65 lines
1.9 KiB
Python
65 lines
1.9 KiB
Python
from flask import Blueprint, render_template, request, redirect, url_for, session, flash
|
|
from flask_login import login_user
|
|
from app.db import get_db
|
|
from werkzeug.security import generate_password_hash, check_password_hash
|
|
|
|
from app.models.user import User
|
|
|
|
auth_bp = Blueprint("auth", __name__)
|
|
|
|
@auth_bp.route("/login", methods=["GET", "POST"])
|
|
def login():
|
|
if request.method == "POST":
|
|
username = request.form["username"]
|
|
password = request.form["password"]
|
|
|
|
db = get_db()
|
|
row = db.execute(
|
|
"SELECT * FROM users WHERE username = ?",
|
|
(username,)
|
|
).fetchone()
|
|
|
|
if row and check_password_hash(row["password_hash"], password):
|
|
user = User(id=row["id"], username=row["username"])
|
|
login_user(user)
|
|
|
|
return redirect(url_for("main.home"))
|
|
else:
|
|
flash("Invalid username or password")
|
|
|
|
return render_template("login.html")
|
|
|
|
|
|
@auth_bp.route("/register", methods=["GET", "POST"])
|
|
def register():
|
|
if request.method == "POST":
|
|
username = request.form.get("username")
|
|
password = request.form.get("password")
|
|
|
|
if not username or not password:
|
|
flash("Please fill out all fields")
|
|
return render_template("register.html")
|
|
|
|
db = get_db()
|
|
|
|
existing_user = db.execute(
|
|
"SELECT id FROM users WHERE username = ?",
|
|
(username,)
|
|
).fetchone()
|
|
|
|
if existing_user:
|
|
flash("Username already taken")
|
|
return render_template("register.html")
|
|
|
|
hashed_password = generate_password_hash(password)
|
|
|
|
db.execute(
|
|
"INSERT INTO users (username, password_hash) VALUES (?, ?)",
|
|
(username, hashed_password)
|
|
)
|
|
db.commit()
|
|
|
|
flash("Account created! Please log in.")
|
|
return redirect(url_for("auth.login"))
|
|
|
|
return render_template("register.html") |