jose.reyes46
/
flask-tutorial
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Adds auth functions and blueprints

Jose Reyes 6 years ago
parent
4b80a51881
commit
15deba2011
1 changed files with 92 additions and 0 deletions
Split View Show Diff Stats
  1. 92
    0
      flaskr/auth.py

+ 92
- 0
flaskr/auth.py View File 

@@ -0,0 +1,92 @@
1 
+import functools
2 
+
3 
+from flask import (
4 
+    Blueprint, flash, g, redirect, render_template, request, session, url_for
5 
+)
6 
+from werkzeug.security import check_password_hash, generate_password_hash
7 
+
8 
+from flaskr.db import get_db
9 
+
10 
+bp = Blueprint('auth', __name__, url_prefix='/auth')
11 
+
12 
+@bp.route('/register', methods=('GET', 'POST'))
13 
+def register():
14 
+    if request.method == 'POST':
15 
+        username = request.form['username']
16 
+        password = request.form['password']
17 
+        db = get_db()
18 
+        error = None
19 
+
20 
+        if not username:
21 
+            error = 'Username is required.'
22 
+        elif not password:
23 
+            error = 'Password is required.'
24 
+        elif db.execute(
25 
+            'SELECT id FROM user WHERE username = ?', (username,)
26 
+        ).fetchone() is not None:
27 
+            error = 'User {} is already registered.'.format(username)
28 
+
29 
+        if error is None:
30 
+            db.execute(
31 
+                'INSERT INTO user (username, password) VALUES (?, ?)',
32 
+                (username, generate_password_hash(password))
33 
+            )
34 
+            db.commit()
35 
+            return redirect(url_for('auth.login'))
36 
+
37 
+        flash(error)
38 
+
39 
+    return render_template('auth/register.html')
40 
+
41 
+@bp.route('/login', methods=('GET', 'POST'))
42 
+def login():
43 
+    if request.method == 'POST':
44 
+        username = request.form['username']
45 
+        password = request.form['password']
46 
+        db = get_db()
47 
+        error = None
48 
+        user = db.execute(
49 
+            'SELECT * FROM user where username = ?', (username,)
50 
+        ).fetchone()
51 
+
52 
+        if user is None:
53 
+            error = 'Incorrect username.'
54 
+        elif not check_password_hash(user['password'], password):
55 
+            error = 'Incorrect password.'
56 
+
57 
+        if error is None:
58 
+            session.clear()
59 
+            session['user_id'] = user['id']
60 
+            return redirect(url_for('index'))
61 
+
62 
+        flash(error)
63 
+
64 
+    return render_template('auth/login.html')
65 
+
66 
+
67 
+@bp.before_app_request
68 
+def load_logged_in_user():
69 
+    user_id = session.get('user_id')
70 
+
71 
+    if user_id is None:
72 
+        g.user = None
73 
+    else:
74 
+        g.user = get_db().execute(
75 
+            'SELECT * FROM user WHERE id = ?', (user_id,)
76 
+        ).fetchone()
77 
+
78 
+@bp.route('/logout')
79 
+def logout():
80 
+    session.clear()
81 
+    return redirect(url_for('index'))
82 
+
83 
+def login_required(view):
84 
+    @functools.wraps(view)
85 
+    def wrapped_view(**kwargs):
86 
+        if g.user is None:
87 
+            return redirect(url_for('auth.login'))
88 
+
89 
+        return view(**kwargs)
90 
+
91 
+    return wrapped_view
92 
+