basic posting

app/auth.py

@@ -1,6 +1,7 @@
-from flask import session, flash
+from flask import session, flash, redirect, url_for
 from .models import Sessions, Users
 from argon2 import PasswordHasher
+from functools import wraps
 import secrets
 import time
 
@@ -15,7 +16,7 @@ def verify(expected, given):
     except:
         return False
 
-def is_logged_in():
+def is_logged_in() -> bool:
     if 'pyrom_session_key' not in session:
         return False
     sess = Sessions.find({'key': session['pyrom_session_key']})
@@ -28,7 +29,7 @@ def is_logged_in():
         return False
     return True
 
-def get_active_user():
+def get_active_user() -> Users | None:
     if not is_logged_in():
         return None
 
@@ -41,3 +42,12 @@ def create_session(user_id):
         'user_id': user_id,
         'expires_at': int(time.time()) + (31 * 24 * 60 * 60),
     })
+
+# annotations
+def login_required(view_func):
+    @wraps(view_func)
+    def wrapper(*args, **kwargs):
+        if not is_logged_in():
+            return redirect(url_for('users.log_in_page'))
+        return view_func(*args, **kwargs)
+    return wrapper