Ver código fonte

resolving issue with login redirects through setting SSL scheme

joel
Simon Bowie 2 anos atrás
pai
commit
da67509703
2 arquivos alterados com 8 adições e 6 exclusões
  1. +1
    -0
      .env.template
  2. +7
    -6
      web/app/auth.py

+ 1
- 0
.env.template Ver arquivo

@@ -6,6 +6,7 @@ FLASK_RUN_HOST=0.0.0.0
FLASK_DEBUG=
SECRET_KEY=
DATABASE_URL=sqlite:///db.sqlite
SSL_SCHEME=

# MariaDB variables (for production only)
MYSQL_ROOT_PASSWORD=

+ 7
- 6
web/app/auth.py Ver arquivo

@@ -11,6 +11,7 @@ from werkzeug.security import generate_password_hash, check_password_hash
from flask_login import login_user, logout_user, login_required
from .models import User
from . import db
import os

auth = Blueprint('auth', __name__)

@@ -32,12 +33,12 @@ def login_post():
# take the user-supplied password, hash it, and compare it to the hashed password in the database
if not user or not check_password_hash(user.password, password):
flash('Please check your login details and try again.')
return redirect(url_for('auth.login',_external=True)) # if the user doesn't exist or password is wrong, reload the page
return redirect(url_for('auth.login',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) # if the user doesn't exist or password is wrong, reload the page

# if the above check passes, then we know the user has the right credentials
login_user(user, remember=remember)
flash(url_for('main.profile',_external=True))
return redirect(url_for('main.profile',_external=True))
flash(url_for('main.profile',_external=True,_scheme=os.environ.get('SSL_SCHEME')))
return redirect(url_for('main.profile',_external=True,_scheme=os.environ.get('SSL_SCHEME')))

# routes for signup page
@auth.route('/signup')
@@ -54,7 +55,7 @@ def signup_post():

if user: # if a user is found, we want to redirect back to signup page so user can try again
flash('Email address already exists')
return redirect(url_for('auth.signup',_external=True))
return redirect(url_for('auth.signup',_external=True,_scheme=os.environ.get('SSL_SCHEME')))

# create a new user with the form data. Hash the password so the plaintext version isn't saved.
new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256'))
@@ -63,11 +64,11 @@ def signup_post():
db.session.add(new_user)
db.session.commit()

return redirect(url_for('auth.login',_external=True))
return redirect(url_for('auth.login',_external=True,_scheme=os.environ.get('SSL_SCHEME')))

# route for logout function
@auth.route('/logout')
@login_required
def logout():
logout_user()
return redirect(url_for('main.index',_external=True))
return redirect(url_for('main.index',_external=True,_scheme=os.environ.get('SSL_SCHEME')))

Carregando…
Cancelar
Salvar