114 lines
3.5 KiB
Python
114 lines
3.5 KiB
Python
import functools
|
|
|
|
from flask import (
|
|
Blueprint, flash, g, redirect, render_template, request, session, url_for
|
|
)
|
|
from hashlib import md5
|
|
from create_db import User, get_session, get_engine
|
|
from share import get_all_shared
|
|
|
|
bp = Blueprint('auth', __name__, url_prefix='/auth')
|
|
|
|
@bp.route('/register', methods=('GET', 'POST'))
|
|
def register():
|
|
|
|
Session = get_session()
|
|
with Session() as dbsession:
|
|
if request.method == 'POST':
|
|
username = request.form['username']
|
|
password = request.form['password']
|
|
mail = request.form['email']
|
|
error = None
|
|
|
|
#@TODO check if this really is an email.
|
|
if not username:
|
|
error = 'Username is required.'
|
|
elif not password:
|
|
error = 'Password is required.'
|
|
elif not mail:
|
|
error = 'Please enter your email adress.'
|
|
elif dbsession.query(User).filter(User.username == username).first() != None:
|
|
error = "Username already exists, please choose another one."
|
|
elif dbsession.query(User).filter(User.email == mail).first() != None:
|
|
error = "This email adress is already in use, please choose another one."
|
|
|
|
if error is None:
|
|
try:
|
|
user = User(username=username, password=md5(password.encode("utf-8")).hexdigest(), email=mail, settings = "")
|
|
dbsession.add(user)
|
|
dbsession.commit()
|
|
|
|
#Preden zapremo naj user dobi vse shared karte od prej.
|
|
new_user = dbsession.query(User).filter(User.username == username).first()
|
|
new_user_id = new_user.id
|
|
|
|
get_all_shared(new_user_id)
|
|
|
|
dbsession.close()
|
|
|
|
|
|
except Exception as e:
|
|
error = f"napaka pri registraciji {username} je {e}"
|
|
else:
|
|
return redirect(url_for("auth.login"))
|
|
|
|
flash(error)
|
|
get_engine().dispose()
|
|
|
|
return render_template('register.html')
|
|
|
|
|
|
@bp.route('/login', methods=('GET', 'POST'))
|
|
def login():
|
|
if request.method == 'POST':
|
|
|
|
Session = get_session()
|
|
with Session() as dbsession:
|
|
username = request.form['username']
|
|
password = request.form['password']
|
|
error = None
|
|
user = dbsession.query(User).filter(User.username == username).first()
|
|
|
|
if user is None:
|
|
error = 'Incorrect username.'
|
|
elif not user.password == md5(password.encode("utf-8")).hexdigest(): #compare input pw has and bd pw hash
|
|
|
|
error = 'Incorrect password.'
|
|
|
|
if error is None:
|
|
session.clear()
|
|
session['user_id'] = user.id
|
|
session['username'] = user.username
|
|
return redirect(url_for("menu.index")) #TODO ne dela
|
|
flash(error)
|
|
|
|
get_engine().dispose()
|
|
return render_template('login.html')
|
|
|
|
|
|
@bp.before_app_request
|
|
def load_logged_in_user():
|
|
user_id = session.get('user_id')
|
|
|
|
if user_id is None:
|
|
g.user = None
|
|
else:
|
|
g.user = None
|
|
|
|
|
|
@bp.route('/logout')
|
|
def logout():
|
|
session.clear()
|
|
return redirect(url_for('index'))
|
|
|
|
|
|
def login_required(view):
|
|
@functools.wraps(view)
|
|
def wrapped_view(**kwargs):
|
|
if g.user is None:
|
|
return redirect(url_for('auth.login'))
|
|
|
|
return view(**kwargs)
|
|
|
|
return wrapped_view
|