|
|
|
|
|
from flask import Blueprint, render_template, request, redirect, url_for, flash, session |
|
from src.models.user import User |
|
from src.extensions import db |
|
|
|
auth_bp = Blueprint("auth", __name__, template_folder="../templates") |
|
|
|
@auth_bp.route("/login", methods=["GET", "POST"]) |
|
def login(): |
|
if request.method == "POST": |
|
username = request.form.get("username") |
|
password = request.form.get("password") |
|
|
|
if not username or not password: |
|
flash("Username and password are required.", "warning") |
|
return render_template("login.html") |
|
|
|
user = User.query.filter_by(username=username).first() |
|
|
|
if user and user.check_password(password): |
|
session.clear() |
|
session["user_id"] = user.id |
|
session["username"] = user.username |
|
session["user_role"] = user.role |
|
flash("Login successful!", "success") |
|
|
|
|
|
return redirect(url_for("drafting.list_drafts")) |
|
else: |
|
flash("Invalid username or password.", "danger") |
|
|
|
|
|
if "user_id" in session: |
|
return redirect(url_for("index")) |
|
|
|
return render_template("login.html") |
|
|
|
@auth_bp.route("/logout") |
|
def logout(): |
|
session.clear() |
|
flash("You have been logged out.", "info") |
|
return redirect(url_for("auth.login")) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|