contentmatcher/auth.py

import functools

from flask import (
    Blueprint, flash, g, redirect, render_template, request, session, url_for
)
from hashlib import md5
from create_db import User, get_session, get_engine
from share import get_all_shared

bp = Blueprint('auth', __name__, url_prefix='/auth')

@bp.route('/register', methods=('GET', 'POST'))
def register():

    Session = get_session()
    with Session() as dbsession:
        if request.method == 'POST':
            username = request.form['username']
            password = request.form['password']
            mail     = request.form['email'] 
            error = None

            #@TODO check if this really is an email.
            if not username:
                error = 'Username is required.'
            elif not password:
                error = 'Password is required.'
            elif not mail:
                error = 'Please enter your email adress.'
            elif dbsession.query(User).filter(User.username == username).first() != None:
                error = "Username already exists, please choose another one."
            elif dbsession.query(User).filter(User.email == mail).first() != None:
                error = "This email adress is already in use, please choose another one."

            if error is None:
                try:
                    user = User(username=username, password=md5(password.encode("utf-8")).hexdigest(), email=mail, settings = "")
                    dbsession.add(user)
                    dbsession.commit()

                    #Preden zapremo naj user dobi vse shared karte od prej.
                    new_user = dbsession.query(User).filter(User.username == username).first()
                    new_user_id = new_user.id
                    
                    get_all_shared(new_user_id)

                    dbsession.close()


                except Exception as e:
                    error = f"napaka pri registraciji {username} je {e}"
                else:
                    return redirect(url_for("auth.login"))

            flash(error)
    get_engine().dispose()

    return render_template('register.html')


@bp.route('/login', methods=('GET', 'POST'))
def login():
    if request.method == 'POST':

        Session = get_session()
        with Session() as dbsession:
            username = request.form['username']
            password = request.form['password']
            error = None
            user = dbsession.query(User).filter(User.username == username).first()
            
            if user is None:
                error = 'Incorrect username.'
            elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash

                error = 'Incorrect password.'

            if error is None:
                session.clear()
                session['user_id'] = user.id
                session['username'] = user.username
                return redirect(url_for("menu.index")) #TODO ne dela
            flash(error)
        
        get_engine().dispose()
    return render_template('login.html')


@bp.before_app_request
def load_logged_in_user():
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:
        g.user = None


@bp.route('/logout')
def logout():
    session.clear()
    return redirect(url_for('index'))


def login_required(view):
    @functools.wraps(view)
    def wrapped_view(**kwargs):
        if g.user is None:
            return redirect(url_for('auth.login'))

        return view(**kwargs)

    return wrapped_view
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00			`import functools`

			`from flask import (`
			`Blueprint, flash, g, redirect, render_template, request, session, url_for`
			`)`
nastavil, da po loginu pridemo v meni 2022-06-04 21:56:18 +02:00			`from hashlib import md5`
nov db idiom. funkcije za prikazovanje in importanje linkov 2023-08-27 18:52:59 +02:00			`from create_db import User, get_session, get_engine`
added a fucktion that adds all shared cards to a new user 2022-07-14 22:29:37 +02:00			`from share import get_all_shared`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00
			`bp = Blueprint('auth', __name__, url_prefix='/auth')`

			`@bp.route('/register', methods=('GET', 'POST'))`
			`def register():`
DB session fixes, nicer upload 2022-06-14 14:47:12 +02:00
nov db idiom. funkcije za prikazovanje in importanje linkov 2023-08-27 18:52:59 +02:00			`Session = get_session()`
			`with Session() as dbsession:`
			`if request.method == 'POST':`
			`username = request.form['username']`
			`password = request.form['password']`
			`mail = request.form['email']`
			`error = None`

			`#@TODO check if this really is an email.`
			`if not username:`
			`error = 'Username is required.'`
			`elif not password:`
			`error = 'Password is required.'`
			`elif not mail:`
			`error = 'Please enter your email adress.'`
			`elif dbsession.query(User).filter(User.username == username).first() != None:`
			`error = "Username already exists, please choose another one."`
			`elif dbsession.query(User).filter(User.email == mail).first() != None:`
			`error = "This email adress is already in use, please choose another one."`

			`if error is None:`
			`try:`
			`user = User(username=username, password=md5(password.encode("utf-8")).hexdigest(), email=mail, settings = "")`
			`dbsession.add(user)`
			`dbsession.commit()`

			`#Preden zapremo naj user dobi vse shared karte od prej.`
			`new_user = dbsession.query(User).filter(User.username == username).first()`
			`new_user_id = new_user.id`

			`get_all_shared(new_user_id)`

			`dbsession.close()`


			`except Exception as e:`
			`error = f"napaka pri registraciji {username} je {e}"`
			`else:`
			`return redirect(url_for("auth.login"))`

			`flash(error)`
			`get_engine().dispose()`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00
styling and template refactoring 2022-08-12 19:51:55 +02:00			`return render_template('register.html')`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00

			`@bp.route('/login', methods=('GET', 'POST'))`
			`def login():`
			`if request.method == 'POST':`
DB session fixes, nicer upload 2022-06-14 14:47:12 +02:00
nov db idiom. funkcije za prikazovanje in importanje linkov 2023-08-27 18:52:59 +02:00			`Session = get_session()`
			`with Session() as dbsession:`
			`username = request.form['username']`
			`password = request.form['password']`
			`error = None`
			`user = dbsession.query(User).filter(User.username == username).first()`

			`if user is None:`
			`error = 'Incorrect username.'`
			`elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash`

			`error = 'Incorrect password.'`

			`if error is None:`
			`session.clear()`
			`session['user_id'] = user.id`
			`session['username'] = user.username`
			`return redirect(url_for("menu.index")) #TODO ne dela`
			`flash(error)`
dodal login funkcionalnost 2022-05-17 21:27:51 +02:00
nov db idiom. funkcije za prikazovanje in importanje linkov 2023-08-27 18:52:59 +02:00			`get_engine().dispose()`
styling and template refactoring 2022-08-12 19:51:55 +02:00			`return render_template('login.html')`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00

			`@bp.before_app_request`
			`def load_logged_in_user():`
			`user_id = session.get('user_id')`

			`if user_id is None:`
			`g.user = None`
			`else:`
db work 2022-05-15 22:12:18 +02:00			`g.user = None`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00

			`@bp.route('/logout')`
			`def logout():`
			`session.clear()`
			`return redirect(url_for('index'))`


			`def login_required(view):`
			`@functools.wraps(view)`
			`def wrapped_view(**kwargs):`
			`if g.user is None:`
			`return redirect(url_for('auth.login'))`

			`return view(**kwargs)`

Move secret key to .env, bugfixes, handle rollback on DB error 2022-06-14 14:03:29 +02:00			`return wrapped_view`