Redefinition des routes

app/__init__.py

@@ -11,5 +11,7 @@ migrate = Migrate(app, db)
 
 login = LoginManager(app)
 login.login_view = 'login'
+login.login_message = "Veuillez vous authentifier avant de continuer."
 
-from app import routes, models
+from app import models
+from app.routes import index

app/forms.py

@@ -7,7 +7,6 @@ from app.models.users import Member
 
 from wtforms.meta import DefaultMeta
 
-
 # TODO: Put those validators into a specific file
 def validate_name(form, name):
     member = Member.query.filter_by(name=name.data).first()

app/routes.py

@@ -1,100 +0,0 @@
-from flask import render_template, flash, redirect, url_for, request
-from flask_login import login_user, logout_user, current_user, login_required
-from werkzeug.urls import url_parse
-from app import app, db
-from app.forms import LoginForm, RegistrationForm, UpdateAccountForm, SearchForm, AdvancedSearchForm
-from app.models.users import Member
-
-# Ce truc c'est la vie !
-def _render_template(*args, **kwargs):
-    # TODO: debugguer cette merde : au logout, ça foire
-    # if current_user.is_authenticated:
-    #     login_form = LoginForm()
-    #     return render_template(*args, **kwargs, login_form=login_form)
-    # return render_template(*args, **kwargs)
-    login_form = LoginForm()
-    search_form = SearchForm()
-    return render_template(*args, **kwargs,
-        login_form=login_form, search_form=search_form)
-
-
-@app.route('/')
-def index():
-    login_form = LoginForm()
-    return _render_template('index.html')
-
-@app.route('/login',  methods=['GET', 'POST'])
-def login():
-    form = LoginForm()
-    if form.validate_on_submit():
-        member = Member.query.filter_by(name=form.username.data).first()
-        if member is None or not member.check_password(form.password.data):
-            flash('Pseudo ou mot de passe invalide', 'error')
-            return redirect(request.referrer)
-        login_user(member, remember=form.remember_me.data)
-        flash('Connexion réussie', 'info')
-        r = request.args.get('next')
-        if r:
-            # TODO : prevent OpenRedirect security issues
-            return redirect(r)
-        else:
-            try:
-                return redirect(request.referer)
-            except:
-                return redirect(url_for('index'))
-    return _render_template('login.html', form=form)
-
-@app.route('/logout')
-def logout():
-    logout_user()
-    flash('Déconnexion réussie', 'info')
-    return redirect(url_for('index'))
-
-
-@app.route('/account', methods=['GET', 'POST'])
-def account():
-    # TODO: utiliser le décorateur @login_required
-    if not current_user.is_authenticated:
-        flash('Veuillez vous authentifier', 'warning')
-        return redirect(url_for('login', next=url_for('account')))
-    form = UpdateAccountForm()
-    if request.method == "POST":
-        if form.validate_on_submit():
-            current_user.update({
-                "email":      form.email.data,
-                "password":   form.password.data,
-                "signature":  form.signature.data,
-                "bio":        form.biography.data,
-                "birthday":   form.birthday.data,
-                "newsletter": form.newsletter.data
-            })
-            db.session.add(current_user)
-            db.session.commit()
-            flash('Modifications effectuées', 'ok')
-        else:
-            flash('Erreur lors de la modification', 'error')
-    return _render_template('account.html', form=form)
-
-@app.route('/register', methods=['GET', 'POST'])
-def register():
-    if current_user.is_authenticated:
-        return redirect(url_for('index'))
-    form = RegistrationForm()
-    if form.validate_on_submit():
-        member = Member(form.username.data, form.email.data, form.password.data)
-        db.session.add(member)
-        db.session.commit()
-        flash('Inscription réussie', 'ok')
-        return redirect(url_for('validation'))
-    return _render_template('register.html', title='Register', form=form)
-
-@app.route('/register/validation/')
-def validation():
-    if current_user.is_authenticated :
-        return redirect(url_for('index'))
-    return _render_template('validation.html')
-
-@app.route('/search')
-def search():
-    form = AdvancedSearchForm()
-    return _render_template('search.html', form=form)

app/routes/account.py

@@ -0,0 +1,46 @@
+from flask import redirect, url_for, request, flash
+from flask_login import login_required, current_user
+from app import app, db
+from app.forms import UpdateAccountForm, RegistrationForm
+from app.models.users import Member
+from app.utils.render import render
+
+@app.route('/account', methods=['GET', 'POST'])
+@login_required
+def account():
+    form = UpdateAccountForm()
+    if request.method == "POST":
+        if form.validate_on_submit():
+            current_user.update({
+                "email":      form.email.data,
+                "password":   form.password.data,
+                "signature":  form.signature.data,
+                "bio":        form.biography.data,
+                "birthday":   form.birthday.data,
+                "newsletter": form.newsletter.data
+            })
+            db.session.add(current_user)
+            db.session.commit()
+            flash('Modifications effectuées', 'ok')
+        else:
+            flash('Erreur lors de la modification', 'error')
+    return render('account.html', form=form)
+
+@app.route('/register', methods=['GET', 'POST'])
+def register():
+    if current_user.is_authenticated:
+        return redirect(url_for('index'))
+    form = RegistrationForm()
+    if form.validate_on_submit():
+        member = Member(form.username.data, form.email.data, form.password.data)
+        db.session.add(member)
+        db.session.commit()
+        flash('Inscription réussie', 'ok')
+        return redirect(url_for('validation'))
+    return render('register.html', title='Register', form=form)
+
+@app.route('/register/validation/')
+def validation():
+    if current_user.is_authenticated :
+        return redirect(url_for('index'))
+    return render('validation.html')

app/routes/index.py

@@ -0,0 +1,15 @@
+from flask import render_template, flash, redirect, url_for, request
+from flask_login import login_user, logout_user, current_user, login_required
+from werkzeug.urls import url_parse
+from app import app, db
+from app.forms import LoginForm, RegistrationForm, UpdateAccountForm, SearchForm, AdvancedSearchForm
+from app.models.users import Member
+
+from app.routes import login, account, search
+
+from app.utils.render import render
+
+@app.route('/')
+def index():
+    login_form = LoginForm()
+    return render('index.html')

app/routes/login.py

@@ -0,0 +1,34 @@
+from flask import redirect, url_for, request, flash
+from flask_login import login_user, logout_user, login_required, current_user
+from app import app
+from app.forms import LoginForm
+from app.models.users import Member
+from app.utils.render import render
+
+from app.routes import * # For open redirections
+
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+    form = LoginForm()
+    if form.validate_on_submit():
+        member = Member.query.filter_by(name=form.username.data).first()
+        if member is None or not member.check_password(form.password.data):
+            flash('Pseudo ou mot de passe invalide', 'error')
+            return redirect(request.referrer)
+        login_user(member, remember=form.remember_me.data)
+        # TODO: petit mot personnalisé pour l'utilisateur ?
+        flash('Connexion réussie', 'info')
+        r = request.args.get('next')
+        if r:
+            return redirect(r)
+        # TODO: faire en sorte qu'on soit redirigé vers la page actuelle si on se loggue dans la sidebar
+        # TODO: mais pas rediriger vers login si on est déjà loggué
+        return redirect(url_for('index'))
+    return render('login.html', form=form)
+
+@app.route('/logout')
+@login_required
+def logout():
+    logout_user()
+    flash('Déconnexion réussie', 'info')
+    return redirect(url_for('index'))

app/routes/search.py

@@ -0,0 +1,8 @@
+from app import app
+from app.forms import AdvancedSearchForm
+from app.utils.render import render
+
+@app.route('/search')
+def search():
+    form = AdvancedSearchForm()
+    return render('search.html', form=form)

app/templates/account.html

@@ -2,7 +2,7 @@
 
 {% block content %}
 <section class="form" style="width:80%;">
-	<h1>Gestion du compte :</h1>
+	<h1>Gestion du compte</h1>
 
 	<form action="" method="post">
 		{{ form.hidden_tag() }}

app/templates/login.html

@@ -2,7 +2,7 @@
 
 {% block content %}
 <section class="form" style="width:40%;">
-	<h1>Sign In</h1>
+	<h1>Connexion</h1>
 	<form action="" method="post">
 		{{ form.hidden_tag() }}
 		<p>
@@ -22,6 +22,6 @@
 		<p>{{ form.remember_me() }} {{ form.remember_me.label }}</p>
 		<p>{{ form.submit() }}</p>
 	</form>
-	<p>New User? <a href="{{ url_for('register') }}">Click to Register!</a></p>
+	<p>Pas encore de compte&nbsp;? <a href="{{ url_for('register') }}">Créé-en un&nbsp;!</a></p>
 </form>
 {% endblock %}

app/templates/register.html

@@ -2,7 +2,7 @@
 
 {% block content %}
 <section class="form" style="width:40%;">
-	<h1>Inscription :</h1>
+	<h1>Inscription</h1>
 
 	<form action="" method="post">
 		{{ form.hidden_tag() }}

app/templates/search.html

@@ -2,9 +2,9 @@
 
 {% block content %}
 <section class="form" style="width:80%;">
-	<h1>Recherche avancée :</h1>
+	<h1>Recherche avancée</h1>
 
-	<form action="" method="post">
+	<form action="" method="get">
 		<div>
 			{{ form.q.label }}
 			{{ form.q(value=request.args.get('q')) }}

app/utils/render.py

@@ -0,0 +1,13 @@
+from flask import render_template
+from app.forms import LoginForm, SearchForm
+
+def render(*args, **kwargs):
+    # TODO: debugguer cette merde : au logout, ça foire
+    # if current_user.is_authenticated:
+    #     login_form = LoginForm()
+    #     return render_template(*args, **kwargs, login_form=login_form)
+    # return render_template(*args, **kwargs)
+    login_form = LoginForm()
+    search_form = SearchForm()
+    return render_template(*args, **kwargs,
+        login_form=login_form, search_form=search_form)