You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
PCv5/app/routes/account/login.py

69 lines
2.3 KiB

from flask import redirect, url_for, request, flash
from flask_login import login_user, logout_user, login_required, current_user
from app import app
from app.forms.login import LoginForm
from app.models.users import Member
from app.models.privs import Group
from app.utils.render import render
from config import V5Config
@app.route('/login', methods=['GET', 'POST'])
def login():
if current_user.is_authenticated:
return redirect(url_for('index'))
form = LoginForm()
if form.validate_on_submit():
member = Member.query.filter_by(name=form.username.data).first()
# Check if member can login
if "No login" in [g.name for g in member.groups]:
flash('Cet utilisateur ne peut pas se connecter', 'error')
if request.referrer:
return redirect(request.referrer)
return redirect(url_for('index'))
# Check if password is ok
if member is None or not member.check_password(form.password.data):
flash('Pseudo ou mot de passe invalide', 'error')
if request.referrer:
return redirect(request.referrer)
return redirect(url_for('index'))
# Login & update time-based trophies
login_user(member, remember=form.remember_me.data,
duration=V5Config.REMEMBER_COOKIE_DURATION)
member.update_trophies("on-login")
# Redirect safely (https://huit.re/open-redirect)
def is_safe_url(target):
ref_url = urlparse(request.host_url)
test_url = urlparse(urljoin(request.host_url, target))
return test_url.scheme in ('http', 'https') and \
ref_url.netloc == test_url.netloc
next = request.args.get('next')
if next and is_safe_url(next):
return redirect(next)
if request.referrer:
return redirect(request.referrer)
return redirect(url_for('index'))
return render('login.html', form=form)
@app.route('/logout')
@login_required
def logout():
try:
print(request.referrer)
except Exception as e:
print('No referrer:', e)
logout_user()
flash('Déconnexion réussie', 'info')
if request.referrer:
return redirect(request.referrer)
return redirect(url_for('index'))