diff --git a/app.py b/app.py index 9d38e8a..0d35a72 100644 --- a/app.py +++ b/app.py @@ -27,7 +27,7 @@ def home(): log.debug("in home") log.debug("session = %s", session) if "user" not in session: - return redirect(url_for('register')) + return redirect(url_for("register", target="/")) return render_template("home.html") @app.route("/register", methods=["GET", "POST"]) @@ -54,9 +54,14 @@ def register(): csr.execute( "insert into bod(email, key, keychange) values(%s, %s, now())", (email_address, key,)) - confirmation_url = url_for("confirm", - target=request.form["target"], - key=key) + log.debug("request.scheme = %s", request.scheme) + log.debug("request.server = %s", request.server) + log.debug("request.root_url = %s", request.root_url) + confirmation_url = \ + request.root_url + \ + url_for("confirm", + target=request.form["target"], + key=key) send_mail(email_address, confirmation_url) return render_template("wait_for_confirmation.html") @@ -73,6 +78,8 @@ def confirm(): @app.route("/vote/<string:key>") def vote(key): log.debug("session = %s", session) + if "user" not in session: + return redirect(url_for("register", target=request.url)) csr = get_cursor() csr.execute("select * from meet where key = %s", (key,)) meet = csr.fetchone() @@ -126,7 +133,9 @@ def vote_date(): abort(400) meet_id = r[0].meet - csr.execute("delete from date_vote where date = any (%s)", (date_ids,)) + csr.execute( + "delete from date_vote where date = any (%s) and bod = %s", + (date_ids, session["user"]["id"])) for pos, date_id in enumerate(date_ids): csr.execute( "insert into date_vote(date, bod, position) values(%s, %s, %s)", @@ -160,7 +169,9 @@ def vote_time(): abort(400) meet_id = r[0].meet - csr.execute("delete from time_vote where time = any (%s)", (time_ids,)) + csr.execute( + "delete from time_vote where time = any (%s) and bod = %s", + (time_ids, session["user"]["id"])) for pos, time_id in enumerate(time_ids): csr.execute( "insert into time_vote(time, bod, position) values(%s, %s, %s)", @@ -194,7 +205,9 @@ def vote_place(): abort(400) meet_id = r[0].meet - csr.execute("delete from place_vote where place = any (%s)", (place_ids,)) + csr.execute( + "delete from place_vote where place = any (%s) and bod = %s", + (place_ids, session["user"]["id"])) for pos, place_id in enumerate(place_ids): csr.execute( "insert into place_vote(place, bod, position) values(%s, %s, %s)", diff --git a/requirements.txt b/requirements.txt index d598ec8..7896ff1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ flask -procrusql +procrusql >= 0.0.10 psycopg psycopg2 +gunicorn diff --git a/static/style.css b/static/style.css index 0855d81..1ae6d10 100644 --- a/static/style.css +++ b/static/style.css @@ -12,6 +12,10 @@ body { border-radius: 0.2em; } +.blue-background-class { + background: #CDF; +} + body { display: grid; } diff --git a/templates/vote.html b/templates/vote.html index debea0f..6d95a0f 100644 --- a/templates/vote.html +++ b/templates/vote.html @@ -53,7 +53,7 @@ </div> </body> <script> - htmx.onLoad(function(content) { + function activateSortables(element) { var sortables = document.querySelectorAll(".sortable"); for (const sortable of sortables) { console.debug("making", sortable, "sortable") @@ -62,7 +62,10 @@ ghostClass: 'blue-background-class' }); } - }) + } + + activateSortables(document) + //htmx.onLoad(function(content) { activateSortables(content) } </script> </html>