alan.woodman
/
plutus
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15 Commits
1 Branch
0 Tags
831 KiB
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
plutus/blueprints/auth.py

75 lines
2.5 KiB
Raw Permalink Blame History

from flask import Blueprint, render_template, request, redirect, url_for, flash
from flask_login import login_user, logout_user, login_required, current_user
from werkzeug.security import generate_password_hash, check_password_hash
from models import Users
from app import db
from permissions import admin_required
auth_bp = Blueprint('auth', __name__)
@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = Users.query.filter_by(Username=username).first()
if user and check_password_hash(user.Password, password) and user.Enabled:
login_user(user)
next_page = request.args.get('next')
return redirect(next_page) if next_page else redirect(url_for('main.index'))
else:
flash('Invalid username or password, or account is disabled.', 'error')
return render_template('auth/login.html')
@auth_bp.route('/logout')
@login_required
def logout():
logout_user()
flash('You have been logged out.', 'success')
return redirect(url_for('auth.login'))
@auth_bp.route('/add_user', methods=['GET', 'POST'])
@admin_required
def add_user():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
full_name = request.form['full_name']
email = request.form['email']
permissions = request.form.get('permissions', '')
# Check if username already exists
existing_user = Users.query.filter_by(Username=username).first()
if existing_user:
flash('Username already exists.', 'error')
return render_template('auth/add_user.html')
# Create new user
new_user = Users(
Username=username,
Password=generate_password_hash(password),
FullName=full_name,
Email=email,
Permissions=permissions,
Enabled=True
)
try:
db.session.add(new_user)
db.session.commit()
flash('User created successfully.', 'success')
return redirect(url_for('auth.list_users'))
except Exception as e:
db.session.rollback()
flash('Error creating user.', 'error')
return render_template('auth/add_user.html')
@auth_bp.route('/list_users')
@admin_required
def list_users():
users = Users.query.all()
return render_template('auth/list_users.html', users=users)