from flask import Blueprint, render_template, redirect, url_for, request, flash from werkzeug.security import generate_password_hash, check_password_hash from flask_login import login_user, login_required, logout_user from .models import User from . import db auth = Blueprint('auth', __name__) @auth.route('/login') def login(): return render_template('login.html') @auth.route('/login', methods=['POST']) def login_post(): email = request.form.get('email') password = request.form.get('password') remember = True if request.form.get('remember') else False user = User.query.filter_by(email=email).first() # Check if the user actually exists # Take the supplied password and hash it, compare it to the hashed password # If they match we gucci if not user or not check_password_hash(user.password, password): flash('Please check your login details and try again') return redirect(url_for('auth.login')) # If we get here we are gucci login_user(user, remember=remember) return redirect(url_for('main.profile')) @auth.route('/signup') def signup(): return render_template('signup.html') @auth.route('/signup', methods=['POST']) def signup_post(): email = request.form.get('email') name = request.form.get('name') password = request.form.get('password') google_id = request.form.get('google_id') user = User.query.filter_by(email=email).first() if user: flash('Email already exists for user') return redirect(url_for('auth.signup')) user = User.query.filter_by(google_id=google_id).first() if user: flash('Google ID already in use') return redirect(url_for('auth.signup')) new_user = User(email=email, name=name, password=generate_password_hash(password, method='sha256'), google_id=google_id) db.session.add(new_user) db.session.commit() # Code to validate and add the user to the database return redirect(url_for('auth.login')) @auth.route('/logout') @login_required def logout(): logout_user() return redirect(url_for('main.index'))