WP6
/
expub_compendium
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
7 Révisions
3 Branches
Aborescence: 1d3ae0e1ba
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '1d3ae0e1ba'
${ noResults }
expub_compendium/web/app/auth.py

auth.py 2.7KB
Brut Vue normale Historique

Added comments, updated Bootstrap
il y a 3 ans
Initial commit
il y a 3 ans
Added comments, updated Bootstrap
il y a 3 ans
Initial commit
il y a 3 ans
Added comments, updated Bootstrap
il y a 3 ans
Initial commit
il y a 3 ans
Added comments, updated Bootstrap
il y a 3 ans
Initial commit
il y a 3 ans
Added comments, updated Bootstrap
il y a 3 ans
Initial commit
il y a 3 ans
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. # @name: auth.py

  2. # @version: 0.1

  3. # @creation_date: 2021-10-20

  4. # @license: The MIT License <https://opensource.org/licenses/MIT>

  5. # @author: Simon Bowie <ad7588@coventry.ac.uk>

  6. # @purpose: auth route for authorisation functions like logging in, signing up, and logging out

  7. # @acknowledgements:

  8. # https://www.digitalocean.com/community/tutorials/how-to-add-authentication-to-your-app-with-flask-login

  9. 

  10. from flask import Blueprint, render_template, redirect, url_for, request, flash

  11. from werkzeug.security import generate_password_hash, check_password_hash

  12. from flask_login import login_user, logout_user, login_required

  13. from .models import User

  14. from . import db

  15. 

  16. auth = Blueprint('auth', __name__)

  17. 

  18. # routes for login page

  19. @auth.route('/login')

  20. def login():

  21.     return render_template('login.html')

  22. 

  23. @auth.route('/login', methods=['POST'])

  24. def login_post():

  25.     email = request.form.get('email')

  26.     password = request.form.get('password')

  27.     remember = True if request.form.get('remember') else False

  28. 

  29.     # SQLAlchemy query to get user data based on their email

  30.     user = User.query.filter_by(email=email).first()

  31. 

  32.     # check if the user actually exists

  33.     # take the user-supplied password, hash it, and compare it to the hashed password in the database

  34.     if not user or not check_password_hash(user.password, password):

  35.         flash('Please check your login details and try again.')

  36.         return redirect(url_for('auth.login')) # if the user doesn't exist or password is wrong, reload the page

  37. 

  38.     # if the above check passes, then we know the user has the right credentials

  39.     login_user(user, remember=remember)

  40.     return redirect(url_for('main.profile'))

  41. 

  42. # routes for signup page

  43. @auth.route('/signup')

  44. def signup():

  45.     return render_template('signup.html')

  46. 

  47. @auth.route('/signup', methods=['POST'])

  48. def signup_post():

  49.     email = request.form.get('email')

  50.     name = request.form.get('name')

  51.     password = request.form.get('password')

  52. 

  53.     user = User.query.filter_by(email=email).first() # if this returns a user, then the email already exists in database

  54. 

  55.     if user: # if a user is found, we want to redirect back to signup page so user can try again

  56.         flash('Email address already exists')

  57.         return redirect(url_for('auth.signup'))

  58. 

  59.     # create a new user with the form data. Hash the password so the plaintext version isn't saved.

  60.     new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256'))

  61. 

  62.     # add the new user to the database

  63.     db.session.add(new_user)

  64.     db.session.commit()

  65. 

  66.     return redirect(url_for('auth.login'))

  67. 

  68. # route for logout function

  69. @auth.route('/logout')

  70. @login_required

  71. def logout():

  72.     logout_user()

  73.     return redirect(url_for('main.index'))