from flask import Flask, render_template, redirect, request, session, url_for from flask_sqlalchemy import SQLAlchemy from flask_admin import Admin, AdminIndexView, expose from flask_admin.contrib.sqla import ModelView app = Flask(__name__) app.secret_key = 'bebra' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///Picture_Puzzle_web.db' db = SQLAlchemy(app) class User(db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(100), unique=True, nullable=False) password = db.Column(db.String(100), nullable=False) email = db.Column(db.String(100), unique=True, nullable=False) class Post(db.Model): id = db.Column(db.Integer, primary_key=True) date_created = db.Column(db.String(100), unique=False, nullable=False) alias = db.Column(db.String(100), unique=True, nullable=False) title = db.Column(db.String(100), nullable=False) image = db.Column(db.String(100), nullable=False) class MyAdminIndexView(AdminIndexView): @expose('/') def index(self): if not session.get('admin_logged_in'): return redirect(url_for('admin_login')) return self.render('admin/index.html') class UserAdminView(ModelView): column_exclude_list = ['password'] form_excluded_columns = ['password'] class PostAdminView(ModelView): pass class TableAdminView(ModelView): can_delete = True can_create = True can_edit = True column_display_pk = True admin = Admin(app, name='Admin Panel', template_mode='bootstrap3', index_view=MyAdminIndexView()) admin.add_view(UserAdminView(User, db.session)) admin.add_view(PostAdminView(Post, db.session)) ADMIN_USERNAME = 'eluk' ADMIN_PASSWORD = '1234' @app.route("/admin/login", methods=["GET", "POST"]) def admin_login(): if request.method == "POST": username = request.form["username"] password = request.form["password"] if username == ADMIN_USERNAME and password == ADMIN_PASSWORD: session["admin_logged_in"] = True return redirect(url_for("admin.index")) else: return render_template("admin/login.html", error_msg="Invalid credentials") return render_template("admin/login.html", error_msg=None) @app.route("/admin/logout") def admin_logout(): session.pop("admin_logged_in", None) return redirect(url_for("index")) @app.route("/") def index(): latest_posts = Post.query.all() return render_template("index.html", latest_posts=latest_posts) @app.route("/posts") def all_posts(): all_posts = Post.query.all() return render_template("posts.html", posts=all_posts) @app.route("/about") def about(): return render_template("about.html") @app.route("/posts/") def post(alias): post_info = Post.query.filter_by(alias=alias).first() if post_info: return render_template(f"{alias}.html", post_info=post_info) else: return "Post not found", 404 @app.route("/login", methods=["GET", "POST"]) def login(): if request.method == "POST": username = request.form["username"] password = request.form["password"] user = User.query.filter_by(username=username, password=password).first() if user: session["username"] = username return redirect(url_for("index")) return render_template("auth/login.html") @app.route("/logout") def logout(): session.pop("username", None) return redirect(url_for("index")) @app.route("/register", methods=["GET", "POST"]) def register(): if request.method == "POST": username = request.form["username"] email = request.form["email"] password = request.form["password"] existing_user = User.query.filter_by(email=email).first() if existing_user: error_msg = "Email already exists" return render_template("auth/register.html", error_msg=error_msg) existing_username = User.query.filter_by(username=username).first() if existing_username: error_msg = "Username already exists" return render_template("auth/register.html", error_msg=error_msg) new_user = User(username=username, email=email, password=password) db.session.add(new_user) db.session.commit() return redirect(url_for("login")) return render_template("auth/register.html") if __name__ == '__main__': app.run(debug=True)