tmeissner
/
flasky
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
25 Commits
1 Branch
1.8 MiB
Tree: 3571a77933
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3571a77933'
${ noResults }
flasky/app/auth/views.py

135 lines
4.7 KiB
Raw Normal View History

Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: User registration (8d)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: Authentication blueprint (8b)
6 years ago
Chapter 8: Login and logout with Flask-Login (8c)
6 years ago
Chapter 8: User registration (8d)
6 years ago
Chapter 8: Account confirmation (8e)
6 years ago
Chapter 8: Password updates (8f)
6 years ago
Chapter 8: Password resets (8g)
6 years ago
 
  1. from flask import render_template, redirect, request, url_for, flash
  2. from flask_login import login_user, logout_user, login_required, current_user
  3. from . import auth
  4. from .. import db
  5. from ..models import User
  6. from ..email import send_email
  7. from .forms import LoginForm, RegistrationForm, ChangePasswordForm, \
  8.     PasswordResetRequestForm, PasswordResetForm
  9. 

  10. 

  11. @auth.before_app_request
  12. def before_request():
  13.     if current_user.is_authenticated \
  14.        and not current_user.confirmed \
  15.        and request.blueprint != 'auth' \
  16.        and request.endpoint != 'static':
  17.         return redirect(url_for('auth.unconfirmed'))
  18. 

  19. 

  20. @auth.route('/unconfirmed')
  21. def unconfirmed():
  22.     if current_user.is_anonymous or current_user.confirmed:
  23.         return redirect(url_for('main.index'))
  24.     return render_template('auth/unconfirmed.html')
  25. 

  26. 

  27. @auth.route('/login', methods=['GET', 'POST'])
  28. def login():
  29.     form = LoginForm()
  30.     if form.validate_on_submit():
  31.         user = User.query.filter_by(email=form.email.data).first()
  32.         if user is not None and user.verify_password(form.password.data):
  33.             login_user(user, form.remember_me.data)
  34.             next = request.args.get('next')
  35.             if next is None or not next.startswith('/'):
  36.                 next = url_for('main.index')
  37.             return redirect(next)
  38.         flash('Invalid username or password')
  39.     return render_template('auth/login.html', form=form)
  40. 

  41. 

  42. @auth.route('/logout')
  43. @login_required
  44. def logout():
  45.     logout_user()
  46.     flash('You have been logged out.')
  47.     return redirect(url_for('main.index'))
  48. 

  49. 

  50. @auth.route('/register', methods=['GET', 'POST'])
  51. def register():
  52.     form = RegistrationForm()
  53.     if form.validate_on_submit():
  54.         user = User(email=form.email.data,
  55.                     username=form.username.data,
  56.                     password=form.password.data)
  57.         db.session.add(user)
  58.         db.session.commit()
  59.         token = user.generate_confirmation_token()
  60.         send_email(user.email, 'Confirm your account',
  61.                    'auth/email/confirm', user=user, token=token)
  62.         flash('A confirmation email has been sent to you by email.')
  63.         return redirect(url_for('main.index'))
  64.     return render_template('auth/register.html', form=form)
  65. 

  66. 

  67. @auth.route('/confirm/<token>')
  68. @login_required
  69. def confirm(token):
  70.     if current_user.confirmed:
  71.         return redirect(url_for('main.index'))
  72.     if current_user.confirm(token):
  73.         db.session.commit()
  74.         flash('You have confirmed your account. Thanks!')
  75.     else:
  76.         flash('The confirmationlink is invalid or has expired')
  77.     return redirect(url_for('main.index'))
  78. 

  79. 

  80. @auth.route('/confirm')
  81. @login_required
  82. def resend_confirmation():
  83.     token = current_user.generate_confirmation_token()
  84.     send_email(current_user.email, 'Confirm your account',
  85.                'auth/email/confirm', user=current_user, token=token)
  86.     flash('A new confirmation email has been sent to you by email.')
  87.     return redirect(url_for('main.index'))
  88. 

  89. 

  90. @auth.route('/change-password', methods=['GET', 'POST'])
  91. @login_required
  92. def change_password():
  93.     form = ChangePasswordForm()
  94.     if form.validate_on_submit():
  95.         if current_user.verify_password(form.old_password.data):
  96.             current_user.password = form.password.data
  97.             db.session.add(current_user)
  98.             db.session.commit()
  99.             flash('Your password has been updated')
  100.             redirect(url_for('main.index'))
  101.         else:
  102.             flash('Invalid password.')
  103.     return render_template('auth/change_password.html', form=form)
  104. 

  105. 

  106. @auth.route('/reset', methods=['GET', 'POST'])
  107. def password_reset_request():
  108.     if not current_user.is_anonymous:
  109.         redirect(url_for('main.index'))
  110.     form = PasswordResetRequestForm()
  111.     if form.validate_on_submit():
  112.         user = User.query.filter_by(email=form.email.data).first()
  113.         if user:
  114.             token = user.generate_reset_token()
  115.             send_email(user.email, 'Reset your password',
  116.                        'auth/email/reset_password', user=user, token=token)
  117.         flash('An email with instructions to reset your password has been '
  118.               'sent to you')
  119.         return redirect(url_for('auth.login'))
  120.     return render_template('auth/reset_password.html', form=form)
  121. 

  122. 

  123. @auth.route('/reset/<token>', methods=['GET', 'POST'])
  124. def password_reset(token):
  125.     if not current_user.is_anonymous:
  126.         redirect(url_for('main.index'))
  127.     form = PasswordResetForm()
  128.     if form.validate_on_submit():
  129.         if User.reset_password(token, form.password.data):
  130.             db.session.commit()
  131.             flash('Your password has been updated.')
  132.             return redirect(url_for('auth.login'))
  133.         else:
  134.             return redirect(url_for('main.index'))
  135.     return render_template('auth/reset_password.html', form=form)