WP6
/
expub_compendium
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

resolving issue with login redirects through setting SSL scheme

joel
Simon Bowie 2 years ago
parent
00054099a9
commit
da67509703
2 changed files with 8 additions and 6 deletions
Unified View Show Diff Stats
  1. +1
    -0
      .env.template
  2. +7
    -6
      web/app/auth.py

+ 1
- 0
.env.template View File

FLASK_DEBUG= FLASK_DEBUG=
SECRET_KEY= SECRET_KEY=
DATABASE_URL=sqlite:///db.sqlite DATABASE_URL=sqlite:///db.sqlite
SSL_SCHEME=


# MariaDB variables (for production only) # MariaDB variables (for production only)
MYSQL_ROOT_PASSWORD= MYSQL_ROOT_PASSWORD=

+ 7
- 6
web/app/auth.py View File

from flask_login import login_user, logout_user, login_required from flask_login import login_user, logout_user, login_required
from .models import User from .models import User
from . import db from . import db
import os


auth = Blueprint('auth', __name__) auth = Blueprint('auth', __name__)


# take the user-supplied password, hash it, and compare it to the hashed password in the database # take the user-supplied password, hash it, and compare it to the hashed password in the database
if not user or not check_password_hash(user.password, password): if not user or not check_password_hash(user.password, password):
flash('Please check your login details and try again.') flash('Please check your login details and try again.')
return redirect(url_for('auth.login',_external=True)) # if the user doesn't exist or password is wrong, reload the page
return redirect(url_for('auth.login',_external=True,_scheme=os.environ.get('SSL_SCHEME'))) # if the user doesn't exist or password is wrong, reload the page


# if the above check passes, then we know the user has the right credentials # if the above check passes, then we know the user has the right credentials
login_user(user, remember=remember) login_user(user, remember=remember)
flash(url_for('main.profile',_external=True))
return redirect(url_for('main.profile',_external=True))
flash(url_for('main.profile',_external=True,_scheme=os.environ.get('SSL_SCHEME')))
return redirect(url_for('main.profile',_external=True,_scheme=os.environ.get('SSL_SCHEME')))


# routes for signup page # routes for signup page
@auth.route('/signup') @auth.route('/signup')


if user: # if a user is found, we want to redirect back to signup page so user can try again if user: # if a user is found, we want to redirect back to signup page so user can try again
flash('Email address already exists') flash('Email address already exists')
return redirect(url_for('auth.signup',_external=True))
return redirect(url_for('auth.signup',_external=True,_scheme=os.environ.get('SSL_SCHEME')))


# create a new user with the form data. Hash the password so the plaintext version isn't saved. # create a new user with the form data. Hash the password so the plaintext version isn't saved.
new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256')) new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256'))
db.session.add(new_user) db.session.add(new_user)
db.session.commit() db.session.commit()


return redirect(url_for('auth.login',_external=True))
return redirect(url_for('auth.login',_external=True,_scheme=os.environ.get('SSL_SCHEME')))


# route for logout function # route for logout function
@auth.route('/logout') @auth.route('/logout')
@login_required @login_required
def logout(): def logout():
logout_user() logout_user()
return redirect(url_for('main.index',_external=True))
return redirect(url_for('main.index',_external=True,_scheme=os.environ.get('SSL_SCHEME')))

Write Preview
Loading…
Cancel
Save