contentmatcher/auth.py

import functools

from flask import (
    Blueprint, flash, g, redirect, render_template, request, session, url_for
)
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker

from hashlib import md5

from config import CONFIG 
from create_db import User

bp = Blueprint('auth', __name__, url_prefix='/auth')

engine = create_engine(CONFIG['DB_CONNECTION'])
dbsessionmaker = sessionmaker(bind=engine)
dbsession = dbsessionmaker()

@bp.route('/register', methods=('GET', 'POST'))
def register():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        error = None

        if not username:
            error = 'Username is required.'
        elif not password:
            error = 'Password is required.'

        if error is None:
            try:
                user = User(username=username, password=md5(password.encode("utf-8")).hexdigest())
                dbsession.add(user)
                dbsession.commit()


            except Exception as e:
                error = f"napaka pri registraciji {username} je {e}"
            else:
                return redirect(url_for("auth.login"))

        flash(error)

    return render_template('auth/register.html')


@bp.route('/login', methods=('GET', 'POST'))
def login():
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
        error = None
        user = dbsession.query(User).filter(User.username == username).first()
        
        if user is None:
            error = 'Incorrect username.'
        elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash

            error = 'Incorrect password.'

        if error is None:
            session.clear()
            session['user_id'] = user.id
            session['username'] = user.username
            return redirect(url_for('deck'))

        flash(error)

    return render_template('auth/login.html')


@bp.before_app_request
def load_logged_in_user():
    user_id = session.get('user_id')

    if user_id is None:
        g.user = None
    else:
        g.user = None


@bp.route('/logout')
def logout():
    session.clear()
    return redirect(url_for('index'))


def login_required(view):
    @functools.wraps(view)
    def wrapped_view(**kwargs):
        if g.user is None:
            return redirect(url_for('auth.login'))

        return view(**kwargs)

    return wrapped_view
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00			`import functools`

			`from flask import (`
			`Blueprint, flash, g, redirect, render_template, request, session, url_for`
			`)`
db work 2022-05-15 22:12:18 +02:00			`from sqlalchemy import create_engine`
			`from sqlalchemy.orm import sessionmaker`

			`from hashlib import md5`

			`from config import CONFIG`
			`from create_db import User`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00
			`bp = Blueprint('auth', __name__, url_prefix='/auth')`

db work 2022-05-15 22:12:18 +02:00			`engine = create_engine(CONFIG['DB_CONNECTION'])`
			`dbsessionmaker = sessionmaker(bind=engine)`
			`dbsession = dbsessionmaker()`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00
			`@bp.route('/register', methods=('GET', 'POST'))`
			`def register():`
			`if request.method == 'POST':`
			`username = request.form['username']`
			`password = request.form['password']`
			`error = None`

			`if not username:`
			`error = 'Username is required.'`
			`elif not password:`
			`error = 'Password is required.'`

			`if error is None:`
			`try:`
dodal login funkcionalnost 2022-05-17 21:27:51 +02:00			`user = User(username=username, password=md5(password.encode("utf-8")).hexdigest())`
db work 2022-05-15 22:12:18 +02:00			`dbsession.add(user)`
			`dbsession.commit()`


			`except Exception as e:`
			`error = f"napaka pri registraciji {username} je {e}"`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00			`else:`
			`return redirect(url_for("auth.login"))`

			`flash(error)`

			`return render_template('auth/register.html')`


			`@bp.route('/login', methods=('GET', 'POST'))`
			`def login():`
			`if request.method == 'POST':`
			`username = request.form['username']`
			`password = request.form['password']`
			`error = None`
dodal login funkcionalnost 2022-05-17 21:27:51 +02:00			`user = dbsession.query(User).filter(User.username == username).first()`

dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00			`if user is None:`
			`error = 'Incorrect username.'`
dodal login funkcionalnost 2022-05-17 21:27:51 +02:00			`elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash`

dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00			`error = 'Incorrect password.'`

			`if error is None:`
			`session.clear()`
dodal login funkcionalnost 2022-05-17 21:27:51 +02:00			`session['user_id'] = user.id`
passing data around 2022-05-20 00:01:56 +02:00			`session['username'] = user.username`
			`return redirect(url_for('deck'))`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00
			`flash(error)`

			`return render_template('auth/login.html')`


			`@bp.before_app_request`
			`def load_logged_in_user():`
			`user_id = session.get('user_id')`

			`if user_id is None:`
			`g.user = None`
			`else:`
db work 2022-05-15 22:12:18 +02:00			`g.user = None`
dodal vsebino po flask tutorialu... 2022-05-13 18:23:15 +02:00

			`@bp.route('/logout')`
			`def logout():`
			`session.clear()`
			`return redirect(url_for('index'))`


			`def login_required(view):`
			`@functools.wraps(view)`
			`def wrapped_view(**kwargs):`
			`if g.user is None:`
			`return redirect(url_for('auth.login'))`

			`return view(**kwargs)`

			`return wrapped_view`