask(__name__) app.config.from_object(Config) db = SQLAlchemy(app) migrate = Migrate(app, db) +login = LoginManager(app) +login.login_view = 'login' from app import routes, models diff --git a/app/forms.py b/app/forms.py index 6d1003a..299e943 100644 --- a/app/forms.py +++ b/app/forms.py @@ -1,6 +1,7 @@ from flask_wtf import FlaskForm from wtforms import StringField, PasswordField, BooleanField, SubmitField -from wtforms.validators import DataRequired +from wtforms.validators import ValidationError, DataRequired, Email, EqualTo +from app.models import User class LoginForm(FlaskForm): @@ -8,3 +9,22 @@ class LoginForm(FlaskForm): password = PasswordField('Password', validators=[DataRequired()]) remember_me = BooleanField('Remember Me') submit = SubmitField('Sign In') + + +class RegistrationForm(FlaskForm): + username = StringField('Username', validators=[DataRequired()]) + email = StringField('Email', validators=[DataRequired(), Email()]) + password = PasswordField('Password', validators=[DataRequired()]) + password2 = PasswordField( + 'Repeat Password', validators=[DataRequired(), EqualTo('password')]) + submit = SubmitField('Register') + + def validate_username(self, username): + user = User.query.filter_by(username=username.data).first() + if user is not None: + raise ValidationError('Please use a different username.') + + def validate_email(self, email): + user = User.query.filter_by(email=email.data).first() + if user is not None: + raise ValidationError('Please use a different email address.') diff --git a/app/models.py b/app/models.py index 331c9bb..5635627 100644 --- a/app/models.py +++ b/app/models.py @@ -1,8 +1,10 @@ from datetime import datetime -from app import db +from app import db, login +from flask_login import UserMixin +from werkzeug.security import generate_password_hash, check_password_hash -class User(db.Model): +class User(UserMixin, db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(64), index=True, unique=True) email = db.Column(db.String(120), index=True, unique=True) @@ -12,6 +14,17 @@ class User(db.Model): def __repr__(self): return ''.format(self.username) + def set_password(self, password): + self.password_hash = generate_password_hash(password) + + def check_password(self, password): + return check_password_hash(self.password_hash, password) + + +@login.user_loader +def load_user(id): + return User.query.get(int(id)) + class Post(db.Model): id = db.Column(db.Integer, primary_key=True) diff --git a/app/routes.py b/app/routes.py index 82bfa5d..96689df 100644 --- a/app/routes.py +++ b/app/routes.py @@ -1,12 +1,15 @@ -from flask import render_template, flash, redirect, url_for -from app import app -from app.forms import LoginForm +from flask import render_template, flash, redirect, url_for, request +from flask_login import login_user, logout_user, current_user, login_required +from werkzeug.urls import url_parse +from app import app, db +from app.forms import LoginForm, RegistrationForm +from app.models import User @app.route('/') @app.route('/index') +@login_required def index(): - user = {'username': 'Miguel'} posts = [ { 'author': {'username': 'John'}, @@ -17,14 +20,43 @@ def index(): 'body': 'The Avengers movie was so cool!' } ] - return render_template('index.html', title='Home', user=user, posts=posts) + return render_template('index.html', title='Home', posts=posts) @app.route('/login', methods=['GET', 'POST']) def login(): + if current_user.is_authenticated: + return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): - flash('Login requested for user {}, remember_me={}'.format( - form.username.data, form.remember_me.data)) + user = User.query.filter_by(username=form.username.data).first() + if user is None or not user.check_password(form.password.data): + flash('Invalid username or password') + return redirect(url_for('login')) + login_user(user, remember=form.remember_me.data) + next_page = request.args.get('next') + if not next_page or url_parse(next_page).netloc != '': + next_page = url_for('index') + return redirect(next_page) + return render_template('login.html', title='Sign In', form=form) + + +@app.route('/logout') +def logout(): + logout_user() + return redirect(url_for('index')) + + +@app.route('/register', methods=['GET', 'POST']) +def register(): + if current_user.is_authenticated: return redirect(url_for('index')) - return render_template('login.html', title='Sign In', form=form) + form = RegistrationForm() + if form.validate_on_submit(): + user = User(username=form.username.data, email=form.email.data) + user.set_password(form.password.data) + db.session.add(user) + db.session.commit() + flash('Congratulations, you are now a registered user!') + return redirect(url_for('login')) + return render_template('register.html', title='Register', form=form) diff --git a/app/templates/base.html b/app/templates/base.html index cb17e61..496ea6d 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -11,7 +11,11 @@
Microblog: Home + {% if current_user.is_anonymous %} Login + {% else %} + Logout + {% endif %}
{% with messages = get_flashed_messages() %} diff --git a/app/templates/index.html b/app/templates/index.html index b580e8c..2565a01 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -1,7 +1,7 @@ {% extends "base.html" %} {% block content %} -

Hi, {{ user.username }}!

+

Hi, {{ current_user.username }}!

{% for post in posts %}

{{ post.author.username }} says: {{ post.body }}

{% endfor %} diff --git a/app/templates/login.html b/app/templates/login.html index 806e09a..2875293 100644 --- a/app/templates/login.html +++ b/app/templates/login.html @@ -21,4 +21,5 @@

{{ form.remember_me() }} {{ form.remember_me.label }}

{{ form.submit() }}

+

New User? Click to Register!

{% endblock %} diff --git a/app/templates/register.html b/app/templates/register.html new file mode 100644 index 0000000..37b7ac5 --- /dev/null +++ b/app/templates/register.html @@ -0,0 +1,37 @@ +{% extends "base.html" %} + +{% block content %} +

Register

+
+ {{ form.hidden_tag() }} +

+ {{ form.username.label }}
+ {{ form.username(size=32) }}
+ {% for error in form.username.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.email.label }}
+ {{ form.email(size=64) }}
+ {% for error in form.email.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.password.label }}
+ {{ form.password(size=32) }}
+ {% for error in form.password.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.password2.label }}
+ {{ form.password2(size=32) }}
+ {% for error in form.password2.errors %} + [{{ error }}] + {% endfor %} +

+

{{ form.submit() }}

+
+{% endblock %}