A feature-rich, modular web blog application built with Flask and Python.
- Features
- Technologies Used
- Installation
- Configuration
- Project Structure
- Usage
- Future Enhancements
- License
- User Registration: Create an account with username, email, and secure password
- Authentication System: Login with remembered sessions and secure cookies
- Profile Management: Update personal information and profile picture
- Password Reset: Recover account access via email
- Create Posts: Write and publish blog posts with rich text content
- Update Posts: Edit existing content with version tracking
- Delete Posts: Remove published content with confirmation
- View Posts: Read full articles with author information
- Responsive Design: Optimized for all device sizes
- Pagination: Navigate through posts efficiently
- User Profiles: View all posts by a specific author
- Error Pages: Custom 404, 403, and 500 error pages
- Search: Find posts by keywords in title or content
- Latest Posts: Quick access to the most recent content
- Blog Statistics: View post and user counts
- Calendar: Interactive monthly calendar widget
- Backend: Python, Flask, SQLAlchemy, Flask-Bcrypt
- Frontend: HTML, CSS, Bootstrap 4, Jinja2 Templates
- Database: SQLite (easily configurable for other databases)
- Authentication: Flask-Login, itsdangerous for secure tokens
- Forms: WTForms with validation
- Email: Flask-Mail for password recovery
- Image Processing: Pillow for profile picture resizing
-
Clone the repository:
git clone https://github.com/yrzito/FlaskBlog.git cd FlaskBlog -
Set up a virtual environment:
python -m venv venv # On Windows venv\Scripts\activate # On macOS/Linux source venv/bin/activate
-
Install dependencies:
pip install -r requirements.txt
-
Generate a Secret Key: You need a secure secret key for the application. You can generate one using Python:
# In a Python terminal import secrets secrets.token_hex(16) # Output: '5d677f8902a7d99a760da7b95171d255' (example)
Save this key for the next step.
-
Configure the application: Choose one of the configuration methods below (JSON file or environment variables).
-
Initialize the database:
# Run in Python shell from app import create_app, db app = create_app() with app.app_context(): db.create_all()
There are two ways to configure the application: using a JSON file or environment variables. Choose the method that best fits your workflow and security requirements.
To configure the application using a JSON file:
import os
import json
# Load configuration from an external JSON file
with open("/etc/configFlaskBlog.json") as config_file:
config = json.load(config_file)
class Config:
# Application settings
SECRET_KEY = config.get("SECRET_KEY")
SQLALCHEMY_DATABASE_URI = config.get("SQLALCHEMY_DATABASE_URI")
# Email server settings
MAIL_SERVER = "smtp.googlemail.com"
MAIL_PORT = 587
MAIL_USE_TLS = True
MAIL_USERNAME = config.get("EMAIL_USER")
MAIL_PASSWORD = config.get("EMAIL_PASS")Steps to Set Up:
-
Create a JSON file at
/etc/configFlaskBlog.jsonwith the following structure:{ "SECRET_KEY": "your_secure_secret_key", "SQLALCHEMY_DATABASE_URI": "sqlite:///site.db", "EMAIL_USER": "your_email@gmail.com", "EMAIL_PASS": "your_email_password" } -
Secure the configuration file:
sudo chmod 600 /etc/configFlaskBlog.json
Alternatively, you can use environment variables for a more flexible and secure approach, especially in production or containerized environments:
- Modify the Config class in
app/config.py:
import os
class Config:
# Application settings
SECRET_KEY = os.environ.get('SECRET_KEY')
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL', 'sqlite:///site.db')
# Email server settings
MAIL_SERVER = os.environ.get('MAIL_SERVER', 'smtp.googlemail.com')
MAIL_PORT = int(os.environ.get('MAIL_PORT', 587))
MAIL_USE_TLS = os.environ.get('MAIL_USE_TLS', 'True') == 'True'
MAIL_USERNAME = os.environ.get('EMAIL_USER')
MAIL_PASSWORD = os.environ.get('EMAIL_PASS')-
Set environment variables before running the application:
For Linux/macOS:
export SECRET_KEY="your_generated_secret_key" export DATABASE_URL="sqlite:///site.db" export EMAIL_USER="your_email@gmail.com" export EMAIL_PASS="your_email_password"
For Windows (Command Prompt):
set SECRET_KEY=your_generated_secret_key set DATABASE_URL=sqlite:///site.db set EMAIL_USER=your_email@gmail.com set EMAIL_PASS=your_email_password
For Windows (PowerShell):
$env:SECRET_KEY="your_generated_secret_key" $env:DATABASE_URL="sqlite:///site.db" $env:EMAIL_USER="your_email@gmail.com" $env:EMAIL_PASS="your_email_password"
-
For production environments, consider using a
.envfile with a package like python-dotenv:Install the package:
pip install python-dotenv
Create a
.envfile in the project root (and add it to.gitignore):SECRET_KEY=your_generated_secret_key DATABASE_URL=sqlite:///site.db EMAIL_USER=your_email@gmail.com EMAIL_PASS=your_email_passwordThen update Config class:
import os from dotenv import load_dotenv # Load environment variables from .env file load_dotenv() class Config: SECRET_KEY = os.environ.get('SECRET_KEY') # ... rest of your configuration ...
SECRET_KEY: Used for securing sessions and tokens (generate withsecrets.token_hex())SQLALCHEMY_DATABASE_URI/DATABASE_URL: Database connection stringEMAIL_USER: Email address for password reset functionalityEMAIL_PASS: Email password or app password (for Gmail)MAIL_SERVER: SMTP server address (default: smtp.googlemail.com)MAIL_PORT: SMTP server port (default: 587)MAIL_USE_TLS: Whether to use TLS encryption (default: True)
For production environments, never hardcode sensitive information. Use environment variables or external configuration files with restricted permissions. Make sure your secret key is:
- Sufficiently random (use
secrets.token_hex()) - At least 16 bytes long (32 hex characters)
- Kept confidential and not committed to version control
FlaskBlog/
โโโ app/ # Application package
โ โโโ __init__.py # Application factory
โ โโโ config.py # Configuration
โ โโโ models.py # Database models
โ โโโ errors/ # Error handlers
โ โโโ main/ # Main routes blueprint
โ โโโ posts/ # Post management blueprint
โ โโโ users/ # User management blueprint
โ โโโ utils/ # Utility functions
โ โโโ static/ # Static files (CSS, JS, etc.)
โ โโโ templates/ # Jinja2 templates
โโโ instance/ # Application database
โโโ README.md # Project documentation and setup instructions
โโโ requirements.txt # Python dependencies
โโโ LICENSE # MIT License file
โโโ run.py # Application entry point
-
Start the development server:
python run.py
-
Access the application: Open your browser and navigate to
http://localhost:5000 -
Register an account: Click "Register" and fill in your details
-
Create your first post: After logging in, click "New Post" to create content
- Comments System: Allow discussions on posts
- Tags and Categories: Organize content by topic
- User Roles: Admin, editor, and reader permissions
- Rich Text Editor: Enhanced post formatting options
- Social Media Integration: Share posts on various platforms
- Search Enhancements: Advanced filtering options
- Analytics Dashboard: Track post views and engagement
- Favorite Posts: Allow users to bookmark content
This project is licensed under the MIT License - see the LICENSE file for details.