73 lines
3.8 KiB
Python
73 lines
3.8 KiB
Python
########################################################################################
|
|
###################### Import packages ###################################
|
|
########################################################################################
|
|
from flask import render_template, redirect, url_for, request, flash
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
|
from ...models.users import User
|
|
#from flask_login import login_user, logout_user, login_required, current_user
|
|
import xml.dom.minidom
|
|
|
|
from . import bp
|
|
from ...libraries.flask_login_pum import login_user, logout_user, login_required
|
|
from ...extensions import db
|
|
|
|
|
|
@bp.route('/login', methods=['GET', 'POST']) # define login page path
|
|
def login(): # define login page fucntion
|
|
if request.method=='GET': # if the request is a GET we return the login page
|
|
return render_template('auth/login.html')
|
|
else: # if the request is POST the we check if the user exist and with te right password
|
|
log_type = request.form.get('log_type')
|
|
print(log_type)
|
|
|
|
email = request.form.get('email')
|
|
# name = request.form.get('name')
|
|
password = request.form.get('password')
|
|
remember = True if request.form.get('remember') else False
|
|
# user_name = User.query.filter_by(name=name).first()
|
|
user_email = User.query.filter_by(name=email).first()
|
|
|
|
# print(user_name)
|
|
print(user_email)
|
|
# check if the user actually exists
|
|
# take the user-supplied password, hash it, and compare it to the hashed password in the database
|
|
if not user_email:
|
|
flash('Not in user list!')
|
|
# return redirect(url_for('auth.signup'))
|
|
return redirect(url_for('auth.login'))
|
|
elif not check_password_hash(user_email.password, password):
|
|
flash('Please check your login details and try again.')
|
|
return redirect(url_for('auth.login')) # if the user doesn't exist or password is wrong, reload the page
|
|
# if the above check passes, then we know the user has the right credentials
|
|
login_user(user_email, remember=remember)
|
|
return redirect(url_for('main.home'))
|
|
|
|
|
|
@bp.route('/signup', methods=['GET', 'POST'])# we define the sign up path
|
|
def signup(): # define the sign up function
|
|
if request.method=='GET': # If the request is GET we return the sign up page and forms
|
|
return render_template('auth/signup.html')
|
|
else: # if the request is POST, then we check if the email doesn't already exist and then we save data
|
|
email = request.form.get('email')
|
|
# name = request.form.get('name')
|
|
password = request.form.get('password')
|
|
user = User.query.filter_by(email=email).first() # if this returns a user, then the email already exists in database
|
|
# user = User.query.filter_by(name=name).first() # if this returns a user, then the email already exists in database
|
|
|
|
if user: # if a user is found, we want to redirect back to signup page so user can try again
|
|
flash('Name already exists')
|
|
return redirect(url_for('auth.signup'))
|
|
# create a new user with the form data. Hash the password so the plaintext version isn't saved.
|
|
new_user = User(email=email, password=generate_password_hash(password, method='sha256'))
|
|
# new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256'))
|
|
# new_user = User(name=name, password=generate_password_hash(password, method='scrypt')) #
|
|
# add the new user to the database
|
|
db.session.add(new_user)
|
|
db.session.commit()
|
|
return redirect(url_for('auth.login'))
|
|
|
|
@bp.route('/logout') # define logout path
|
|
@login_required
|
|
def logout(): #define the logout function
|
|
logout_user()
|
|
return redirect(url_for('main.index')) |