-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathauth.py
103 lines (73 loc) · 3.27 KB
/
auth.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
'''
This is a Blueprint consisting of all routes related to user authentication , like signup, login , logout.
'''
from flask import Blueprint, render_template, redirect, url_for, request, flash
from flask_login import login_user,logout_user, current_user, login_required
from werkzeug.security import generate_password_hash, check_password_hash
from .models_db import User, Service
from . import db
from .forms import *
auth = Blueprint('auth', __name__)
# db.create_all(app=create_app())
@auth.route('/login')
def login():
form = LoginForm(request.form)
return render_template('forms/login.html', form = form)
@auth.route('/signup')
def signup():
form = RegisterForm(request.form)
return render_template('forms/register.html', form = form)
@auth.route('/login', methods = ['POST'])
def login_post():
name = request.form.get('name')
password = request.form.get('password')
remember = True if request.form.get('remember') else False
user = User.query.filter_by(name=name).first()
if not user or not check_password_hash(user.password, password):
flash('\n')
flash('Please check your login details and try again.')
return redirect(url_for('auth.login'))
login_user(user)
servicesall = Service.query.all()
services = []
for service in servicesall:
services.append([service.service_page_call, service.service_name])
if user.user_type == "User":
return render_template('pages/loginSuccess.home.html', name = user.fullname, services = services)
elif user.user_type == "Admin":
return render_template('pages/loginSuccess.Admin.home.html', name = user.fullname, services = services)
@auth.route('/signup', methods=['POST'])
def signup_post():
email = request.form.get('email')
name = request.form.get('name')
password = request.form.get('password')
fullname = request.form.get('fullname')
usertype = "User"
user = User.query.filter_by(email=email).first() # if this returns a user, then the email already exists in database
if user: # if a user is found, we want to redirect back to signup page so user can try again
flash('Email address already exists')
return redirect(url_for('auth.signup'))
user = User.query.filter_by(name=name).first()
if user: # if a user is found, we want to redirect back to signup page so user can try again
flash('Username already exists')
return redirect(url_for('auth.signup'))
# create new user with the form data. Hash the password so plaintext version isn't saved.
new_user = User(email=email, name=name, fullname = fullname, password=generate_password_hash(password, method='sha256'), user_type = usertype)
# add the new user to the database
db.session.add(new_user)
db.session.commit()
flash("Account created. Please login.")
# return redirect(url_for('auth.login'))
return redirect(url_for('auth.login'))
from . import login_manager
@login_manager.unauthorized_handler
def unauthorized():
"""Redirect unauthorized users to Login page."""
flash('You must be logged in to view that page.')
return redirect(url_for('auth.login'))
@auth.route('/logout')
@login_required
def logout():
logout_user()
flash('You were logged out.')
return redirect(url_for('main.home'))