From 7c4bd7e8d28f0504e7bc8ed3fa9017b210f4d960 Mon Sep 17 00:00:00 2001
From: Seligmann <zachary.a.seligman@gmail.com>
Date: Sat, 26 Mar 2022 19:15:45 -0500
Subject: [PATCH] protections added

---
 flash_auth_app/project/__init__.py | 13 +++++++++++++
 flash_auth_app/project/auth.py     | 12 +++++++-----
 flash_auth_app/project/main.py     |  8 ++++----
 flash_auth_app/project/models.py   |  3 ++-
 4 files changed, 26 insertions(+), 10 deletions(-)

diff --git a/flash_auth_app/project/__init__.py b/flash_auth_app/project/__init__.py
index 651a1d3..004b7e4 100644
--- a/flash_auth_app/project/__init__.py
+++ b/flash_auth_app/project/__init__.py
@@ -1,5 +1,6 @@
 from flask import Flask
 from flask_sqlalchemy import SQLAlchemy
+from flask_login import LoginManager
 
 # init SQLAlchemy
 db = SQLAlchemy()
@@ -12,6 +13,18 @@ def create_app():
 
     db.init_app(app)
 
+    login_manager = LoginManager()
+    login_manager.login_view = 'auth.login'
+    login_manager.init_app(app)
+
+    from .models import User
+
+    @login_manager.user_loader
+    def load_user(user_id):
+        return User.query.get(int(user_id))
+
+    # idk if i need the rest of this shit below
+
     # blueprint for auth routes in app
     from .auth import auth as auth_blueprint
     app.register_blueprint(auth_blueprint)
diff --git a/flash_auth_app/project/auth.py b/flash_auth_app/project/auth.py
index db5ff21..7912e10 100644
--- a/flash_auth_app/project/auth.py
+++ b/flash_auth_app/project/auth.py
@@ -1,4 +1,5 @@
 from flask import Blueprint, render_template, redirect, url_for, request, flash
+from flask_login import login_user, current_user, login_required, logout_user
 from werkzeug.security import generate_password_hash, check_password_hash
 from .models import User
 from . import db
@@ -15,8 +16,7 @@ There will also be routes for handling POST requests from login and signup
 
 @auth.route('/login')
 def login():
-    # return render_template('login.html')
-    return 'Login'  # placeholder
+    return render_template('login.html')
 
 @auth.route('/login', methods=['POST'])
 def login_post():
@@ -31,13 +31,13 @@ def login_post():
         flash('Please check your login details and try again.')
         return redirect(url_for('auth.login'))
 
+    login_user(user, remember=remember)
     return redirect(url_for('main.profile'))
 
 
 @auth.route('/signup')
 def signup():
-    # return render_template('signup.html')
-    return 'Signup'  # placeholder
+    return render_template('signup.html')
 
 
 @auth.route('/signup', methods=['POST'])
@@ -63,5 +63,7 @@ def signup_post():
 
 
 @auth.route('/logout')
+@login_required
 def logout():
-    return 'Logout'  # placeholder
+    logout_user()
+    return redirect(url_for('main.index'))
diff --git a/flash_auth_app/project/main.py b/flash_auth_app/project/main.py
index 0bc4056..99c6ad9 100644
--- a/flash_auth_app/project/main.py
+++ b/flash_auth_app/project/main.py
@@ -1,14 +1,14 @@
 from flask import Blueprint
+from flask_login import login_required, current_user
 from . import db
 
 main = Blueprint('main', __name__)
 
 @main.route('/')
 def index():
-    # return render_template('index.html')
-    return 'Index'  # placeholder
+    return render_template('index.html')
 
 @main.route('/profile')
+@login_required
 def profile():
-    # return render_template('profile.html')
-    return 'Profile'  # placeholder
\ No newline at end of file
+    return render_template('profile.html', name=current_user.name)
\ No newline at end of file
diff --git a/flash_auth_app/project/models.py b/flash_auth_app/project/models.py
index d435ccf..555cb34 100644
--- a/flash_auth_app/project/models.py
+++ b/flash_auth_app/project/models.py
@@ -1,6 +1,7 @@
+from flask_login import UserMixin
 from . import db
 
-class User(db.Model):
+class User(UserMixin, db.Model):
     id = db.Column(db.Integer, primary_key=True)
     email = db.Column(db.String(100), unique=True)
     password = db.Column(db.String(100))