Post-redirect-get for auth.login

This commit is contained in:
Tim Van Baak 2020-04-27 20:38:53 -07:00
parent 4b57c6a5de
commit a83a30efdb
2 changed files with 21 additions and 15 deletions

View File

@ -46,19 +46,27 @@ bp_auth = Blueprint('auth', __name__,
def login(): def login():
model_factory: ModelFactory = current_app.config['model_factory'] model_factory: ModelFactory = current_app.config['model_factory']
form = LoginForm() form = LoginForm()
if form.validate_on_submit():
if not form.validate_on_submit():
# Either the request was GET and we should render the form,
# or the request was POST and validation failed.
return render_template('auth.login.jinja', form=form)
# POST with valid data
username = form.username.data username = form.username.data
user = model_factory.try_user(username) user = model_factory.try_user(username)
if user is not None and user.check_password(form.password.data): if not user or not user.check_password(form.password.data):
# Bad creds
flash("Login not recognized")
return redirect(url_for('auth.login'))
# Login credentials were correct
remember_me = form.remember.data remember_me = form.remember.data
login_user(user, remember=remember_me) login_user(user, remember=remember_me)
with user.ctx.edit_config() as cfg: with user.ctx.edit_config() as cfg:
cfg.last_login = int(time.time()) cfg.last_login = int(time.time())
logger.info('Logged in user "{0.username}" ({0.uid})' logger.info('Logged in user "{0.username}" ({0.uid})'.format(user.cfg))
.format(user.cfg))
return redirect(url_for('home.home')) return redirect(url_for('home.home'))
flash("Login not recognized")
return render_template('auth.login.jinja', form=form)
@bp_auth.route("/logout/", methods=['GET']) @bp_auth.route("/logout/", methods=['GET'])

View File

@ -2,14 +2,12 @@ from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, BooleanField, SubmitField from wtforms import StringField, PasswordField, BooleanField, SubmitField
from wtforms.validators import DataRequired from wtforms.validators import DataRequired
from amanuensis.server.forms import User
class LoginForm(FlaskForm): class LoginForm(FlaskForm):
"""/auth/login/""" """/auth/login/"""
username = StringField( username = StringField(
'Username', 'Username',
validators=[DataRequired(), User()]) validators=[DataRequired()])
password = PasswordField( password = PasswordField(
'Password', 'Password',
validators=[DataRequired()]) validators=[DataRequired()])