-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathauth.py
More file actions
87 lines (64 loc) · 3.27 KB
/
Copy pathauth.py
File metadata and controls
87 lines (64 loc) · 3.27 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#this module handles the routes login page(see views.py for other routes)
#Blueprint member allows for organizing the application into smaller re-usable parts
#blueprints need to be registered, see __init__.py
#request allows to input data from user, flash allows for "flashing" data to user
#for flashing data the base.html has to be updated
from flask import Blueprint, render_template, request, flash, redirect, url_for
from .models import User
from . import db
from werkzeug.security import generate_password_hash, check_password_hash
from flask_login import login_user, login_required, logout_user, current_user
auth = Blueprint("auth", __name__)
@auth.route("login", methods = ["GET", "POST"])
def login():
if request.method == "POST":
email = request.form.get("email")
password = request.form.get("password")
user = User.query.filter_by(email = email).first()
if user:
if check_password_hash(user.password, password):
flash("Logged in successfuly!", category = "success")
login_user(user, remember = True)
return redirect(url_for("views.home"))
else:
flash("Incorrect password, try again", category = "error")
else:
flash("Email does not exist.", category = "error")
return render_template("login.html", user = current_user)
@auth.route("logout")
@login_required
def logout():
logout_user()
return redirect(url_for("auth.login"))
@auth.route("sign-up", methods = ["GET", "POST"])
def sign_up():
if request.method == "POST":
email = request.form.get("email")
first_name = request.form.get("firstName")
password1 = request.form.get("password1")
password2 = request.form.get("password2")
user = User.query.filter_by(email = email).first() #could this be done easier if I used composite primary keys to include email?
if user:
flash("Email already exists.", category = "error")
return render_template("sign_up.html", user = current_user) #if user already exists return to sign up page
#check for all errors in submission
error_list = []
if len(email) < 4:
error_list.append("Email must be greater than 3 characters.")
if len(first_name) < 2:
error_list.append("First name must be greater than 1 character.")
if (password1 != password2) or (not password1): #still want to print this if they entered no pw
error_list.append("Passwords must match.")
if len(password1) < 6:
error_list.append("Password must be greater than 6 characters.")
if len(error_list):
for error in error_list:
flash(error, category = "error")
else:
new_user = User(email = email, first_name = first_name, password = generate_password_hash(password1, method = "sha256"))
db.session.add(new_user)
db.session.commit()
login_user(new_user, remember = True)
flash("Account created succesfully!", category = "success")
return redirect(url_for("views.home"))
return render_template("sign_up.html", user = current_user)