Burathar
/
The-Hunt
1
0
Fork 0
Code Issues 24 Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
92 Commits
4 Branches
0 Tags
2.2 MiB
 
 
 
 
 
Tree: e09e73d340
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e09e73d340'
${ noResults }
The-Hunt/app/auth/routes.py

60 lines
2.2 KiB
Raw Blame History

from datetime import datetime
from flask import render_template, flash, redirect, url_for, abort
from flask_login import login_user, logout_user, current_user, login_required
from app import db
from app.auth import bp
from app.models import User
from app.auth.forms import LoginForm, RegistrationForm
@bp.route('/login', methods=['GET', 'POST'])
def login():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = LoginForm()
if form.validate_on_submit():
user = User.query.filter_by(name=form.username.data).first()
if user is None or not user.check_password(form.password.data):
flash('Invalid username or password')
return redirect(url_for('auth.login'))
login_user(user, remember=form.remember_me.data)
user.last_login = datetime.utcnow()
return redirect(url_for('main.index'))
return render_template('auth/login.html', title='Sign In', form=form)
@bp.route('/logout')
@login_required
def logout():
logout_user()
return redirect(url_for('main.index'))
@bp.route('/register', methods=['GET', 'POST'])
def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
user = User(name=form.username.data)
user.set_password(form.password.data)
user.set_auth_hash()
user.last_login = datetime.utcnow()
db.session.add(user)
db.session.commit()
flash('Congratulations, you are now a registered user!')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', title='Register', form=form)
@bp.route('/generate_auth_hash/<username>')
def generate_auth_hash(username):
user = User.query.filter(User.name == username).first_or_404()
if not current_user.owns_game_played_by(user):
abort(403)
if user.auth_hash:
flash('Auth hash is already generated')
abort(403)
if user.last_login:
flash('After a player has logged in, it is no longer possible to generate a QR code.')
abort(403)
user.set_auth_hash()
db.session.commit()
return 'nothing'