Add login/logout routes

2022-11-12 11:15:06 +01:00 · 2022-11-12 11:15:06 +01:00 · 00bd1128d1
commit 00bd1128d1
parent d45d5c4284
8 changed files with 107 additions and 12 deletions
--- a/app.py
+++ b/app.py
@ -15,8 +15,9 @@ Application is kept compact, with all its core in a single file.
 from flask import (
    Flask, Markup, abort, flash, g, jsonify, make_response, redirect, request,
    render_template, send_from_directory)
-from flask_login import LoginManager
+from flask_login import LoginManager, login_user, logout_user
 from flask_wtf import CSRFProtect
+from werkzeug.security import generate_password_hash, check_password_hash
 from werkzeug.routing import BaseConverter
 from peewee import *
 from playhouse.db_url import connect as dbconnect
@ -425,6 +426,9 @@ login_manager = LoginManager(app)

@app.before_request
 def _before_request():
+    if request.args.get('uselang') is not None:
+        lang = request.args['uselang']
+    else:
        for l in request.headers.get('accept-language', 'it,en').split(','):
            if ';' in l:
                l, _ = l.split(';')
@ -766,6 +770,8 @@ def stats():
        revision_count=PageRevision.select().count()
    )

+## account management ##
+
@app.route('/accounts/theme-switch')
 def theme_switch():
    cook = request.cookies.get('dark')
@ -773,6 +779,32 @@ def theme_switch():
    resp.set_cookie('dark', '0' if cook == '1' else '1', max_age=31556952, path='/')
    return resp

+@app.route('/accounts/login/', methods=['GET','POST'])
+def accounts_login():
+    if request.method == 'POST':
+        try:
+            username = request.form['username']
+            user = User.get(User.username == username)
+            if not check_password_hash(user.password, request.form['password']):
+                flash('Invalid username or password.')
+                return render_template('login.html')
+        except User.DoesNotExist:
+            flash('Invalid username or password.')
+        else:
+            remember_for = int(request.form['remember'])
+            if remember_for > 0:
+                login_user(user, remember=True,
+                duration=datetime.timedelta(days=remember_for))
+            else:
+                login_user(user)
+            return redirect(request.args.get('next', '/'))
+    return render_template('login.html')
+
+@app.route('/accounts/logout/')
+def accounts_logout():
+    logout_user()
+    return redirect(request.args.get('next', '/'))
+
 ## easter egg (lol) ##

 MNeaster = {
--- a/i18n/salvi.en.json
+++ b/i18n/salvi.en.json
@ -28,6 +28,14 @@
        "just-now": "just now", 
        "n-minutes-ago": "{0} minutes ago", 
        "n-hours-ago": "{0} hours ago", 
-        "n-days-ago": "{0} days ago"
+        "n-days-ago": "{0} days ago",
+        "backlinks": "Backlinks",
+        "backlinks-empty": "No other pages linking here. Is this page orphan?",
+        "back-to": "Back to",
+        "login": "Log in",
+        "username": "Username",
+        "password": "Password",
+        "no-account-sign-up": "Don’t have an account?",
+        "sign-up": "Sign up"
    }
 }
--- a/i18n/salvi.fr.json
+++ b/i18n/salvi.fr.json
@ -0,0 +1,10 @@
+{
+    "fr": {
+        "welcome": "Bienvenue à {0}!",
+        "homepage": "Page de démarrage",
+        "latest-notes": "Dernières notes",
+        "latest-uploads": "Derniers téléchargements",
+        "new-note": "Créer un note",
+        "upload-file": "Télécharger une image"
+    }
+}
--- a/i18n/salvi.it.json
+++ b/i18n/salvi.it.json
@ -28,6 +28,12 @@
        "just-now": "poco fa",
        "n-minutes-ago": "{0} minuti fa",
        "n-hours-ago": "{0} ore fa",
-        "n-days-ago": "{0} giorni fa"
+        "n-days-ago": "{0} giorni fa",
+        "backlinks": "Collegamenti in entrata",
+        "backlinks-empty": "Nessuna altra pagina punta qui. Questa pagina è orfana?",
+        "back-to": "Torna a",
+        "login": "Entra",
+        "username": "Nome utente",
+        "password": "Password"
    }
 }
--- a/i18n/salvi.ru.json
+++ b/i18n/salvi.ru.json
@ -0,0 +1,5 @@
+{
+    "ru":{
+        "welcome": "Добро пожаловать в {0}!"
+    }
+}
--- a/templates/backlinks.html
+++ b/templates/backlinks.html
@ -8,7 +8,7 @@

 {% block content %}
 <h1 id="firstHeading">{{ p.title }}</h1>
-<div class="preview-subtitle">Backlinks</div>
+<div class="preview-subtitle">{{ T('backlinks') }}</div>

 {% if backlinks %}
 <ul>
@ -19,9 +19,9 @@
 {% endfor %}
 </ul>
 {% else %}
-<p class="placeholder">No other pages linking here. Is this page orphan?</p>
+<p class="placeholder">{{ T("backlinks-empty") }}</p>
 {% endif %}

-<p>Back to <a href="{{ p.get_url() }}">{{ p.title }}</a>.</p>
+<p>{{ T("back-to") }} <a href="{{ p.get_url() }}">{{ p.title }}</a>.</p>
 {% endblock %}

--- a/templates/base.html
+++ b/templates/base.html
@ -28,6 +28,7 @@
      <li><a href="/search/" title="{{ T('search') }}" rel="nofollow"><span class="material-icons">search</span></a></li>
      <li><a href="/p/random/" title="{{ T('random-page') }}" rel="nofollow"><span class="material-icons">shuffle</span></a></li>
      <li><a href="/create/" title="{{ T('new-note') }}" rel="nofollow"><span class="material-icons">create</span></a></li>
+      <li><a href="/accounts/login/" title="{{ T('login') }}" rel="nofollow"><span class="material-icons">login</span></a></li>
    </ul>
    <div class="footer">
      <div class="footer-copyright">&copy; 2020–2022 Sakuragasaki46.</div>
--- a/templates/login.html
+++ b/templates/login.html
@ -0,0 +1,33 @@
+{% extends "base.html" %}
+
+{% block title %}{{ T('login') }} – {{ app_name }}{% endblock %}
+
+{% block content %}
+<h1>{{ T('login') }}</h1>
+
+<form method="POST">
+    <input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+    <div>
+        <label>{{ T('username') }}:</label>
+        <input type="text" name="username" />
+    </div>
+    <div>
+        <label>{{ T('password') }}:</label>
+        <input type="password" name="password" />
+    </div>
+    <div>
+        <label>{{ T('remember-me-for') }}</label>
+        <select name="remember">
+            <option value="0">This session only</option>
+            <option value="7">A week</option>
+            <option value="30">A month</option>
+            <option value="365">A year</option>
+        </select>
+    </div>
+    <div>
+        <input type="submit" value="{{ T('login') }}" />
+    </div>
+</form>
+
+<p>{{ T('no-account-sign-up') }}</p>
+{% endblock %}