log in

app/routes/users.py

@@ -0,0 +1,77 @@
+from flask import (
+    Blueprint, render_template, request, redirect, url_for, flash, session
+    )
+from ..models import Users, Sessions
+from ..constants import InfoboxKind
+from ..auth import digest, verify
+import secrets
+import time
+
+bp = Blueprint("users", __name__, url_prefix = "/users/")
+
+
+def is_logged_in():
+    return "pyrom_session_key" in session
+
+
+def get_active_user():
+    if not is_logged_in():
+        return None
+    sess = Sessions.find({"key": session["pyrom_session_key"]})
+    if not sess:
+        return None
+    return Users.find({"id": sess.user_id})
+
+
+@bp.get("/log_in")
+def log_in():
+    return render_template("users/log_in.html")
+
+
+@bp.post("/log_in")
+def log_in_post():
+    target_user = Users.find({
+        "username": request.form['username']
+    })
+    if not target_user:
+        flash("Incorrect username or password.", InfoboxKind.ERROR)
+        return redirect(url_for("users.log_in"))
+
+    if not verify(target_user.password_hash, request.form['password']):
+        flash("Incorrect username or password.", InfoboxKind.ERROR)
+        return redirect(url_for("users.log_in"))
+
+    session_obj = Sessions.create({
+        "key": secrets.token_hex(16),
+        "user_id": target_user.id,
+        "expires_at": int(time.time()) + 30 * 24 * 60 * 60,
+    })
+
+    session['pyrom_session_key'] = session_obj.key
+    flash("Logged in!", InfoboxKind.INFO)
+    return redirect(url_for("users.log_in"))
+
+
+@bp.get("/sign_up")
+def sign_up():
+    return "not yet"
+
+
+@bp.get("/<username>")
+def page(username):
+    return "stub"
+
+
+@bp.get("/<username>/setings")
+def settings(username):
+    return "stub"
+
+
+@bp.get("/<username>/inbox")
+def inbox(username):
+    return "stub"
+
+
+@bp.get("/list")
+def user_list():
+    return "stub"