File size: 1,742 Bytes
0a40ab8
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
73b207d
0a40ab8
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
# src/routes/auth.py

from flask import Blueprint, render_template, request, redirect, url_for, flash, session
from src.models.user import User
from src.extensions import db

auth_bp = Blueprint("auth", __name__, template_folder="../templates")

@auth_bp.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        username = request.form.get("username")
        password = request.form.get("password")
        
        if not username or not password:
            flash("Username and password are required.", "warning")
            return render_template("login.html")

        user = User.query.filter_by(username=username).first()

        if user and user.check_password(password):
            session.clear() # Clear previous session data
            session["user_id"] = user.id
            session["username"] = user.username
            session["user_role"] = user.role
            flash("Login successful!", "success")
            # Redirect to the main dashboard (which we will create later)
            # For now, redirect to a placeholder index
            return redirect(url_for("drafting.list_drafts")) 
        else:
            flash("Invalid username or password.", "danger")
            
    # If already logged in, redirect to dashboard
    if "user_id" in session:
        return redirect(url_for("index"))
        
    return render_template("login.html")

@auth_bp.route("/logout")
def logout():
    session.clear()
    flash("You have been logged out.", "info")
    return redirect(url_for("auth.login"))

# Optional: Add a registration route if needed
# @auth_bp.route("/register", methods=["GET", "POST"])
# def register():
#     # Implementation for user registration
#     pass