completed authentication system
This commit is contained in:
72
app.py
72
app.py
@@ -1,9 +1,11 @@
|
||||
import os
|
||||
from flask import Flask, render_template, redirect
|
||||
from flask import Flask, render_template, redirect, url_for, request, flash
|
||||
from flask_migrate import Migrate
|
||||
from werkzeug.security import generate_password_hash, check_password_hash
|
||||
from flask_login import (LoginManager, login_user, login_required, logout_user, current_user)
|
||||
from misc import datetime, date, time, currDay
|
||||
from db import (db, Period, Task, Event)
|
||||
from forms import (TaskForm, EventForm, PeriodForm)
|
||||
from db import (db, Period, Task, Event, User)
|
||||
from forms import (TaskForm, EventForm, PeriodForm, SignupForm, LoginForm)
|
||||
from create_events import createEvents
|
||||
|
||||
basedir = os.path.abspath(os.path.dirname(__file__))
|
||||
@@ -19,22 +21,73 @@ db.init_app(app)
|
||||
migrate = Migrate()
|
||||
migrate.init_app(app, db)
|
||||
|
||||
# Authentication stuff
|
||||
|
||||
from auth import auth as auth_blueprint
|
||||
app.register_blueprint(auth_blueprint)
|
||||
login_manager = LoginManager()
|
||||
login_manager.login_view = 'login'
|
||||
login_manager.init_app(app)
|
||||
|
||||
signup_enabled = False
|
||||
|
||||
@login_manager.user_loader
|
||||
def load_user(user_id):
|
||||
return User.query.get(int(user_id))
|
||||
|
||||
# Index route
|
||||
@app.route('/')
|
||||
def index():
|
||||
createEvents(db, currDay, Period, Event)
|
||||
return redirect('/events')
|
||||
|
||||
# Authentication routes
|
||||
@app.route('/login', methods=['GET', 'POST'])
|
||||
def login():
|
||||
form = LoginForm()
|
||||
if form.validate_on_submit():
|
||||
userName = form.userName.data
|
||||
password = form.password.data
|
||||
|
||||
user = User.query.filter_by(userName=userName).first()
|
||||
if not user or not check_password_hash(user.password, password):
|
||||
flash('Credentials incorrect! Please try again')
|
||||
return redirect(url_for('login'))
|
||||
login_user(user)
|
||||
return redirect(url_for('events'))
|
||||
return render_template('login.html', form=form)
|
||||
|
||||
@app.route('/createaccount', methods=['GET', 'POST'])
|
||||
def createAccount():
|
||||
if signup_enabled == True:
|
||||
form = SignupForm()
|
||||
if form.validate_on_submit():
|
||||
usernameExists = User.query.filter_by(userName=form.userName.data).first()
|
||||
if usernameExists:
|
||||
flash('Username already exists')
|
||||
return redirect(url_for('createAccount'))
|
||||
new_user = User(email=form.email.data, userName=form.userName.data, realName=form.realName.data,
|
||||
password=generate_password_hash(form.password.data, method='sha256'))
|
||||
db.session.add(new_user)
|
||||
db.session.commit()
|
||||
|
||||
return redirect(url_for('login'))
|
||||
return render_template('createAccount.html', form=form)
|
||||
else:
|
||||
return 'Account creation is currently disabled'
|
||||
@app.route('/logout')
|
||||
@login_required
|
||||
def logout():
|
||||
logout_user()
|
||||
return redirect(url_for('index'))
|
||||
|
||||
# Periods routes
|
||||
@app.route('/periods')
|
||||
@login_required
|
||||
def periods():
|
||||
periods = Period.query.all()
|
||||
return render_template('periods.html', periods=periods, datetime=datetime)
|
||||
|
||||
@app.route('/period/new', methods=('GET', 'POST'))
|
||||
@login_required
|
||||
def newPeriod():
|
||||
form = PeriodForm()
|
||||
if form.validate_on_submit():
|
||||
@@ -49,6 +102,7 @@ def newPeriod():
|
||||
|
||||
|
||||
@app.route('/period/edit/<int:periodNum>', methods=('GET', 'POST'))
|
||||
@login_required
|
||||
def editPeriod(periodNum):
|
||||
period = Period.query.get_or_404(periodNum)
|
||||
form = PeriodForm(obj=period)
|
||||
@@ -60,6 +114,7 @@ def editPeriod(periodNum):
|
||||
return render_template('editPeriod.html', period=period, form=form, datetime=datetime)
|
||||
|
||||
@app.post('/period/delete/<int:periodNum>')
|
||||
@login_required
|
||||
def delete_period(periodNum):
|
||||
period = Period.query.get_or_404(periodNum)
|
||||
db.session.delete(period)
|
||||
@@ -69,6 +124,7 @@ def delete_period(periodNum):
|
||||
|
||||
# Events routes
|
||||
@app.route('/events')
|
||||
@login_required
|
||||
def events():
|
||||
events = Event.query.all()
|
||||
periods = Period.query.all()
|
||||
@@ -77,6 +133,7 @@ def events():
|
||||
return render_template('events.html', events=events, periods=periods, datetime=datetime, date=date)
|
||||
|
||||
@app.route('/event/edit/<int:event_id>/', methods=('GET', 'POST'))
|
||||
@login_required
|
||||
def editEvent(event_id):
|
||||
event = Event.query.get_or_404(event_id)
|
||||
form = EventForm(obj=event)
|
||||
@@ -91,16 +148,19 @@ def editEvent(event_id):
|
||||
|
||||
# Tasks routes
|
||||
@app.route('/tasks')
|
||||
@login_required
|
||||
def tasks():
|
||||
tasks = Task.query.all()
|
||||
return render_template('tasks.html', str=str, tasks=tasks, datetime=datetime, date=date)
|
||||
|
||||
@app.route('/task/<int:task_id>/')
|
||||
@login_required
|
||||
def task(task_id):
|
||||
task = Task.query.get_or_404(task_id)
|
||||
return render_template('task.html', str=str, task=task, datetime=datetime, date=date)
|
||||
|
||||
@app.route('/task/new', methods=('GET', 'POST'))
|
||||
@login_required
|
||||
def newTask():
|
||||
form = TaskForm()
|
||||
if form.validate_on_submit():
|
||||
@@ -113,6 +173,7 @@ def newTask():
|
||||
return render_template('newtask.html', form=form)
|
||||
|
||||
@app.route('/task/<int:task_id>/edit', methods=('GET', 'POST'))
|
||||
@login_required
|
||||
def editTask(task_id):
|
||||
task = Task.query.get_or_404(task_id)
|
||||
form = TaskForm(obj=task)
|
||||
@@ -123,6 +184,7 @@ def editTask(task_id):
|
||||
return redirect(f'/task/{task_id}')
|
||||
return render_template('edittask.html', task=task, form=form)
|
||||
@app.post('/task/<int:task_id>/delete')
|
||||
@login_required
|
||||
def delete_task(task_id):
|
||||
task = Task.query.get_or_404(task_id)
|
||||
db.session.delete(task)
|
||||
|
||||
Reference in New Issue
Block a user