authorization routes and logic

2022-04-06 01:24:06 -04:00
parent 5ca91452ca
commit be4eda6686
13 changed files with 205 additions and 6 deletions
--- a/app/auth/init.py
+++ b/app/auth/init.py
@@ -0,0 +1,7 @@
+from flask import Blueprint
+
+
+auth = Blueprint('auth', __name__)
+
+
+from . import views
--- a/app/auth/forms.py
+++ b/app/auth/forms.py
@@ -0,0 +1,29 @@
+from flask_wtf import FlaskForm
+from wtforms import StringField, PasswordField, BooleanField, SubmitField, ValidationError
+from wtforms.validators import DataRequired, Length, Email, EqualTo, Regexp
+
+from app.models import User
+
+
+class LoginForm(FlaskForm):
+    email = StringField('Email', validators=[DataRequired(), Length(1, 64), Email()])
+    password = PasswordField('Password', validators=[DataRequired()])
+    remember_me = BooleanField('Keep me logged in')
+    submit = SubmitField('Log In')
+
+
+class RegistrationForm(FlaskForm):
+    email = StringField('Email', validators=[DataRequired(), Length(1, 64), Email()])
+    username = StringField('Username', validators=[DataRequired(), Regexp('^[A-Za-z][A-Za-z0-9_.]*$', 0, 'Usernames must have only letters, numbers, dots or underscors')])
+    password = PasswordField('Password', validators=[DataRequired(), EqualTo('password2', message='Passwords must match.')])
+    password2 = PasswordField('Confirm Password', validators=[DataRequired()])
+    submit = SubmitField('Register')
+
+
+    def validate_email(self, field):
+        if User.query.filter_by(email=field.data).first():
+            raise ValidationError('Email already registered')
+
+    def validate_username(self, field):
+        if User.query.filter_by(username=field.data).first():
+            raise ValidationError('Username already in use')
--- a/app/auth/views.py
+++ b/app/auth/views.py
@@ -0,0 +1,50 @@
+from flask import render_template, redirect, request, url_for, flash
+from flask_login import login_user, logout_user, login_required
+
+from app import db
+from app.auth import auth
+from app.models import User
+from app.auth.forms import LoginForm, RegistrationForm
+
+
+
+@auth.route('/login', methods=['get', 'post'])
+def login():
+    form = LoginForm()
+
+    if form.validate_on_submit():
+        user = User.query.filter_by(email=form.email.data).first()
+
+        if user is not None and user.verify_password(form.password.data):
+            login_user(user, form.remember_me.data)
+
+            next = request.args.get('next')
+
+            if next is None or next.startswith('/'):
+                next = url_for('main.index')
+            
+            return redirect(next)
+        flash('Invalid username or password', category='error')
+    return render_template('auth/login.html', form=form)
+
+
+@auth.route('/logout')
+@login_required
+def logout():
+    logout_user()
+    flash('You have been logged out.', category='info')
+    return redirect(url_for('main.index'))
+
+
+@auth.route('/register', methods=['get', 'post'])
+def register():
+    form = RegistrationForm()
+
+    if form.validate_on_submit():
+        user = User(email=form.email.data, username=form.username.data, password=form.password.data)
+        db.session.add(user)
+        db.session.commit()
+        flash('You can now login', category='success')
+        return redirect(url_for('auth.login'))
+    
+    return render_template('auth/register.html', form=form)