yagich/pyrom
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

add login route

Browse Source
This commit is contained in:
Lera Elvoé
2026-04-17 06:34:45 +03:00
parent 54ed6fef3a
commit 76d600f01d
4 changed files with 53 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/auth.py
View File

@@ -36,11 +36,12 @@ def get_active_user() -> Users | None:
sess = Sessions.find({'key': session['pyrom_session_key']}) sess = Sessions.find({'key': session['pyrom_session_key']})
return Users.find({'id': sess.user_id}) return Users.find({'id': sess.user_id})
def create_session(user_id): def create_session(user_id, temporary=False):
expires_days = 2 if temporary else 31
return Sessions.create({ return Sessions.create({
'key': secrets.token_hex(16), 'key': secrets.token_hex(16),
'user_id': user_id, 'user_id': user_id,
'expires_at': int(time.time()) + (31 * 24 * 60 * 60), 'expires_at': int(time.time()) + (expires_days * 24 * 60 * 60),
}) })
# annotations # annotations
@@ -48,7 +49,7 @@ def login_required(view_func):
@wraps(view_func) @wraps(view_func)
def wrapper(*args, **kwargs): def wrapper(*args, **kwargs):
if not is_logged_in(): if not is_logged_in():
return redirect(url_for('users.log_in_page')) return redirect(url_for('users.log_in'))
return view_func(*args, **kwargs) return view_func(*args, **kwargs)
return wrapper return wrapper

37
app/routes/users.py
View File

@@ -1,28 +1,46 @@
from flask import Blueprint, redirect, url_for, render_template, request, session from flask import Blueprint, redirect, url_for, render_template, request, session
from functools import wraps
from ..auth import digest, verify, create_session from ..auth import digest, verify, create_session, is_logged_in
from ..models import Users from ..models import Users
bp = Blueprint('users', __name__, url_prefix='/users/') bp = Blueprint('users', __name__, url_prefix='/users/')
def redirect_if_logged_in(destination='topics.all_topics'):
def decorator(view_func):
@wraps(view_func)
def wrapper(*args, **kwargs):
if is_logged_in():
return redirect(url_for(destination))
return view_func(*args, **kwargs)
return wrapper
return decorator
@bp.get('/log-in') @bp.get('/log-in')
def log_in_page(): @redirect_if_logged_in()
return 'stub/please log in' def log_in():
return render_template('users/log_in.html')
@bp.post('/log-in') @bp.post('/log-in')
@redirect_if_logged_in()
def log_in_post(): def log_in_post():
user = Users.find({'username': request.form['username']}) user = Users.find({'username': request.form['username']})
if not user: if not user:
return 'no user' return redirect(url_for('.log_in', error='The username or password you entered is incorrect.'))
if not verify(user.password_hash, request.form['password']): if not verify(user.password_hash, request.form['password']):
return 'no' return redirect(url_for('.log_in', error='The username or password you entered is incorrect.'))
sess = create_session(user.id)
session['pyrom_session_key'] = sess.key
session['remember'] = request.form.get('remember') == 'on' session['remember'] = request.form.get('remember') == 'on'
sess = create_session(user.id, not session['remember'])
session['pyrom_session_key'] = sess.key
if session['remember']: if session['remember']:
session.permanent = True session.permanent = True
return redirect(request.form['return_to']) return redirect(request.form.get('return_to', default=url_for('topics.all_topics')))
@bp.get('/sign-up')
@redirect_if_logged_in()
def sign_up():
return 'stub'
@bp.get('/<username>') @bp.get('/<username>')
def user_page(username): def user_page(username):
@@ -40,6 +58,3 @@ def inbox(username):
def bookmarks(username): def bookmarks(username):
return 'stub' return 'stub'
@bp.get('/sign-up')
def sign_up():
return 'stub'

1
app/templates/common/topnav.html
View File

@@ -18,6 +18,7 @@
<input type="hidden" name="return_to" value="{{request.path}}"> <input type="hidden" name="return_to" value="{{request.path}}">
<input type="text" placeholder="Username" name="username" autocomplete="username" required> <input type="text" placeholder="Username" name="username" autocomplete="username" required>
<input type="password" placeholder="Password" name="password" autocomplete="current-password" required> <input type="password" placeholder="Password" name="password" autocomplete="current-password" required>
<span><input type="checkbox" name="remember" id="remember"> <label for="remember">Remember me</label></span>
<input type="submit" value="Log in"> <input type="submit" value="Log in">
<a href="{{url_for('users.sign_up')}}" class="linkbutton alt">Sign up</a> <a href="{{url_for('users.sign_up')}}" class="linkbutton alt">Sign up</a>
</form> </form>

22
app/templates/users/log_in.html Normal file
View File

@@ -0,0 +1,22 @@
{% from 'common/macros.html' import subheader %}
{%- extends 'base.html' -%}
{%- block title -%}log in{%- endblock -%}
{%- block content -%}
{%- set welcome -%}
Welcome back! No account yet? <a href="{{url_for('users.sign_up')}}">Sign up</a>
{%- endset -%}
{{ subheader('Log in', welcome)}}
{%- if request.args.get('error') -%}
<div class="infobox plank critical">
{{request.args.get('error')}}
</div>
{%- endif -%}
<form class="plank primary-bg full-width" method="POST">
<label for="username">Username</label>
<input type="text" id="username" name="username" autocomplete="username" required>
<label for="password">Password</label>
<input type="password" id="password" name="password" autocomplete="current-password" required>
<span><input type="checkbox" name="remember" id="remember"> <label for="remember">Remember me</label></span>
<input type="submit" value="Log in">
</form>
{%- endblock -%}