2 změnil soubory, kde provedl 8 přidání a 6 odebrání
+ 1
- 0
.env.template
Zobrazit soubor
| @@ -6,6 +6,7 @@ FLASK_RUN_HOST=0.0.0.0 | |||
| FLASK_DEBUG= | |||
| SECRET_KEY= | |||
| DATABASE_URL=sqlite:///db.sqlite | |||
| SSL_SCHEME= | |||
| # MariaDB variables (for production only) | |||
| MYSQL_ROOT_PASSWORD= | |||
+ 7
- 6
web/app/auth.py
Zobrazit soubor
| @@ -11,6 +11,7 @@ from werkzeug.security import generate_password_hash, check_password_hash | |||
| from flask_login import login_user, logout_user, login_required | |||
| from .models import User | |||
| from . import db | |||
| import os | |||
| auth = Blueprint('auth', __name__) | |||
| @@ -32,12 +33,12 @@ def login_post(): | |||
| # take the user-supplied password, hash it, and compare it to the hashed password in the database | |||
| if not user or not check_password_hash(user.password, password): | |||
| flash('Please check your login details and try again.') | |||
| return redirect(url_for('auth.login',_external=True)) # if the user doesn't exist or password is wrong, reload the page | |||
| return redirect(url_for('auth.login',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) # if the user doesn't exist or password is wrong, reload the page | |||
| # if the above check passes, then we know the user has the right credentials | |||
| login_user(user, remember=remember) | |||
| flash(url_for('main.profile',_external=True)) | |||
| return redirect(url_for('main.profile',_external=True)) | |||
| flash(url_for('main.profile',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) | |||
| return redirect(url_for('main.profile',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) | |||
| # routes for signup page | |||
| @auth.route('/signup') | |||
| @@ -54,7 +55,7 @@ def signup_post(): | |||
| if user: # if a user is found, we want to redirect back to signup page so user can try again | |||
| flash('Email address already exists') | |||
| return redirect(url_for('auth.signup',_external=True)) | |||
| return redirect(url_for('auth.signup',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) | |||
| # create a new user with the form data. Hash the password so the plaintext version isn't saved. | |||
| new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256')) | |||
| @@ -63,11 +64,11 @@ def signup_post(): | |||
| db.session.add(new_user) | |||
| db.session.commit() | |||
| return redirect(url_for('auth.login',_external=True)) | |||
| return redirect(url_for('auth.login',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) | |||
| # route for logout function | |||
| @auth.route('/logout') | |||
| @login_required | |||
| def logout(): | |||
| logout_user() | |||
| return redirect(url_for('main.index',_external=True)) | |||
| return redirect(url_for('main.index',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) | |||
Načítá se…