From f66dfff19be67a268fc36975a995e206cf41f91b Mon Sep 17 00:00:00 2001
From: citrons <citrons>
Date: Sat, 19 Jun 2021 08:03:09 +0000
Subject: user settings page, usernames link to user profiles

---
 apioforum/static/style.css             | 14 +++++-------
 apioforum/templates/base.html          | 10 ++++----
 apioforum/templates/common.html        |  7 +++++-
 apioforum/templates/user_settings.html | 26 +++++++++++++++++++++
 apioforum/templates/view_forum.html    |  6 ++---
 apioforum/templates/view_user.html     |  7 +++++-
 apioforum/user.py                      | 42 +++++++++++++++++++++++++++++++++-
 7 files changed, 94 insertions(+), 18 deletions(-)
 create mode 100644 apioforum/templates/user_settings.html

diff --git a/apioforum/static/style.css b/apioforum/static/style.css
index 401fedb..d725165 100644
--- a/apioforum/static/style.css
+++ b/apioforum/static/style.css
@@ -1,4 +1,4 @@
-body { font-family: sans-serif }
+body { font-family: sans-serif; word-wrap: break-word; }
 
 :root {
     --alternating-colour-even: hsl(0,0%,96%);
@@ -16,10 +16,8 @@ body { font-family: sans-serif }
 }
 .post:last-of-type { border-bottom: 1px solid black; }
 
-.post-heading {
-    color: hsl(0,0%,25%);
-    font-size: smaller;
-}
+.post-heading { font-size: smaller; }
+.post-heading,.post-heading .username { color: hsl(0,0%,25%); }
 .post-heading-em { font-weight: bold; }
 .post-content   * { margin-bottom: 8px; margin-top: 8px; }
 .post-content > *:first-child { margin-top: 2px }
@@ -30,7 +28,7 @@ body { font-family: sans-serif }
 
 .post-anchor-link { color: hsl(0,0%,25%); }
 
-.thread-top-bar {
+.thread-top-bar, .user-top-bar {
     margin-bottom: 4px;
 }
 
@@ -49,8 +47,8 @@ body { font-family: sans-serif }
     width: 100%;
 	padding: 4px;
 }
-.user_bio_quote { width: max-content; }
-.user_bio_attribution { text-align: right; }
+.user_bio_quote { width: max-content; max-width: 100% }
+.user_bio_attribution { text-align: right; font-style: italic; }
 
 dt { font-weight: bold }
 
diff --git a/apioforum/templates/base.html b/apioforum/templates/base.html
index bf3748f..3eb112e 100644
--- a/apioforum/templates/base.html
+++ b/apioforum/templates/base.html
@@ -19,25 +19,25 @@
 				<p><a href="{{url_for('index')}}">home</a></p>
 
 				{% if g.user %}
-				<p>{{ g.user }}</p>
+				<p><a href="{{url_for('user.view_user', username=g.user)}}">{{g.user}}</a></p>
 
 				{% if is_admin %}
 				<p><a href="{{url_for('admin.admin_page')}}">admin</a></p>
 				{% endif %}
     				
 				<p>
-					<a href="{{ url_for('auth.logout',next=path_for_next) }}">
+					<a href="{{url_for('auth.logout',next=path_for_next)}}">
 						logout
 					</a>
 				</p>
 				{% else %}
 				<p>
-					<a href="{{ url_for('auth.login',next=path_for_next) }}">
+					<a href="{{url_for('auth.login',next=path_for_next)}}">
 						login
 					</a>
 				</p>
 				<p>
-					<a href="{{ url_for('auth.register',next=path_for_next) }}">
+					<a href="{{url_for('auth.register',next=path_for_next)}}">
 						register
 					</a>
 				</p>
@@ -60,6 +60,8 @@
         </main>
         {% endblock %}
     <script>/* bees */</script>
+	<!-- citrons was here -->
+	<!-- Complete hybridisation of various species of wild duck gene pools could result in the extinction of many indigenous waterfowl. -->
     </body>
 </html>
 
diff --git a/apioforum/templates/common.html b/apioforum/templates/common.html
index 2e59b2c..c484a9d 100644
--- a/apioforum/templates/common.html
+++ b/apioforum/templates/common.html
@@ -1,8 +1,13 @@
+{% macro disp_user(username) -%} 
+<a href="{{url_for('user.view_user',username=username)}}" class="username">{{username}}</a>
+{%- endmacro %}
+
 {% macro disp_post(post, buttons=False) %}
 <div class="post" id="post_{{post.id}}">
     <div class="post-heading">
         <span class="post-heading-a">
-            <span class="post-heading-em">{{post.author}}</span> {{ts(post.created)}}
+			<span class="post-heading-em">{{disp_user(post.author)}}</span> 
+			{{ts(post.created)}}
             {% if post.edited %}
                 (edited {{ts(post.updated)}})
             {% endif %}
diff --git a/apioforum/templates/user_settings.html b/apioforum/templates/user_settings.html
new file mode 100644
index 0000000..fdd447f
--- /dev/null
+++ b/apioforum/templates/user_settings.html
@@ -0,0 +1,26 @@
+{% extends 'base.html' %}
+{% block header %}<h1>{% block title %}user settings{% endblock %}</h1>{% endblock %}
+{% block content %}
+<form method="post">
+<fieldset>
+<legend>change password</legend>
+<p>if you want to change your password, make sure you check the "change password?" box.</p>
+<label for="do_chpass">change password?</label>
+<input type="checkbox" id="do_chpass" name="do_chpass"><br>
+<label for="password">current password</label>
+<input type="text" id="password" name="password"><br>
+<label for="new_password">new password</label>
+<input type="text" id="new_password" name="new_password">
+</fieldset>
+<fieldset>
+<legend>change bio</legend>
+<p>if you want to change your bio, make sure you check the "change bio?" box.</p>
+<label for="do_chbio">change bio?</label>
+<input type="checkbox" name="do_chbio" id="do_chbio"><br>
+<textarea class="new-post-box" name="bio">{{user.bio or "hail GEORGE"}}</textarea>
+</fieldset>
+<p>confirm changes?</p>
+<input type="submit" value="confirm">
+<a href="{{url_for('user.view_user',username=user.username)}}">cancel</a>
+</form>
+{% endblock %}
diff --git a/apioforum/templates/view_forum.html b/apioforum/templates/view_forum.html
index 3edb7f0..59c594b 100644
--- a/apioforum/templates/view_forum.html
+++ b/apioforum/templates/view_forum.html
@@ -1,5 +1,5 @@
 {% extends 'base.html' %}
-{% from 'common.html' import ts, tag %}
+{% from 'common.html' import ts, tag, disp_user %}
 {% block header %}<h1>{% block title %}apioforum{%endblock%}</h1>{%endblock%}
 {%block nmcontent%}
 <main class="widemain">
@@ -50,10 +50,10 @@
             {{tag(the_tag)}}
         {% endfor %}
     </div>
-    <div class="threadlisting-part threadlisting-part-creator">{{thread.creator}}</div>
+    <div class="threadlisting-part threadlisting-part-creator">{{disp_user(thread.creator)}}</div>
     <div class="threadlisting-part threadlisting-part-created">{{ts(thread.created)}}</div>
     <div class="threadlisting-part threadlisting-part-updated">{{ts(thread.updated)}}</div>
-    <div class="threadlisting-part threadlisting-part-lastactivityby">{{thread.last_user}}</div>
+    <div class="threadlisting-part threadlisting-part-lastactivityby">{{disp_user(thread.last_user)}}</div>
     <div class="threadlisting-part threadlisting-part-numreplies">{{thread.num_replies}}</div>
 </div>
 {%endfor%}
diff --git a/apioforum/templates/view_user.html b/apioforum/templates/view_user.html
index 93618a5..f773978 100644
--- a/apioforum/templates/view_user.html
+++ b/apioforum/templates/view_user.html
@@ -5,6 +5,11 @@
 {% endblock %}
 
 {%block content%}
+<div class="user-top-bar">
+	{% if g.user == user.username %}
+	<a class="actionbutton" href="{{url_for('user.edit_user',username=user.username)}}">settings</a>
+	{% endif %}
+</div>
 <div class="user_info">
 	<div class="user_bio_quote">
 		<div class="user_bio">{{rendered_bio|safe}}</div>
@@ -13,7 +18,7 @@
 	<dl>
 		<dt>joined</dt>
 		{% if user.joined %}
-			<dd>{{ts(user.joined)}}</dd>
+			<dd>{{ts(user.joined)}} ago</dd>
 		{% else %}
 			<dd>a very long time ago</dd>
 		{% endif %}
diff --git a/apioforum/user.py b/apioforum/user.py
index af0539a..409cfe1 100644
--- a/apioforum/user.py
+++ b/apioforum/user.py
@@ -1,14 +1,16 @@
 # user pages
 
 from flask import (
-    Blueprint, render_template, abort, g
+    Blueprint, render_template, abort, g, flash, redirect, url_for, request
 )
 
+from werkzeug.security import check_password_hash, generate_password_hash
 from .db import get_db
 from .mdrender import render
 
 bp = Blueprint("user", __name__, url_prefix="/user")
 
+
 @bp.route("/<username>")
 def view_user(username):
     db = get_db()
@@ -23,3 +25,41 @@ def view_user(username):
             rendered_bio=render(user['bio'] or "hail GEORGE"), 
             posts=posts,
             rendered_posts=rendered_posts)
+
+@bp.route("/<username>/edit", methods=["GET","POST"])
+def edit_user(username):
+    db = get_db()
+    user = db.execute("SELECT * FROM users WHERE username = ?;",(username,)).fetchone()
+    if user is None:
+        abort(404)
+    if username != g.user:
+        flash("you cannot modify other people")
+        return redirect(url_for("user.view_user",username=username))
+
+    if request.method == "POST":
+        err = []
+        if 'do_chpass' in request.form:
+            if not check_password_hash(user['password'],request.form['password']):
+                err.append("entered password does not match current password")
+            else:
+                db.execute("update users set password = ? where username = ?", 
+                        (generate_password_hash(request.form["new_password"]), username))
+                db.commit()
+                flash("password changed changefully")
+        if 'do_chbio' in request.form:
+            if len(request.form['bio'].strip()) == 0:
+                err.append("please submit nonempty bio")
+            elif len(request.form['bio']) > 4000:
+                err.append("bio is too long!!")
+            else:
+                db.execute("update users set bio = ? where username = ?", (request.form['bio'], username))
+                db.commit()
+                flash("bio updated successfully")
+
+        if len(err) > 0:
+            for e in err:
+                flash(e)
+        else:
+            return redirect(url_for("user.view_user",username=username))
+        
+    return render_template("user_settings.html",user=user)
-- 
cgit v1.2.3