from flask import Flask, render_template, request, session, \ flash, redirect,

1. from flask import Flask, render_template, request, session, \
2.     flash, redirect, url_for, g
3.  
4. from functools import wraps
5. import sqlite3
6.  
7.  
8. #configuration
9. DATABASE = 'blog.db'
10. USERNAME = 'admin'
11. PASSWORD = 'admin'
12. SECRET_KEY = 'q2A8%IW5Ks^1fP&b'
13.  
14. app = Flask(__name__)
15.  
16. #pulls in app configuration by looking for UPPERCASE variables
17.  
18. app.config.from_object(__name__)
19.  
20. def login_required(test):
21.     @wraps(test)
22.     def wrap(*args, **kwargs):
23.         if 'logged_in' in session:
24.             return test(*args, **kwargs)
25.         else:
26.             flash('You need to log in first.')
27.             return redirect(url_for('login'))
28.     return wrap
29.  
30. #function used for connecting to the database
31. def connect_db():
32.     return sqlite3.connect(app.config['DATABASE'])
33.  
34. @app.route('/', methods=['GET', 'POST'])
35. def login():
36.     error = None
37.     status_code = 200
38.     if request.method == 'POST':
39.         if request.form['username'] != app.config['USERNAME'] or \
40.                 request.form['password'] != app.config['PASSWORD']:
41.             error = 'Invalid Credentials. Please try again.'
42.             status_code = 401
43.         else:
44.             session['logged_in'] = True
45.             return redirect(url_for('main'))
46.     return render_template('login.html', error=error), status_code
47.  
48. @app.route('/main')
49. @login_required
50. def main():
51.     g.db = connect_db()
52.     cur = g.db.execute('select * from posts')
53.     posts = [dict(title=row[0], post=row[1]) for row in cur.fetchall()]
54.     g.db.close()
55.     return render_template('main.html', posts=posts)
56.  
57. @app.route('/add', methods=['POST'])
58. @login_required
59. def add():
60.     title = request.form['title']
61.     post = request.form['post']
62.     if not title or not post:
63.         flash("All fields are requred. Please try again.")
64.         return redirect(url_for('main'))
65.     else:
66.         g.db = connect_db()
67.         g.db.execute('Insert into posts (title, post) values (?, ?)',
68.             [request.form['title'], request.form['post']])
69.         g.db.commit()
70.         g.db.close()
71.         flash('New entry was successfully posted!')
72.         return redirect(url_for('main'))
73.  
74.  
75. @app.route('/logout')
76. def logout():
77.     session.pop('logged_in', None)
78.     flash('You were logged out')
79.     return redirect(url_for('login'))
80.  
81.  
82.  
83. if __name__ == "__main__":
84.     app.run(debug=True)