-
-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy pathauth.py
98 lines (79 loc) · 3.08 KB
/
auth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
"""Routes for user authentication."""
from typing import Optional
from flask import Blueprint, Response, flash, redirect, render_template, request, url_for
from flask_login import current_user, login_user
from flask_session_tutorial import login_manager
from flask_session_tutorial.forms import LoginForm, SignupForm
from flask_session_tutorial.models import User, db
# Blueprint Configuration
auth_blueprint = Blueprint("auth", __name__, template_folder="templates", static_folder="static")
@auth_blueprint.route("/signup", methods=["GET", "POST"])
def signup() -> Response:
"""
View for new users to sign up with new accounts.
GET: Serve sign-up page.
POST: Validate form, create account, redirect user to dashboard.
:response: Response
"""
form = SignupForm()
if form.validate_on_submit():
existing_user = User.query.filter_by(email=form.user_email.data).first()
if existing_user is None:
user = User(name=form.name.data, email=form.user_email.data, website=form.website.data)
user.set_password(form.user_password.data)
db.session.add(user)
db.session.commit() # Create new user
login_user(user) # Log in as newly created user
return redirect(url_for("main.dashboard"))
flash("A user already exists with that email address.")
return render_template(
"signup.jinja2",
title="Create an Account.",
form=form,
template="signup-page",
body="Sign up for a user account.",
)
@auth_blueprint.route("/", methods=["GET", "POST"])
def login() -> Response:
"""
Log-in page for registered users.
GET: Serve Log-in page.
POST: Validate form and redirect user to dashboard.
:returns: Response
"""
if current_user.is_authenticated:
return redirect(url_for("main.dashboard")) # Bypass if user is logged in
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.user_email.data).first() # Validate Login Attempt
if user and user.check_password(password=form.user_password.data):
login_user(user)
next_page = request.args.get("next")
return redirect(next_page or url_for("main.dashboard"))
flash("Invalid username/password combination")
return redirect(url_for("auth.login"))
return render_template(
"login.jinja2",
form=form,
title="Log In",
template="login-page",
body="Log in with your User account.",
)
@login_manager.user_loader
def load_user(user_id: int) -> Optional[User]:
"""
Check if user is logged-in upon page load.
:param int user_id: Primary user ID to load from database, if exists.
:returns: Optional[User]
"""
if user_id is not None:
return User.query.get(user_id)
return None
@login_manager.unauthorized_handler
def unauthorized() -> Response:
"""
Redirect unauthorized users to Login page.
:returns: Response
"""
flash("You must be logged in to view that page.")
return redirect(url_for("auth.login"))