PCv5/app/routes.py

from flask import render_template, flash, redirect, url_for, request
from flask_login import login_user, logout_user, current_user, login_required
from werkzeug.urls import url_parse
from app import app, db
from app.forms import LoginForm, RegistrationForm, UpdateAccountForm, SearchForm, AdvancedSearchForm
from app.models.users import Member

# Ce truc c'est la vie !
def _render_template(*args, **kwargs):
    # TODO: debugguer cette merde : au logout, ça foire
    # if current_user.is_authenticated:
    #     login_form = LoginForm()
    #     return render_template(*args, **kwargs, login_form=login_form)
    # return render_template(*args, **kwargs)
    login_form = LoginForm()
    search_form = SearchForm()
    return render_template(*args, **kwargs,
        login_form=login_form, search_form=search_form)


@app.route('/')
def index():
    login_form = LoginForm()
    return _render_template('index.html')

@app.route('/login',  methods=['GET', 'POST'])
def login():
    form = LoginForm()
    if form.validate_on_submit():
        member = Member.query.filter_by(name=form.username.data).first()
        if member is None or not member.check_password(form.password.data):
            flash('Pseudo ou mot de passe invalide', 'error')
            return redirect(request.referrer)
        login_user(member, remember=form.remember_me.data)
        flash('Connexion réussie', 'info')
        r = request.args.get('next')
        if r:
            # TODO : prevent OpenRedirect security issues
            return redirect(r)
        else:
            try:
                return redirect(request.referer)
            except:
                return redirect(url_for('index'))
    return _render_template('login.html', form=form)

@app.route('/logout')
def logout():
    logout_user()
    flash('Déconnexion réussie', 'info')
    return redirect(url_for('index'))


@app.route('/account', methods=['GET', 'POST'])
def account():
    # TODO: utiliser le décorateur @login_required
    if not current_user.is_authenticated:
        flash('Veuillez vous authentifier', 'warning')
        return redirect(url_for('login', next=url_for('account')))
    form = UpdateAccountForm()
    if request.method == "POST":
        if form.validate_on_submit():
            current_user.update({
                "email":      form.email.data,
                "password":   form.password.data,
                "signature":  form.signature.data,
                "bio":        form.biography.data,
                "birthday":   form.birthday.data,
                "newsletter": form.newsletter.data
            })
            db.session.add(current_user)
            db.session.commit()
            flash('Modifications effectuées', 'ok')
        else:
            flash('Erreur lors de la modification', 'error')
    return _render_template('account.html', form=form)

@app.route('/register', methods=['GET', 'POST'])
def register():
    if current_user.is_authenticated:
        return redirect(url_for('index'))
    form = RegistrationForm()
    if form.validate_on_submit():
        member = Member(form.username.data, form.email.data, form.password.data)
        db.session.add(member)
        db.session.commit()
        flash('Inscription réussie', 'ok')
        return redirect(url_for('validation'))
    return _render_template('register.html', title='Register', form=form)

@app.route('/register/validation/')
def validation():
    if current_user.is_authenticated :
        return redirect(url_for('index'))
    return _render_template('validation.html')

@app.route('/search')
def search():
    form = AdvancedSearchForm()
    return _render_template('search.html', form=form)