diff options
Diffstat (limited to 'app/auth')
| -rw-r--r-- | app/auth/__init__.py | 5 | ||||
| -rw-r--r-- | app/auth/routes.py | 55 |
2 files changed, 60 insertions, 0 deletions
diff --git a/app/auth/__init__.py b/app/auth/__init__.py new file mode 100644 index 0000000..088b033 --- /dev/null +++ b/app/auth/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('auth', __name__) + +from app.auth import routes diff --git a/app/auth/routes.py b/app/auth/routes.py new file mode 100644 index 0000000..792626e --- /dev/null +++ b/app/auth/routes.py @@ -0,0 +1,55 @@ +from flask import render_template, request, url_for, redirect, flash +from werkzeug.security import generate_password_hash, check_password_hash +from flask_login import login_user, current_user, logout_user, login_required + +from app.models.user import User +from app.extensions import db +from app.auth import bp + +@bp.route('/login') +def login(): + return render_template('auth/login.html') + +@bp.route('/login', methods=['POST']) +def login_post(): + email = request.form.get('email') + password = request.form.get('password') + remember = True if request.form.get('remember') else False + + user = User.query.filter_by(email=email).first() + + if not user or not check_password_hash(user.password, password): + flash('Please check your login details and try again.') + return redirect(url_for('auth.login')) + + login_user(user, remember=remember) + return redirect(url_for('main.dashboard')) + +@bp.route('/signup') +def signup(): + return render_template('auth/signup.html') + +@bp.route('/signup', methods=['POST']) +def signup_post(): + email = request.form.get('email') + name = request.form.get('name') + password = request.form.get('password') + + user = User.query.filter_by(email=email).first() + + if user: + flash('Email address already exists') + return redirect(url_for('auth.signup')) + + new_user = User(email=email, name=name, password=generate_password_hash(password, method='pbkdf2')) + + db.session.add(new_user) + db.session.commit() + + return redirect(url_for('auth.login')) + +@bp.route('/logout') +@login_required +def logout(): + logout_user() + return redirect(url_for('auth.login')) |