xevion/runnerspace
1
0
Fork 0
mirror of https://github.com/Xevion/runnerspace.git synced 2025-12-10 16:08:30 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add login checks for user_edit form page viewing

Browse Source
This commit is contained in:
Xevion
2022-03-27 09:39:51 -05:00
parent 03ed77b328
commit 23fd613d8f
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
routes.py
View File

@@ -1,5 +1,5 @@
from flask import Blueprint, render_template from flask import Blueprint, redirect, render_template, url_for
from flask_login import login_required from flask_login import current_user, login_required
from .models import User from .models import User
@@ -43,10 +43,13 @@ def user(username: str):
return render_template('pages/user.html', user=user) return render_template('pages/user.html', user=user)
@blueprint.route('/user/<username>/edit') @blueprint.route('/user/<username>/edit', methods=['GET'])
@login_required @login_required
def edit_user(username: str): def edit_user(username: str):
return render_template('pages/user_edit.html') user = User.query.filter_by(username=username).first_or_404()
if current_user.id == user.id:
return render_template('pages/user_edit.html', user=user)
return redirect(url_for('main.user', username=username))
@blueprint.route('/blogs') @blueprint.route('/blogs')