]>
git.gir.st - subscriptionfeed.git/blob - app/common/user.py
1 from werkzeug
.security
import generate_password_hash
, check_password_hash
4 from flask_login
import LoginManager
, UserMixin
, login_user
, logout_user
5 from flask
import Blueprint
, flash
, redirect
, render_template
, url_for
, request
7 class User(UserMixin
): # TODO: to common
8 def __init__(self
, id, name
, passwd
, token
):
15 def set_password(self
, passwd
):
16 self
.passwd
= generate_password_hash(passwd
)
17 # ^TODO: store changes to database
18 def check_password(self
, passwd
):
19 return check_password_hash(self
.passwd
, passwd
)
21 def from_id(self
, id):
22 with sqlite3
.connect(cf
['global']['database']) as conn
:
24 c
.execute("SELECT name,password,token FROM users WHERE id = ?", (id,))
26 name
, passwd
, token
= c
.fetchone()
27 except: return None # todo: ugly
28 return User(id, name
, passwd
, token
)
30 def from_name(self
, name
):
31 with sqlite3
.connect(cf
['global']['database']) as conn
:
33 c
.execute("SELECT id,password,token FROM users WHERE name=?", (name
,))
35 id, passwd
, token
= c
.fetchone()
36 except: return None # todo: ugly
37 return User(id, name
, passwd
, token
)
39 def from_token(self
, token
):
40 with sqlite3
.connect(cf
['global']['database']) as conn
:
42 c
.execute("SELECT id,name,password FROM users WHERE token=?", (token
,))
44 id, name
, passwd
, = c
.fetchone()
45 except: return None # todo: ugly
46 return User(id, name
, passwd
, token
)
50 login
= LoginManager()
51 login
.login_view
= 'usermgmt.login_form'
56 # in the future tokens will be invalidable by users. -> https://flask-login.readthedocs.io/en/latest/#alternative-tokens
57 return User
.from_token(token
)
60 def querytoken_auth(request
):
61 if request
.args
.get('token'):
62 return User
.from_token(request
.args
.get('token'))
65 usermgmt
= Blueprint('usermgmt', __name__
,
66 template_folder
='templates',
67 static_folder
='static',
68 static_url_path
='/static/usermgmt')
70 @usermgmt.route('/login')
72 return render_template('login.html.j2')
74 @usermgmt.route('/login', methods
=['POST'])
76 action
= request
.form
.get('action')
78 user
= User
.from_name(request
.form
.get('user'))
79 if user
and user
.check_password(request
.form
.get('password')):
80 login_user(user
, remember
=request
.form
.get('remember'))
81 return redirect(url_for('youtube.index')) # XXX: don't hardcode routes of other blueprints!
82 flash('wrong username and/or password', 'error')
83 elif action
== 'register':
84 flash("open registration currently closed. ask <i>girst</i> on irc://chat.freenode.net/#invidious if you want an account.", 'info')
85 elif action
== 'logout':
87 return redirect(url_for('youtube.index')) # XXX: don't hardcode routes of other blueprints!
89 flash('unsupported action', 'error')
90 return redirect(url_for('usermgmt.login_form'))
92 # NOTE: only register blueprint _after_ adding routes!
93 app
.register_blueprint(usermgmt
)