movidas las vistas dedicadas al login hacia el archivo auth.py para mayor coherencia
This commit is contained in:
Daniel Cortes
@@ -25,6 +25,9 @@ def create_app():
|
||||
from . import db
|
||||
db.init_app(app)
|
||||
|
||||
from . import auth
|
||||
app.register_blueprint(auth.bp)
|
||||
|
||||
from . import admin
|
||||
app.register_blueprint(admin.bp)
|
||||
|
||||
|
||||
64
www/admin.py
64
www/admin.py
@@ -1,65 +1,9 @@
|
||||
import functools
|
||||
|
||||
from flask import (
|
||||
Blueprint, flash, g, redirect, render_template, request, session, url_for
|
||||
)
|
||||
|
||||
from werkzeug.exceptions import abort
|
||||
from werkzeug.security import check_password_hash
|
||||
from flask import Blueprint, flash, g, redirect, render_template, request, session, url_for
|
||||
|
||||
from www.db import get_db
|
||||
|
||||
bp = Blueprint('admin', __name__, url_prefix='/admin')
|
||||
|
||||
@bp.route('/login', methods=('GET', 'POST'))
|
||||
def login():
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
|
||||
db = get_db()
|
||||
error = None
|
||||
|
||||
user = db.execute(
|
||||
'SELECT * FROM users WHERE username = ?', (username,)
|
||||
).fetchone()
|
||||
|
||||
if user is None:
|
||||
error = 'Incorrect username.'
|
||||
elif not check_password_hash(user['password'], password):
|
||||
error = 'Incorrect password.'
|
||||
|
||||
if error is None:
|
||||
session.clear()
|
||||
session['user_id'] = user['id']
|
||||
return redirect(url_for('index'))
|
||||
|
||||
flash(error)
|
||||
|
||||
return render_template('admin/login.html')
|
||||
|
||||
@bp.route('/logout')
|
||||
def logout():
|
||||
session.clear()
|
||||
return redirect(url_for('index'))
|
||||
|
||||
@bp.before_app_request
|
||||
def load_logged_in_user():
|
||||
user_id = session.get('user_id')
|
||||
|
||||
if user_id is None:
|
||||
g.user = None
|
||||
else:
|
||||
g.user = get_db().execute(
|
||||
'SELECT * FROM users WHERE id = ?', (user_id,)
|
||||
).fetchone()
|
||||
|
||||
def admin_required(view):
|
||||
@functools.wraps(view)
|
||||
def wrapped_view(**kwargs):
|
||||
if g.user is None:
|
||||
return redirect(abort(404))
|
||||
|
||||
return view(**kwargs)
|
||||
|
||||
return wrapped_view
|
||||
@bp.route('/panel')
|
||||
def panel():
|
||||
return render_template('admin/panel.html')
|
||||
|
||||
64
www/auth.py
Normal file
64
www/auth.py
Normal file
@@ -0,0 +1,64 @@
|
||||
import functools
|
||||
|
||||
from www.db import get_db
|
||||
|
||||
from werkzeug.exceptions import abort
|
||||
from werkzeug.security import check_password_hash
|
||||
|
||||
from flask import Blueprint, request, flash, render_template, session, g, redirect, url_for
|
||||
|
||||
|
||||
bp = Blueprint('auth', __name__, url_prefix='/auth')
|
||||
|
||||
@bp.route('/login', methods=('GET', 'POST'))
|
||||
def login():
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
|
||||
db = get_db()
|
||||
error = None
|
||||
|
||||
user = db.execute(
|
||||
'SELECT * FROM users WHERE username = ?', (username,)
|
||||
).fetchone()
|
||||
|
||||
if user is None:
|
||||
error = 'Incorrect username.'
|
||||
elif not check_password_hash(user['password'], password):
|
||||
error = 'Incorrect password.'
|
||||
|
||||
if error is None:
|
||||
session.clear()
|
||||
session['user_id'] = user['id']
|
||||
return redirect(url_for('index'))
|
||||
|
||||
flash(error)
|
||||
|
||||
return render_template('auth/login.html')
|
||||
|
||||
@bp.route('/logout')
|
||||
def logout():
|
||||
session.clear()
|
||||
return redirect(url_for('index'))
|
||||
|
||||
@bp.before_app_request
|
||||
def load_logged_in_user():
|
||||
user_id = session.get('user_id')
|
||||
|
||||
if user_id is None:
|
||||
g.user = None
|
||||
else:
|
||||
g.user = get_db().execute(
|
||||
'SELECT * FROM users WHERE id = ?', (user_id,)
|
||||
).fetchone()
|
||||
|
||||
def admin_required(view):
|
||||
@functools.wraps(view)
|
||||
def wrapped_view(**kwargs):
|
||||
if g.user is None:
|
||||
return redirect(abort(404))
|
||||
|
||||
return view(**kwargs)
|
||||
|
||||
return wrapped_view
|
||||
@@ -6,7 +6,7 @@ from werkzeug.exceptions import abort
|
||||
import markdown as md
|
||||
|
||||
from www.db import get_db
|
||||
from www.admin import admin_required
|
||||
from www.auth import admin_required
|
||||
|
||||
bp = Blueprint('blog', __name__, url_prefix='/blog')
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ from werkzeug.exceptions import abort
|
||||
import markdown as md
|
||||
|
||||
from www.db import get_db
|
||||
from www.admin import admin_required
|
||||
from www.auth import admin_required
|
||||
|
||||
bp = Blueprint('now', __name__, url_prefix='/now')
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ from werkzeug.exceptions import abort
|
||||
import markdown as md
|
||||
|
||||
from www.db import get_db
|
||||
from www.admin import admin_required
|
||||
from www.auth import admin_required
|
||||
|
||||
bp = Blueprint('projects', __name__, url_prefix='/projects')
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ from werkzeug.exceptions import abort
|
||||
import markdown as md
|
||||
|
||||
from www.db import get_db
|
||||
from www.admin import admin_required
|
||||
from www.auth import admin_required
|
||||
|
||||
bp = Blueprint('recommended', __name__, url_prefix='/recommended')
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
{% if g.user %}
|
||||
<a href="{{ url_for('blog.create') }}" class="nav-link logout">/create-post</a>
|
||||
<a href="{{ url_for('now.update') }}" class="nav-link logout">/update-now</a>
|
||||
<a href="{{ url_for('admin.logout') }}" class="nav-link logout">/logout</a>
|
||||
<a href="{{ url_for('auth.logout') }}" class="nav-link logout">/logout</a>
|
||||
{% endif %}
|
||||
</div>
|
||||
</nav>
|
||||
|
||||
Reference in New Issue
Block a user