64 lines
1.6 KiB
Python
64 lines
1.6 KiB
Python
from flask import session, flash, redirect, url_for, abort
|
|
from .models import Sessions, Users
|
|
from argon2 import PasswordHasher
|
|
from functools import wraps
|
|
import secrets
|
|
import time
|
|
|
|
ph = PasswordHasher()
|
|
|
|
def digest(password):
|
|
return ph.hash(password)
|
|
|
|
def verify(expected, given):
|
|
try:
|
|
return ph.verify(expected, given)
|
|
except:
|
|
return False
|
|
|
|
def is_logged_in() -> bool:
|
|
if 'pyrom_session_key' not in session:
|
|
return False
|
|
sess = Sessions.find({'key': session['pyrom_session_key']})
|
|
if not sess:
|
|
return False
|
|
if sess.expires_at < int(time.time()):
|
|
session.clear()
|
|
sess.delete()
|
|
# flash('Your session expired.;Please log in again.', InfoboxKind.INFO)
|
|
return False
|
|
return True
|
|
|
|
def get_active_user() -> Users | None:
|
|
if not is_logged_in():
|
|
return None
|
|
|
|
sess = Sessions.find({'key': session['pyrom_session_key']})
|
|
return Users.find({'id': sess.user_id})
|
|
|
|
def create_session(user_id):
|
|
return Sessions.create({
|
|
'key': secrets.token_hex(16),
|
|
'user_id': user_id,
|
|
'expires_at': int(time.time()) + (31 * 24 * 60 * 60),
|
|
})
|
|
|
|
# annotations
|
|
def login_required(view_func):
|
|
@wraps(view_func)
|
|
def wrapper(*args, **kwargs):
|
|
if not is_logged_in():
|
|
return redirect(url_for('users.log_in_page'))
|
|
return view_func(*args, **kwargs)
|
|
return wrapper
|
|
|
|
def mod_only(view_func):
|
|
@wraps(view_func)
|
|
def wrapper(*args, **kwargs):
|
|
if not is_logged_in():
|
|
abort(403)
|
|
if not get_active_user().is_mod():
|
|
abort(403)
|
|
return view_func(*args, **kwargs)
|
|
return wrapper
|