Merge pull request #18 from Demindiro/anonymous-create-thread

main.py

@@ -186,23 +186,30 @@ def user_info(user_id):
 @app.route('/forum/<int:forum_id>/new/', methods = ['GET', 'POST'])
 def new_thread(forum_id):
     user_id = session.get('user_id')
-    if user_id is None:
+    if user_id is None and not config.registration_enabled:
+        # Can't create a thread without an account
         return redirect(url_for('login'))
 
     if request.method == 'POST':
-        title, text = request.form['title'].strip(), trim_text(request.form['text'])
-        title = title.strip()
-        if title == '' or text == '':
-            flash('Title and text may not be empty', 'error')
-            return redirect(url_for('forum', forum_id = forum_id))
-        id = db.add_thread(user_id, forum_id, title, text, time.time_ns())
-        if id is None:
-            flash('Failed to create thread', 'error')
-            return redirect(url_for('forum', forum_id = forum_id))
-        else:
-            id, = id
-            flash('Created thread', 'success')
-            return redirect(url_for('thread', thread_id = id))
+        if user_id is None:
+            # Attempt to create a user account first
+            if register_user(True):
+                user_id = session['user_id']
+
+        if user_id is not None:
+            title, text = request.form['title'].strip(), trim_text(request.form['text'])
+            title = title.strip()
+            if title == '' or text == '':
+                flash('Title and text may not be empty', 'error')
+                return redirect(url_for('forum', forum_id = forum_id))
+            id = db.add_thread(user_id, forum_id, title, text, time.time_ns())
+            if id is None:
+                flash('Failed to create thread', 'error')
+                return redirect(url_for('forum', forum_id = forum_id))
+            else:
+                id, = id
+                flash('Created thread', 'success')
+                return redirect(url_for('thread', thread_id = id))
 
     return render_template(
         'new_thread.html',

static/theme.css

@@ -46,6 +46,7 @@ table {
 }
 
 tr:not(:last-child) {
+	/* FIXME this is sometimes invisible depending on zoom level in Firefox. */
 	border-bottom: 1px solid;
 }
 
@@ -83,7 +84,6 @@ form.form {
 }
 
 table.form {
-	border-collapse: unset;
 	width: 100%;
 }
 

templates/new_thread.html

@@ -1,17 +1,45 @@
 {% extends 'base.html' %}
 
 {% block content %}
+{%- if user is none -%}
+<form method="post">
+	{#-
+		Using the password generator for usernames should be sufficient to ensure it is unique.
+		If not, it means the password generator is broken and *must* be fixed.
+	-#}
+	<input type=text name=username value="{{ rand_password() }}" hidden>
+	<input type=password name=password value="{{ rand_password() }}" hidden>
+	{%- set q, a = gen_captcha() -%}
+	<input type=text name=answer value="{{ a }}" hidden>
+	<table class=form>
+		<tr>
+			<td>Title</td>
+			<td><input type="text" name="title" required></td>
+		</tr>
+		<tr>
+			<td>Text</td>
+			<td><textarea name="text" required></textarea></td>
+		</tr>
+		<tr>
+			<td>{{ q }}</td>
+			<td><input type=text name=captcha required></td>
+		</tr>
+	</table>
+	<p><input type="submit" value="Register & post"> (<a href="{{ url_for('login') }}">I already have an account</a>)</p>
+</form>
+{%- else -%}
 <form method="post">
 	<table class=form>
 		<tr>
 			<td>Title</td>
-			<td><input type="text" name="title"></td>
+			<td><input type="text" name="title" required></td>
 		</tr>
 		<tr>
 			<td>Text</td>
-			<td><textarea name="text"></textarea></td>
+			<td><textarea name="text" required></textarea></td>
 		</tr>
 	</table>
 	<p><input type="submit" value="Post"></p>
 </form>
+{%- endif -%}
 {% endblock %}