PoliSage / src /routes /auth.py
yasserrmd's picture
Update src/routes/auth.py
73b207d verified
# src/routes/auth.py
from flask import Blueprint, render_template, request, redirect, url_for, flash, session
from src.models.user import User
from src.extensions import db
auth_bp = Blueprint("auth", __name__, template_folder="../templates")
@auth_bp.route("/login", methods=["GET", "POST"])
def login():
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
if not username or not password:
flash("Username and password are required.", "warning")
return render_template("login.html")
user = User.query.filter_by(username=username).first()
if user and user.check_password(password):
session.clear() # Clear previous session data
session["user_id"] = user.id
session["username"] = user.username
session["user_role"] = user.role
flash("Login successful!", "success")
# Redirect to the main dashboard (which we will create later)
# For now, redirect to a placeholder index
return redirect(url_for("drafting.list_drafts"))
else:
flash("Invalid username or password.", "danger")
# If already logged in, redirect to dashboard
if "user_id" in session:
return redirect(url_for("index"))
return render_template("login.html")
@auth_bp.route("/logout")
def logout():
session.clear()
flash("You have been logged out.", "info")
return redirect(url_for("auth.login"))
# Optional: Add a registration route if needed
# @auth_bp.route("/register", methods=["GET", "POST"])
# def register():
# # Implementation for user registration
# pass