from flask import Flask, render_template, redirect, request, session, url_for
from flask_sqlalchemy import SQLAlchemy
from flask_admin import Admin, AdminIndexView, expose
from flask_admin.contrib.sqla import ModelView
app = Flask(__name__)
app.secret_key = 'bebra'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///Picture_Puzzle_web.db'
db = SQLAlchemy(app)
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(100), unique=True, nullable=False)
password = db.Column(db.String(100), nullable=False)
email = db.Column(db.String(100), unique=True, nullable=False)
class Post(db.Model):
id = db.Column(db.Integer, primary_key=True)
date_created = db.Column(db.String(100), unique=False, nullable=False)
alias = db.Column(db.String(100), unique=True, nullable=False)
title = db.Column(db.String(100), nullable=False)
image = db.Column(db.String(100), nullable=False)
class MyAdminIndexView(AdminIndexView):
@expose('/')
def index(self):
if not session.get('admin_logged_in'):
return redirect(url_for('admin_login'))
return self.render('admin/index.html')
class UserAdminView(ModelView):
column_exclude_list = ['password']
form_excluded_columns = ['password']
class PostAdminView(ModelView):
pass
class TableAdminView(ModelView):
can_delete = True
can_create = True
can_edit = True
column_display_pk = True
admin = Admin(app, name='Admin Panel', template_mode='bootstrap3', index_view=MyAdminIndexView())
admin.add_view(UserAdminView(User, db.session))
admin.add_view(PostAdminView(Post, db.session))
ADMIN_USERNAME = 'user'
ADMIN_PASSWORD = '1234'
@app.route("/admin/login", methods=["GET", "POST"])
def admin_login():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if username == ADMIN_USERNAME and password == ADMIN_PASSWORD:
session["admin_logged_in"] = True
return redirect(url_for("admin.index"))
else:
return render_template("admin/login.html", error_msg="Invalid credentials")
return render_template("admin/login.html", error_msg=None)
@app.route("/admin/logout")
def admin_logout():
session.pop("admin_logged_in", None)
return redirect(url_for("index"))
@app.route("/")
def index():
latest_posts = Post.query.all()
return render_template("index.html", latest_posts=latest_posts)
@app.route("/posts")
def all_posts():
all_posts = Post.query.all()
return render_template("posts.html", posts=all_posts)
@app.route("/about")
def about():
return render_template("about.html")
@app.route("/posts/<alias>")
def post(alias):
post_info = Post.query.filter_by(alias=alias).first()
if post_info:
return render_template(f"{alias}.html", post_info=post_info)
else:
return "Post not found", 404
@app.route("/login", methods=["GET", "POST"])
def login():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
user = User.query.filter_by(username=username, password=password).first()
if user:
session["username"] = username
return redirect(url_for("index"))
return render_template("auth/login.html")
@app.route("/logout")
def logout():
session.pop("username", None)
return redirect(url_for("index"))
@app.route("/register", methods=["GET", "POST"])
def register():
if request.method == "POST":
username = request.form["username"]
email = request.form["email"]
password = request.form["password"]
existing_user = User.query.filter_by(email=email).first()
if existing_user:
error_msg = "Email already exists"
return render_template("auth/register.html", error_msg=error_msg)
existing_username = User.query.filter_by(username=username).first()
if existing_username:
error_msg = "Username already exists"
return render_template("auth/register.html", error_msg=error_msg)
new_user = User(username=username, email=email, password=password)
db.session.add(new_user)
db.session.commit()
return redirect(url_for("login"))
return render_template("auth/register.html")
if __name__ == '__main__':
app.run(debug=True)