Untitled

# imports
import sqlite3
from flask import Flask, request, session, g, redirect, \
     abort, url_for, render_template, flash

# config
DATABASE = 'static/flaskr.db'
DEBUG = True
SECRET_KEY = 'DEVKEY'
USERNAME = 'admin'
PASSWORD = 'dragon'

# init app
app = Flask(__name__)
app.config.from_object(__name__)

# connect to database
def connect_to_db():
    return sqlite3.connect(app.config['DATABASE'])

@app.before_request
def before_request():
    g.db = connect_to_db()

@app.teardown_request
def teardown_request(exception):
    g.db.close()

# show titles and articles and send to template
@app.route('/')
def show_entries():
    cur = g.db.execute('SELECT title, text FROM entries order by id desc')
    entries = [dict(title=row[0], text=row[1]) for row in cur.fetchall()]
    return render_template('show_entries.html', entries=entries)

# add entry to db -> checks if user is logged in first
@app.route('/add', methods=['POST'])
def add_entry():
    if not session.get('logged_in'):
        abort(401)
    g.db.execute('INSERT INTO entries (title, text) values (?, ?)', [request.form['title'], request.form['text']])
    flash('New entry posted successfully!')
    return redirect(url_for('show_entries'))

@app.route('/login', methods=['GET', 'POST'])
def login():
    error = None
    if request.method == 'POST':
        if request.form['username'] != app.config['USERNAME']:
            error = 'Invalid username'
        elif request.form['password'] != app.config['PASSWORD']:
            error = 'Invalid password'
        else:
            session['logged_in'] = True
            flash('You were logged in')
            return redirect(url_for('show_entries'))
    return render_template('login.html', error=error)

@app.route('/logout')
def logout():
    session.pop('logged_in', None)
    flash('You were logged out')
    return redirect(url_for(show_entries))

if __name__ == '__main__':
    app.run()