yagich/pyrom
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
Files
d2cdeaed1dd5e02e7d924c47c182eddc349b615e
pyrom/app/auth.py
Lera Elvoé 9d8404b774 add user signup flow
2026-04-17 10:45:37 +03:00

75 lines
2.1 KiB
Python
Raw Blame History

from flask import session, flash, redirect, url_for, abort
from .models import Sessions, Users
from argon2 import PasswordHasher
from functools import wraps
import secrets
import time
import re
ph = PasswordHasher()
def digest(password):
return ph.hash(password)
def verify(expected, given):
try:
return ph.verify(expected, given)
except:
return False
def is_logged_in() -> bool:
if 'pyrom_session_key' not in session:
return False
sess = Sessions.find({'key': session['pyrom_session_key']})
if not sess:
return False
if sess.expires_at < int(time.time()):
session.clear()
sess.delete()
# flash('Your session expired.;Please log in again.', InfoboxKind.INFO)
return False
return True
def get_active_user() -> Users | None:
if not is_logged_in():
return None
sess = Sessions.find({'key': session['pyrom_session_key']})
return Users.find({'id': sess.user_id})
def create_session(user_id, temporary=False):
expires_days = 2 if temporary else 31
return Sessions.create({
'key': secrets.token_hex(16),
'user_id': user_id,
'expires_at': int(time.time()) + (expires_days * 24 * 60 * 60),
})
def parse_username(username: str) -> Tuple[str, str]:
if len(username) < 3:
raise ValueError
invalid_regex = r'[^a-zA-Z0-9_-]'
return username, re.sub(invalid_regex, '_', username.lower())[:20]
def is_password_valid(password: str) -> bool:
return re.match(r'^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[\W_])(?!.*\s).{10,255}$', password) is not None
# annotations
def login_required(view_func):
@wraps(view_func)
def wrapper(*args, **kwargs):
if not is_logged_in():
return redirect(url_for('users.log_in'))
return view_func(*args, **kwargs)
return wrapper
def mod_only(view_func):
@wraps(view_func)
def wrapper(*args, **kwargs):
if not is_logged_in():
abort(403)
if not get_active_user().is_mod():
abort(403)
return view_func(*args, **kwargs)
return wrapper
Reference in New Issue View Git Blame Copy Permalink