41 lines
1.3 KiB
Python
41 lines
1.3 KiB
Python
from . import m_auth
|
|
|
|
from flask import render_template
|
|
from flask import redirect
|
|
from flask import request
|
|
from flask import session
|
|
from app._tools.database import SessionManager
|
|
from app._tools.database import DataManager
|
|
from app._tools.decorators import auth_required
|
|
from app._tools import passhash
|
|
from app.config import _SALT as SALT
|
|
|
|
@m_auth.route('/')
|
|
def login_page():
|
|
return render_template('auth/login_form.html')
|
|
|
|
@m_auth.route('/session/login', methods=['POST'])
|
|
def login():
|
|
data = dict(request.form)
|
|
if (len(data['username']) == 0 or len(data['password']) == 0):
|
|
return redirect("/auth")
|
|
user_i = DataManager.get_user_by_name(data['username'])
|
|
if user_i == None:
|
|
return render_template("error.html", error = "Пользователь не найден!")
|
|
if not passhash.isValid(data['password'], SALT, user_i.passkey):
|
|
return render_template("error.html", error = "Неверный пароль!")
|
|
|
|
new_token = passhash.genToken()
|
|
SessionManager.add_session(new_token, user_i.id)
|
|
|
|
session.permanent = True
|
|
session["token"] = new_token
|
|
return redirect("/")
|
|
|
|
@m_auth.route('/logout')
|
|
@auth_required
|
|
def logout():
|
|
current_token = session["token"]
|
|
session.clear()
|
|
SessionManager.remove_session(current_token)
|
|
return redirect("/") |