# importsfrom flask import Flask, render_template, request, session, \ fl

1. # imports
2. from flask import Flask, render_template, request, session, \
3.     flash, redirect, url_for, g
4. import sqlite3
5. from functools import wraps
6.  
7. # configuration
8. DATABASE = 'blog.db'
9. USERNAME = 'admin'
10. PASSWORD = 'admin'
11. SECRET_KEY = 'hard_to_guess'
12.  
13. app = Flask(__name__)
14.  
15. # pulls in configurations by looking for UPPERCASE variables
16. app.config.from_object(__name__)
17.  
18.  
19. # function used for connecting to the database
20. def connect_db():
21.     return sqlite3.connect(app.config['DATABASE'])
22.  
23.  
24. def login_required(test):
25.     @wraps(test)
26.     def wrap(*args, **kwargs):
27.         if 'logged_in' in session:
28.             return test(*args, **kwargs)
29.         else:
30.             flash('You need to login first.')
31.             return redirect(url_for('login'))
32.     return wrap
33.  
34.  
35. @app.route('/', methods=['GET', 'POST'])
36. def login():
37.     error = None
38.     if request.method == 'POST':
39.         if request.form['username'] != app.config['USERNAME'] or\
40.                 request.form['password'] != app.config['PASSWORD']:
41.             error = 'Invalid Credentials. Please try again.'
42.         else:
43.             session['logged_in'] = True
44.             return redirect(url_for('main'))
45.     return render_template('login.html', error=error)
46.  
47.  
48. @app.route('/main')
49. @login_required
50. def main():
51.     g.db = connect_db()
52.     cur = g.db.execute('select * from posts')
53.     posts = [dict(title=row[0], post=row[1]) for row in cur.fetchall()]
54.     g.db.close()
55.     return render_template('main.html', posts=posts)
56.  
57.  
58. @app.route('/add', methods=['POST'])
59. @login_required
60. def add():
61.     title = request.form['title']
62.     post = request.form['post']
63.     if not title or not post:
64.         flash("All fields are required. Please try again.")
65.         return redirect(url_for('main'))
66.     else:
67.         g.db = connect_db()
68.         g.db.execute(
69.             'insert into posts (title, post) values (?, ?)',
70.             [request.form['title'], request.form['post']]
71.         )
72.         g.db.commit()
73.         g.db.close()
74.         flash('New entry was successfully posted!')
75.         return redirect(url_for('main'))
76.  
77.  
78. @app.route('/logout')
79. def logout():
80.     session.pop('logged_in', None)
81.     flash('You were logged out')
82.     return redirect(url_for('login'))
83.  
84. if __name__ == '__main__':
85.     app.run(debug=True)