Skip to content
Snippets Groups Projects
view.py 2.34 KiB
Newer Older
Liv.Dornfest's avatar
Liv.Dornfest committed
from flask import redirect, url_for, flash, make_response, render_template
from flask_login import logout_user, login_user, login_required, current_user
from flask_login import login_required, login_user
from . import auth
Liv.Dornfest's avatar
Liv.Dornfest committed
from ..models import User
from ..forms import LoginForm, RegistrationForm
from werkzeug.security import generate_password_hash, check_password_hash
Liv.Dornfest's avatar
Liv.Dornfest committed

Liv.Dornfest's avatar
Liv.Dornfest committed
# Log in as guest
# You can write announcements as guest
Liv.Dornfest's avatar
Liv.Dornfest committed
# And write in the feed
Liv.Dornfest's avatar
Liv.Dornfest committed

@auth.get('/guest')
Liv.Dornfest's avatar
Liv.Dornfest committed
def guest():
Liv.Dornfest's avatar
Liv.Dornfest committed
    response = redirect(url_for('api.index_html'))
Liv.Dornfest's avatar
Liv.Dornfest committed
    return response
Liv.Dornfest's avatar
Liv.Dornfest committed
# Register as a user
@auth.route('/register', methods=['GET','POST'])
def register():
    """ Create a new user """
    form = RegistrationForm()

    if form.validate_on_submit():
Liv.Dornfest's avatar
Liv.Dornfest committed
        existing_user = db.session.query(User).filter(User.username == form.username.data).first()
        
        if existing_user or form.username.data == 'Guest':
Liv.Dornfest's avatar
Liv.Dornfest committed
            response = redirect(url_for('auth.register'))
            flash('Invalid username and/or password, please try again')
Liv.Dornfest's avatar
Liv.Dornfest committed
            return response
            username = form.username.data,
Liv.Dornfest's avatar
Liv.Dornfest committed
            password = generate_password_hash(form.password.data,method='sha256'),
            role = 'USER'
        )

        db.session.add(new_user)
        db.session.commit()
Liv.Dornfest's avatar
Liv.Dornfest committed
        flash('Registered successfully.')
    response = make_response(render_template('./register.html', register_form = form))
Liv.Dornfest's avatar
Liv.Dornfest committed
    response.headers['Content-Type'] = 'text/html'
    return response


@auth.route('/login', methods=['GET', 'POST'])
def login():
Liv.Dornfest's avatar
Liv.Dornfest committed
    if current_user.is_authenticated: # if you are logged in, you cannot log in again
Liv.Dornfest's avatar
Liv.Dornfest committed
        response = redirect(url_for('api.index_html'))
Liv.Dornfest's avatar
Liv.Dornfest committed
        return response
Liv.Dornfest's avatar
Liv.Dornfest committed

    form = LoginForm()
    if form.validate_on_submit():
Liv.Dornfest's avatar
Liv.Dornfest committed
        user = db.session.query(User).filter(User.username == form.username.data).first()
        password = form.password.data
        if user and check_password_hash(user.password,password):
           
Liv.Dornfest's avatar
Liv.Dornfest committed
            response = redirect(url_for('api.index_html'))
Liv.Dornfest's avatar
Liv.Dornfest committed
            return response
Liv.Dornfest's avatar
Liv.Dornfest committed

    response = make_response(render_template('./login.html', form = form))
    return response
Liv.Dornfest's avatar
Liv.Dornfest committed
  
Liv.Dornfest's avatar
Liv.Dornfest committed
@auth.route('/logout')
@login_required
def logout():
    logout_user()
Liv.Dornfest's avatar
Liv.Dornfest committed
    response = redirect(url_for('auth.login'))
Liv.Dornfest's avatar
Liv.Dornfest committed
    return response