xevion/runnerspace
1
0
Fork 0
mirror of https://github.com/Xevion/runnerspace.git synced 2025-12-14 08:12:51 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
3fd92689d9351a3f2eddbeedb13b79526bf9f5ad
runnerspace/flash_auth_app/project/auth.py
Seligmann 7c4bd7e8d2 protections added
2022-03-26 19:15:45 -05:00

70 lines
2.0 KiB
Python
Raw Blame History

from flask import Blueprint, render_template, redirect, url_for, request, flash
from flask_login import login_user, current_user, login_required, logout_user
from werkzeug.security import generate_password_hash, check_password_hash
from .models import User
from . import db
auth = Blueprint('auth', __name__)
'''
FIXME this will have to be revisited later with added funcitonality,
as right now `login`, `signup`, and `logout` only return text
There will also be routes for handling POST requests from login and signup
'''
@auth.route('/login')
def login():
return render_template('login.html')
@auth.route('/login', methods=['POST'])
def login_post():
email = request.form.get('email')
password = request.form.get('password')
remember = True if request.form.get('remember') else False
user = User.query.filter_by(email=email).first()
# check if the user actually exists, and compare password given
if not user or not check_password_hash(user.password, password):
flash('Please check your login details and try again.')
return redirect(url_for('auth.login'))
login_user(user, remember=remember)
return redirect(url_for('main.profile'))
@auth.route('/signup')
def signup():
return render_template('signup.html')
@auth.route('/signup', methods=['POST'])
def signup_post():
# validate and add user to db
email = request.form.get('email')
name = request.form.get('name')
password = request.form.get('password')
user = User.query.filter_by(email=email).first() # Check if the email exists
if user: # redirect back to sign-up page
flash('Email address already exists')
return(redirect(url_for('auth.signup')))
# Create new user with form data
new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256'))
# Add new user to db
db.session.add(new_user)
db.session.commit()
return redirect(url_for('auth.login'))
@auth.route('/logout')
@login_required
def logout():
logout_user()
return redirect(url_for('main.index'))
Reference in New Issue View Git Blame Copy Permalink