diff --git a/app/auth.py b/app/auth.py index 30cf518..259d7b1 100644 --- a/app/auth.py +++ b/app/auth.py @@ -36,11 +36,12 @@ def get_active_user() -> Users | None: sess = Sessions.find({'key': session['pyrom_session_key']}) return Users.find({'id': sess.user_id}) -def create_session(user_id): +def create_session(user_id, temporary=False): + expires_days = 2 if temporary else 31 return Sessions.create({ 'key': secrets.token_hex(16), 'user_id': user_id, - 'expires_at': int(time.time()) + (31 * 24 * 60 * 60), + 'expires_at': int(time.time()) + (expires_days * 24 * 60 * 60), }) # annotations @@ -48,7 +49,7 @@ def login_required(view_func): @wraps(view_func) def wrapper(*args, **kwargs): if not is_logged_in(): - return redirect(url_for('users.log_in_page')) + return redirect(url_for('users.log_in')) return view_func(*args, **kwargs) return wrapper diff --git a/app/routes/users.py b/app/routes/users.py index d435a10..3194e66 100644 --- a/app/routes/users.py +++ b/app/routes/users.py @@ -1,28 +1,46 @@ from flask import Blueprint, redirect, url_for, render_template, request, session +from functools import wraps -from ..auth import digest, verify, create_session +from ..auth import digest, verify, create_session, is_logged_in from ..models import Users bp = Blueprint('users', __name__, url_prefix='/users/') +def redirect_if_logged_in(destination='topics.all_topics'): + def decorator(view_func): + @wraps(view_func) + def wrapper(*args, **kwargs): + if is_logged_in(): + return redirect(url_for(destination)) + return view_func(*args, **kwargs) + return wrapper + return decorator + @bp.get('/log-in') -def log_in_page(): - return 'stub/please log in' +@redirect_if_logged_in() +def log_in(): + return render_template('users/log_in.html') @bp.post('/log-in') +@redirect_if_logged_in() def log_in_post(): user = Users.find({'username': request.form['username']}) if not user: - return 'no user' + return redirect(url_for('.log_in', error='The username or password you entered is incorrect.')) if not verify(user.password_hash, request.form['password']): - return 'no' + return redirect(url_for('.log_in', error='The username or password you entered is incorrect.')) - sess = create_session(user.id) - session['pyrom_session_key'] = sess.key session['remember'] = request.form.get('remember') == 'on' + sess = create_session(user.id, not session['remember']) + session['pyrom_session_key'] = sess.key if session['remember']: session.permanent = True - return redirect(request.form['return_to']) + return redirect(request.form.get('return_to', default=url_for('topics.all_topics'))) + +@bp.get('/sign-up') +@redirect_if_logged_in() +def sign_up(): + return 'stub' @bp.get('/') def user_page(username): @@ -40,6 +58,3 @@ def inbox(username): def bookmarks(username): return 'stub' -@bp.get('/sign-up') -def sign_up(): - return 'stub' diff --git a/app/templates/common/topnav.html b/app/templates/common/topnav.html index 2be0154..19b27ed 100644 --- a/app/templates/common/topnav.html +++ b/app/templates/common/topnav.html @@ -18,6 +18,7 @@ + Sign up diff --git a/app/templates/users/log_in.html b/app/templates/users/log_in.html new file mode 100644 index 0000000..511daae --- /dev/null +++ b/app/templates/users/log_in.html @@ -0,0 +1,22 @@ +{% from 'common/macros.html' import subheader %} +{%- extends 'base.html' -%} +{%- block title -%}log in{%- endblock -%} +{%- block content -%} +{%- set welcome -%} +Welcome back! No account yet? Sign up +{%- endset -%} +{{ subheader('Log in', welcome)}} +{%- if request.args.get('error') -%} +
+ {{request.args.get('error')}} +
+{%- endif -%} +
+ + + + + + +
+{%- endblock -%}