You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

105 lines
2.9 KiB

import email
import functools
import imp
from flask import (
Blueprint, flash, g, redirect, render_template, request, session, url_for
from hashlib import md5
from create_db import User, get_session
from config import CONFIG
bp = Blueprint('auth', __name__, url_prefix='/auth')
@bp.route('/register', methods=('GET', 'POST'))
def register():
dbsession = get_session()
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
mail = request.form['email']
error = None
#@TODO check if this really is an email.
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
elif not mail:
error = 'Please enter your email adress'
elif dbsession.query(User).filter(User.username == username).first() != None:
error = "Username already exists, please choose another one"
elif dbsession.query(User).filter( == mail).first() != None:
error = "This email adress is already in use, please choose another one"
if error is None:
user = User(username=username, password=md5(password.encode("utf-8")).hexdigest(), email=mail, settings = "")
except Exception as e:
error = f"napaka pri registraciji {username} je {e}"
return redirect(url_for("auth.login"))
return render_template('auth/register.html')
@bp.route('/login', methods=('GET', 'POST'))
def login():
if request.method == 'POST':
dbsession = get_session()
username = request.form['username']
password = request.form['password']
error = None
user = dbsession.query(User).filter(User.username == username).first()
if user is None:
error = 'Incorrect username.'
elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash
error = 'Incorrect password.'
if error is None:
session['user_id'] =
session['username'] = user.username
return redirect(url_for("menu.index")) #TODO ne dela
return render_template('auth/login.html')
def load_logged_in_user():
user_id = session.get('user_id')
if user_id is None:
g.user = None
g.user = None
def logout():
return redirect(url_for('index'))
def login_required(view):
def wrapped_view(**kwargs):
if g.user is None:
return redirect(url_for('auth.login'))
return view(**kwargs)
return wrapped_view