Corpus first share link

app/corpora/routes.py

@@ -1,3 +1,4 @@
+from datetime import datetime, timedelta
 from flask import (
     abort,
     current_app,
@@ -11,6 +12,7 @@ from flask import (
 )
 from flask_login import current_user, login_required
 from threading import Thread
+import jwt
 import os
 from app import db, hashids
 from app.models import Corpus, CorpusFile, CorpusStatus, CorpusFollowerAssociation, User
@@ -57,6 +59,7 @@ def create_corpus():
 @bp.route('/<hashid:corpus_id>', methods=['GET', 'POST'])
 @login_required
 def corpus(corpus_id):
+    print(corpus_id)
     corpus = Corpus.query.get_or_404(corpus_id)
     if not (corpus.user == current_user
             or current_user.is_administrator()
@@ -72,11 +75,23 @@ def corpus(corpus_id):
         db.session.commit()
         flash('Your changes have been saved')
         return redirect(url_for('.corpus', corpus_id=corpus.id))
+    now = datetime.utcnow()
+    payload = {
+            'iat': now,
+            'iss': current_app.config['SERVER_NAME'],
+            'sub': corpus.hashid
+        }
+    token = jwt.encode(
+            payload,
+            current_app.config['SECRET_KEY'],
+            algorithm='HS256'
+        )
     if corpus.user == current_user:
         return render_template(
             'corpora/corpus.html.j2',
             corpus_settings_form=corpus_settings_form,
             corpus=corpus,
+            token=token,
             title='Corpus'
         )
     else:
@@ -88,8 +103,23 @@ def corpus(corpus_id):
             title='Corpus'
         )
 
+@bp.route('/share/<token>', methods=['GET', 'POST'])
+def share_corpus(token):
+    try:
+        payload = jwt.decode(
+            token,
+            current_app.config['SECRET_KEY'],
+            algorithms=['HS256'],
+            issuer=current_app.config['SERVER_NAME'],
+            options={'require': ['iat', 'iss', 'sub']}
+        )
+    except jwt.PyJWTError:
+        return False
+    corpus_hashid = payload.get('sub')
+    corpus_id = hashids.decode(corpus_hashid)
+    return redirect(url_for('.corpus', corpus_id=corpus_id))
 
-
+    
 # @bp.route('/<hashid:corpus_id>/update')
 # @login_required
 # def update_corpus(corpus_id):
@@ -296,7 +326,7 @@ def follow_corpus(corpus_id):
     if not user.is_following_corpus(corpus):
         user.follow_corpus(corpus)
     db.session.commit()
-    # flash('Hallo Inga Kirschnick')
+    flash(f'You are following {corpus.title} now', category='corpus')
     return {}, 202
 
 @bp.route('/<hashid:corpus_id>/unfollow', methods=['GET', 'POST'])
@@ -315,6 +345,7 @@ def unfollow_corpus(corpus_id):
     if user.is_following_corpus(corpus):
         user.unfollow_corpus(corpus)
     db.session.commit()
+    flash(f'You are not following {corpus.title} anymore', category='corpus')
     return {}, 202
 
 @bp.route('/add_permission/<hashid:corpus_id>/<hashid:user_id>/<int:permission>')