Compare commits
2 commits
old-update
...
production
| Author | SHA1 | Date | |
|---|---|---|---|
| daed360fb6 | |||
| 34c5300608 |
12 changed files with 66 additions and 88 deletions
41
LICENSE
41
LICENSE
|
|
@ -1,21 +1,28 @@
|
|||
MIT License
|
||||
Copyright 2010 Pallets
|
||||
|
||||
Copyright (c) 2023 PV Tejas
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
met:
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
1. Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
2. Redistributions in binary form must reproduce the above copyright
|
||||
notice, this list of conditions and the following disclaimer in the
|
||||
documentation and/or other materials provided with the distribution.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
3. Neither the name of the copyright holder nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
|
||||
TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
17
README.md
17
README.md
|
|
@ -10,20 +10,7 @@ Use `gunicorn -w 2 'flaskr:create_app()'` to run app. Increase the number of wor
|
|||
## Initializing database
|
||||
The first time you install the app in each environment, you need to initialize database using `flask --app flaskr init-db`. This only needs to be run once per environment, and **will delete existing database if run again**.
|
||||
|
||||
## Config file
|
||||
|
||||
The config file is located at `<python_environment>/var/flaskr-instance/config.py` in production, and in `instance/` in development. The instance folder is created when the database is initialized.
|
||||
|
||||
### Secret Key
|
||||
## Secret key
|
||||
Every website with login needs a secret key to hash passwords with.
|
||||
The config file must contain a line `SECRET_KEY = '<secret_key>`, which must be randomly generated.
|
||||
`<python_environment>/var/flaskr-instance/config.py` must contain a line `SECRET_KEY = '<secret_key>`, which must be randomly generated.
|
||||
Suggested way of generating the key is `python -c 'import secrets; print(secrets.token_hex())'`, which returns a hexadecimal string with length 64. You may choose to randomly generate a key using a different method, but ensure that it is resistant to brute-force attacks.
|
||||
|
||||
### Registration
|
||||
Since this blog is meant to be updated by a limited number of people, registration is forbidden (403) by default. In addition, registration (/auth/register) and login (/auth/login) URLs are not hyperlinked anywhere. Registration can be opened by including `REGISTER = True`, and is closed by default.
|
||||
|
||||
### Name
|
||||
The default app name is "Flaskr", and it is visible on the header bar as well as the page title. Including a line `NAME = '<name>'` in the config file replaces "Flaskr" with your chosen name.
|
||||
|
||||
### Static folder
|
||||
The default static folder is the one included in the repository. You can use a separate static folder to use your own assets by including a line `STATIC_FOLDER = '<absolute/path/to/folder>'` in the config file.
|
||||
|
|
|
|||
|
|
@ -8,8 +8,6 @@ def create_app(test_config=None):
|
|||
app.config.from_mapping(
|
||||
SECRET_KEY='dev',
|
||||
DATABASE=os.path.join(app.instance_path, 'flaskr.sqlite'),
|
||||
REGISTER=False,
|
||||
NAME='Flaskr'
|
||||
)
|
||||
|
||||
app.wsgi_app = ProxyFix(
|
||||
|
|
@ -23,9 +21,6 @@ def create_app(test_config=None):
|
|||
# load the test config if passed in
|
||||
app.config.from_mapping(test_config)
|
||||
|
||||
if app.config.get('STATIC_FOLDER') is not None:
|
||||
app.static_folder = app.config.get('STATIC_FOLDER')
|
||||
|
||||
# ensure the instance folder exists
|
||||
try:
|
||||
os.makedirs(app.instance_path)
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import functools
|
||||
|
||||
from flask import (
|
||||
Blueprint, flash, g, redirect, render_template, request, session, url_for, current_app, abort
|
||||
Blueprint, flash, g, redirect, render_template, request, session, url_for
|
||||
)
|
||||
from werkzeug.security import check_password_hash, generate_password_hash
|
||||
|
||||
|
|
@ -11,8 +11,7 @@ bp = Blueprint('auth', __name__, url_prefix='/auth')
|
|||
|
||||
@bp.route('/register', methods=('GET', 'POST'))
|
||||
def register():
|
||||
if not current_app.config['REGISTER']:
|
||||
abort(403)
|
||||
return "Admin only", 403
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ from flaskr.auth import login_required
|
|||
from flaskr.db import get_db
|
||||
|
||||
import markdown
|
||||
import datetime
|
||||
|
||||
bp = Blueprint('blog', __name__)
|
||||
|
||||
|
|
@ -20,6 +21,8 @@ def index():
|
|||
).fetchall()
|
||||
posts = []
|
||||
for post in db_posts:
|
||||
if post['created'] > datetime.datetime.utcnow():
|
||||
continue
|
||||
post = dict(post)
|
||||
post['body'] = markdown.markdown(post['body'])
|
||||
posts.append(post)
|
||||
|
|
@ -66,13 +69,6 @@ def get_post(id, check_author=True):
|
|||
|
||||
return post
|
||||
|
||||
@bp.route('/<int:id>')
|
||||
def post(id):
|
||||
post = get_post(id, check_author=False)
|
||||
post = dict(post)
|
||||
post['body'] = markdown.markdown(post['body'])
|
||||
return render_template('blog/post.html', post=post)
|
||||
|
||||
@bp.route('/<int:id>/update', methods=('GET', 'POST'))
|
||||
@login_required
|
||||
def update(id):
|
||||
|
|
@ -81,19 +77,23 @@ def update(id):
|
|||
if request.method == 'POST':
|
||||
title = request.form['title']
|
||||
body = request.form['body']
|
||||
created = request.form['created']
|
||||
error = None
|
||||
|
||||
if not title:
|
||||
error = 'Title is required.'
|
||||
|
||||
if not created:
|
||||
error = "Created is required."
|
||||
|
||||
if error is not None:
|
||||
flash(error)
|
||||
else:
|
||||
db = get_db()
|
||||
db.execute(
|
||||
'UPDATE post SET title = ?, body = ?'
|
||||
'UPDATE post SET title = ?, body = ?, created = ?'
|
||||
' WHERE id = ?',
|
||||
(title, body, id)
|
||||
(title, body, created, id)
|
||||
)
|
||||
db.commit()
|
||||
return redirect(url_for('blog.index'))
|
||||
|
|
@ -108,7 +108,3 @@ def delete(id):
|
|||
db.execute('DELETE FROM post WHERE id = ?',(id,))
|
||||
db.commit()
|
||||
return redirect(url_for('blog.index'))
|
||||
|
||||
@bp.route('/temp')
|
||||
def temp():
|
||||
return render_template('temp.html')
|
||||
|
|
|
|||
Binary file not shown.
|
Before Width: | Height: | Size: 73 B After Width: | Height: | Size: 101 KiB |
|
|
@ -1,6 +1,11 @@
|
|||
html { font-family: sans-serif; background: #eee; padding: 1rem; }
|
||||
body { max-width: 960px; margin: 0 auto; background: white; }
|
||||
h1 { font-family: serif; color: #377ba8; margin: 1rem 0; }
|
||||
h2 { color: #377ba8; margin: 1rem 0; }
|
||||
h3 { color: #377ba8; margin: 1rem 0; }
|
||||
h4 { color: #377ba8; margin: 1rem 0; }
|
||||
h5 { color: #377ba8; margin: 1rem 0; }
|
||||
h6 { color: #377ba8; margin: 1rem 0; }
|
||||
a { color: #377ba8; }
|
||||
hr { border: none; border-top: 1px solid lightgray; }
|
||||
nav { background: lightgray; display: flex; align-items: center; padding: 0 0.5rem; }
|
||||
|
|
@ -14,7 +19,12 @@ nav ul li a, nav ul li span, header .action { display: block; padding: 0.5rem; }
|
|||
.flash { margin: 1em 0; padding: 1em; background: #cae6f6; border: 1px solid #377ba8; }
|
||||
.post > header { display: flex; align-items: flex-end; font-size: 0.85em; }
|
||||
.post > header > div:first-of-type { flex: auto; }
|
||||
.post > header h1 { font-size: 1.5em; margin-bottom: 0; }
|
||||
.post > header h1 { margin-bottom: 0; }
|
||||
.post > h2 { margin-bottom: 0; }
|
||||
.post > h3 { margin-bottom: 0; }
|
||||
.post > h4 { margin-bottom: 0; }
|
||||
.post > h5 { margin-bottom: 0; }
|
||||
.post > h6 { margin-bottom: 0; }
|
||||
.post .about { color: slategray; font-style: italic; }
|
||||
.post .body { white-space: pre-line; }
|
||||
.content:last-child { margin-bottom: 0; }
|
||||
|
|
|
|||
|
|
@ -1,19 +1,19 @@
|
|||
<!doctype html>
|
||||
<title>{% block title %}{% endblock %} - {{ config['NAME'] }}</title>
|
||||
<title>{% block title %}{% endblock %} - blogsparkinfinite</title>
|
||||
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
|
||||
<link rel="icon" type="image/png" href="{{ url_for('static', filename='favicon.png') }}">
|
||||
<nav>
|
||||
<h1>{{ config['NAME'] }}</h1>
|
||||
<h1>blogsparkinfinite</h1>
|
||||
<ul>
|
||||
{% if g.user %}
|
||||
<li><span>{{ g.user['username'] }}</span>
|
||||
<li><a href="{{ url_for('auth.logout') }}">Log Out</a>
|
||||
{% else %}
|
||||
<li><a href="{{ url_for('auth.register') }}">Register</a>
|
||||
<li><a href="{{ url_for('auth.login') }}">Log In</a>
|
||||
{% endif %}
|
||||
</ul>
|
||||
</nav>
|
||||
</br>
|
||||
</br>
|
||||
</br>
|
||||
<section class="content">
|
||||
<header>
|
||||
{% block header %}{% endblock %}
|
||||
|
|
|
|||
|
|
@ -12,13 +12,14 @@
|
|||
<article class="post">
|
||||
<header>
|
||||
<div>
|
||||
<h1><a href="{{ url_for('blog.post', id=post['id']) }}">{{ post['title'] }}</a></h1>
|
||||
<h1>{{ post['title'] }}</h1>
|
||||
<div class="about">by {{ post['username'] }} on {{ post['created'].strftime('%Y-%m-%d') }}</div>
|
||||
</div>
|
||||
{% if g.user['id'] == post['author_id'] %}
|
||||
<a href="{{ url_for('blog.update', id=post['id']) }}">Edit</a>
|
||||
<a class="action" href="{{ url_for('blog.update', id=post['id']) }}">Edit</a>
|
||||
{% endif %}
|
||||
</header>
|
||||
<p class="body">{{ post['body']|safe }}</p>
|
||||
</article>
|
||||
{% if not loop.last %}
|
||||
<hr>
|
||||
|
|
|
|||
|
|
@ -1,20 +0,0 @@
|
|||
{% extends 'base.html' %}
|
||||
|
||||
{% block header %}
|
||||
<h1>{% block title %}{{ post['title']}}{% endblock %}</h1>
|
||||
{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<article class="post">
|
||||
<header>
|
||||
<div>
|
||||
<h1>{{ post['title'] }}</h1>
|
||||
<div class="about">by {{ post['username'] }} on {{ post['created'].strftime('%Y-%m-%d') }}</div>
|
||||
</div>
|
||||
{% if g.user['id'] == post['author_id'] %}
|
||||
<a class="action" href="{{ url_for('blog.update', id=post['id']) }}">Edit</a>
|
||||
{% endif %}
|
||||
</header>
|
||||
<p class="body">{{ post['body']|safe }}</p>
|
||||
</article>
|
||||
{% endblock %}
|
||||
|
|
@ -11,6 +11,9 @@
|
|||
value="{{ request.form['title'] or post['title'] }}" required>
|
||||
<label for="body">Body</label>
|
||||
<textarea name="body" id="body">{{ request.form['body'] or post['body'] }}</textarea>
|
||||
<label for="created">Created</label>
|
||||
<input name="created" id="created"
|
||||
value="{{ request.form['created'] or post['created'] }}" required>
|
||||
<input type="submit" value="Save">
|
||||
</form>
|
||||
<hr>
|
||||
|
|
|
|||
|
|
@ -8,11 +8,11 @@ dnspython==2.3.0
|
|||
email-validator==2.0.0.post2
|
||||
exceptiongroup==1.1.1
|
||||
Flask==2.3.2
|
||||
-e git+https://gitlab.com/pvtejas/based4tech.git@bda624e4dc1cf97ba2b5b3fcb66a5b28398307bc#egg=flaskr
|
||||
# -e git+https://gitlab.com/pvtejas/based4tech.git@4be89bd767a7c5a84ab62fbf4ad924ae1af077f1#egg=flaskr
|
||||
gunicorn==20.1.0
|
||||
h11==0.14.0
|
||||
httpcore==0.17.0
|
||||
httptools==0.5.0
|
||||
httptools
|
||||
httpx==0.24.0
|
||||
idna==3.4
|
||||
iniconfig==2.0.0
|
||||
|
|
@ -20,20 +20,20 @@ itsdangerous==2.1.2
|
|||
Jinja2==3.1.2
|
||||
Markdown==3.4.3
|
||||
MarkupSafe==2.1.2
|
||||
orjson==3.8.11
|
||||
orjson
|
||||
packaging==23.1
|
||||
pluggy==1.0.0
|
||||
pyproject_hooks==1.0.0
|
||||
pytest==7.3.2
|
||||
python-dotenv==1.0.0
|
||||
python-multipart==0.0.6
|
||||
PyYAML==6.0
|
||||
# PyYAML==6.0
|
||||
sniffio==1.3.0
|
||||
tomli==2.0.1
|
||||
typing_extensions==4.5.0
|
||||
ujson==5.7.0
|
||||
ujson
|
||||
uvicorn==0.22.0
|
||||
uvloop==0.17.0
|
||||
uvloop
|
||||
watchfiles==0.19.0
|
||||
websockets==11.0.3
|
||||
Werkzeug==2.3.3
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue