58 lines
1.8 KiB
Python
58 lines
1.8 KiB
Python
# app/auth.py
|
|
|
|
from flask import Blueprint, render_template, redirect, url_for, flash, request
|
|
from flask_login import login_user, logout_user, login_required
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
|
|
|
from app import db
|
|
from app.models import User
|
|
from app.forms import RegistrationForm, LoginForm
|
|
|
|
auth = Blueprint('auth', __name__, url_prefix='/auth')
|
|
|
|
@auth.route('/register', methods=['GET', 'POST'])
|
|
def register():
|
|
form = RegistrationForm()
|
|
if form.validate_on_submit():
|
|
hashed_password = generate_password_hash(form.password.data)
|
|
|
|
# Check if any users exist
|
|
is_first_user = User.query.count() == 0
|
|
|
|
user = User(
|
|
username=form.username.data,
|
|
email=form.email.data,
|
|
password_hash=hashed_password,
|
|
is_admin=is_first_user # Make first user an admin
|
|
)
|
|
|
|
db.session.add(user)
|
|
db.session.commit()
|
|
|
|
if is_first_user:
|
|
flash('Account created as administrator.', 'success')
|
|
else:
|
|
flash('Account created! Please log in.', 'success')
|
|
|
|
return redirect(url_for('auth.login'))
|
|
|
|
return render_template('register.html', form=form)
|
|
|
|
@auth.route('/login', methods=['GET', 'POST'])
|
|
def login():
|
|
form = LoginForm()
|
|
if form.validate_on_submit():
|
|
user = User.query.filter_by(email=form.email.data).first()
|
|
if user and check_password_hash(user.password_hash, form.password.data):
|
|
login_user(user)
|
|
return redirect(url_for('main.index'))
|
|
else:
|
|
flash('Login failed. Check username/password.', 'danger')
|
|
return render_template('login.html', form=form)
|
|
|
|
@auth.route('/logout')
|
|
@login_required
|
|
def logout():
|
|
logout_user()
|
|
return redirect(url_for('main.index'))
|