68 lines
2.4 KiB
Python
68 lines
2.4 KiB
Python
from flask import Flask
|
|
from flask import render_template
|
|
from flask import session
|
|
from flask import request
|
|
from flask import redirect
|
|
from flask import url_for
|
|
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
|
|
|
from config import secret_key, database_uri
|
|
from model import db, User
|
|
|
|
app = Flask(__name__)
|
|
app.secret_key = secret_key
|
|
|
|
app.config['SQLALCHEMY_DATABASE_URI'] = database_uri
|
|
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
|
|
|
|
db.init_app(app)
|
|
|
|
@app.route("/")
|
|
def home():
|
|
if 'username' in session:
|
|
return render_template("index.html", username=session["username"])
|
|
else:
|
|
return render_template("index.html")
|
|
|
|
@app.route("/signup", methods=["GET", "POST"])
|
|
def signup():
|
|
if request.method == "POST":
|
|
username = request.form['username']
|
|
email = request.form['email']
|
|
password = request.form['password']
|
|
registered_user = User.query.filter_by(username=username).first()
|
|
if registered_user is None:
|
|
password_hash = generate_password_hash(password)
|
|
registered_user = User(username=username, email=email, password=password_hash)
|
|
db.session.add(registered_user)
|
|
db.session.commit()
|
|
else:
|
|
return render_template("auth/signup.html", message="Username already used. Try with an other.")
|
|
return redirect(url_for("login"))
|
|
elif request.method == "GET":
|
|
return render_template("auth/signup.html")
|
|
|
|
@app.route("/login", methods=["GET", "POST"])
|
|
def login():
|
|
if request.method == "POST":
|
|
username = request.form['username']
|
|
password = request.form['password']
|
|
user = User.query.filter_by(username=username).first()
|
|
if user is None:
|
|
return render_template("auth/login.html", message="No user with this username already registered")
|
|
else:
|
|
password_hash = user.password
|
|
if check_password_hash(password_hash, password):
|
|
session["username"] = username
|
|
return redirect(url_for("home"))
|
|
else:
|
|
return render_template("auth/login.html", message="Password incorrect. Try again")
|
|
if request.method == "GET":
|
|
return render_template("auth/login.html")
|
|
|
|
@app.route("/logout")
|
|
def logout():
|
|
# Remove username from the session if it's there
|
|
session.pop("username", None)
|
|
return redirect(url_for("home")) |