Created signup and login routes and forms for both, also created 2 decorators for vertical access control

2025-01-15 15:15:24 +00:00
parent f6808b3586
commit ce47cf9622
2 changed files with 66 additions and 1 deletions
--- a/core/app.py
+++ b/core/app.py
@@ -1,8 +1,34 @@
-from flask import Flask, render_template, Response
+from flask import Flask, render_template, session, request, url_for, redirect, g
+from werkzeug.security import generate_password_hash, check_password_hash
+from functools import wraps
+from forms import SignupForm, LoginForm

 app = Flask(__name__, template_folder="../ui/templates/")
 app.config["SECRET_KEY"] = "j9573-4952-9029-1034"

+@app.before_request
+def logged_in_user():
+    g.user = session.get("username", None)
+    g.admin = session.get("username", None)
+
+def login_required(view):
+    """add at start of routes where users need to be logged in to access"""
+    @wraps(view)
+    def wrapped_view(*args, **kwargs):
+        if g.user is None:
+            return redirect(url_for("login", next=request.url))
+        return view(*args, **kwargs)
+    return wrapped_view
+
+def admin_required(view):
+    """add at start of routes where users admin needs to be logged in to access"""
+    @wraps(view)
+    def wrapped_view(*args, **kwargs):
+        if g.admin != "admin":
+            return redirect(url_for("login", next=request.url))
+        return view(*args, **kwargs)
+    return wrapped_view
+
@app.route('/')
 def index():
    """
@@ -13,5 +39,29 @@ def index():

    return render_template('index.html')

+@app.route("/signup", methods=["GET", "POST"])
+def signup():
+    form = SignupForm()
+    if form.validate_on_submit():
+        # Retrieve data from the sign up form
+        username = form.username.data
+        email = form.email.data
+        password = form.password.data
+        password2 = form.password2.data
+
+        # Store in database
+    return
+
+@app.route("/login", methods=["GET", "POST"])
+def login():
+    form = LoginForm()
+    if form.validate_on_submit():
+        # Retrieve data from the login form
+        username = form.username.data
+        password = form.username.data
+
+        # Compare with database
+    return
+
 if __name__ == '__main__':
    app.run(debug=True)
--- a/core/forms.py
+++ b/core/forms.py
@@ -0,0 +1,15 @@
+from flask_wtf import FlaskForm
+from wtforms import SubmitField, StringField, EmailField, PasswordField
+from wtforms.validators import InputRequired, EqualTo
+
+class SignupForm(FlaskForm):
+    username = StringField("Username:", validators=[InputRequired()])
+    email = EmailField("Email:", validators=[InputRequired()])
+    password = PasswordField("Password:", validators=[InputRequired()])
+    password2 = PasswordField("Confirm Password:", validators=[InputRequired(), EqualTo("password")])
+    submit = SubmitField("Submit")
+
+class LoginForm(FlaskForm):
+    username = StringField("Username:", validators=[InputRequired()])
+    password = PasswordField("Password:", validators=[InputRequired()])
+    submit = SubmitField("Submit")