Commit 94731156 authored by Floréal Cabanettes's avatar Floréal Cabanettes

Make login functionnal + make login required for panel pages + add logout endpoint

parent c76f9248
......@@ -2,19 +2,19 @@
import json
import hashlib
from flask import Flask, render_template, request, jsonify, Response
from flask import Flask, render_template, request, flash, redirect, url_for, session
from flask_mongoengine import MongoEngine
from flask_bcrypt import Bcrypt
from flask_bcrypt import check_password_hash, generate_password_hash
from settings import DB_NAME, SITE_NAME, TIMEZONE, LOCALE
from werkzeug.exceptions import NotFound
from flask_babel import Babel
from flask_babel import gettext as _
from jinja2 import ext
from mongoengine.errors import DoesNotExist
from view.register import page as register
from view.panel import page as panel
from settings import SECRET_KEY
from settings import SECRET_KEY, PASSWORD_HASH_ROUNDS
from mail import send_mail
from model.recipe import Recipe, Ingredient, Instruction, Category
......@@ -30,7 +30,6 @@ app.register_blueprint(panel)
app.secret_key = SECRET_KEY
babel = Babel(app)
db = MongoEngine(app)
crypt = Bcrypt(app)
@app.context_processor
......@@ -68,6 +67,35 @@ def login():
if "after" in request.args and request.args.get("after") is not None:
after = request.args.get("after")
return render_template("web/login.html", email=email, after=after, title=_("Login") + " | " + SITE_NAME)
email = request.form['email']
password = request.form['password']
after = None
if "after" in request.form:
after = request.form["after"]
try:
user = User.objects.get(email=email)
if not check_password_hash(user.password, password):
raise DoesNotExist()
except DoesNotExist:
flash("error|" + _("Bad mail or password"))
if after is not None:
return redirect(url_for("login", email=email, after=after))
else:
return redirect(url_for("login", email=email))
else:
session["email"] = email
session["is_authenticated"] = True
session["name"] = user.name
return redirect("/" if after is None else after)
@app.route("/logout", methods=["GET"])
def logout():
session["is_authenticated"] = False
del session["email"]
del session["name"]
return redirect(url_for("home"))
@app.errorhandler(NotFound)
......
......@@ -8,6 +8,7 @@ fr = {
"E-mail must be valid": "Le mail n'est pas valide",
"E-mails does not match": "Les mails ne correspondent pas",
"Field required": "Champs requis",
"Forgotten password": "Mot de passe oublié",
"Login|||title": "Se connecter",
"Min 12 characters": "Min 12 caractères",
"Name": "Nom",
......
......@@ -11,13 +11,14 @@ Vue.component("main-login", {
</v-card-title>
<form action='login' method='POST'>
<v-card-text>
<v-text-field :label='tr("E-mail")' type='text' name='email' id='email' v-model="login"></v-text-field>
<v-text-field :label='tr("E-mail")' type='text' name='email' id='email' v-model="email_data"></v-text-field>
<v-text-field :label='tr("Password")' type='password' name='password' id='password'></v-text-field>
</v-card-text>
<input type="hidden" name="after" :value="after !== null ? after : '/'"/>
<v-card-actions>
<v-spacer></v-spacer>
<v-btn type='submit' name='submit'>{{ tr("Connexion") }}</v-btn>
<v-btn name='reset-password'>{{ tr("Forgotten password") }}</v-btn>
<v-btn type='submit' name='submit' color="primary">{{ tr("Connexion") }}</v-btn>
</v-card-actions>
</form>
</v-card>
......@@ -37,6 +38,13 @@ Vue.component("main-login", {
}
},
data() { return {
login: this.username
}}
email_data: this.email
}},
mounted() {
if (this.email === null || this.email === "") {
$("#email").focus();
} else {
$("#password").focus();
}
}
});
......@@ -6,5 +6,5 @@
{% endblock %}
{% block bodycontent %}
<main-login email="{{ email }}"></main-login>
<main-login email="{{ email }}" {% if after %}after="{{ after }}"{% endif %}></main-login>
{% endblock %}
\ No newline at end of file
......@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: PROJECT VERSION\n"
"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
"POT-Creation-Date: 2019-09-08 18:45+0200\n"
"PO-Revision-Date: 2019-09-08 18:45+0200\n"
"POT-Creation-Date: 2019-09-08 22:35+0200\n"
"PO-Revision-Date: 2019-09-08 22:36+0200\n"
"Last-Translator: \n"
"Language: fr\n"
"Language-Team: fr <LL@li.org>\n"
......@@ -19,14 +19,18 @@ msgstr ""
"Generated-By: Babel 2.7.0\n"
"X-Generator: Poedit 2.0.6\n"
#: app.py:58 view/panel.py:11
#: app.py:57 view/panel.py:18
msgid "Panel"
msgstr "Panel"
#: app.py:70
#: app.py:69
msgid "Login"
msgstr "Connexion"
#: app.py:80
msgid "Bad mail or password"
msgstr "Mauvais e-mail ou mauvais mot de passe"
#: templates/404.html:321
msgid "GO BACK HOME"
msgstr "RETOURNER À LA MAISON"
......@@ -35,19 +39,23 @@ msgstr "RETOURNER À LA MAISON"
msgid "Close"
msgstr "Fermer"
#: view/register.py:19
#: view/panel.py:12
msgid "Please login to continue"
msgstr "Veuillez vous connecter pour continuer"
#: view/register.py:20
msgid "Register"
msgstr "Créer un compte"
#: view/register.py:27
#: view/register.py:28
msgid "Missing required fields"
msgstr "Des champs requis sont manquants"
#: view/register.py:38
#: view/register.py:40
msgid "please activate your account"
msgstr "veuillez activer votre compte"
#: view/register.py:39
#: view/register.py:41
#, python-format
msgid ""
"Welcome %s,\n"
......@@ -58,7 +66,7 @@ msgstr ""
"\n"
"Merci de cliquer sur ce lien afin d'activer cotre compte sur %s :\n"
#: view/register.py:42
#: view/register.py:44
msgid ""
"User successfully created. Please check your mail to validate your "
"account."
......@@ -66,14 +74,14 @@ msgstr ""
"Utilisateur créé avec succès. Veuillez vérifier vos mails afin de "
"valider votre compte."
#: view/register.py:45
#: view/register.py:47
msgid "There is already a user with this mail address"
msgstr "Un utilisateur existe déjà avec cette adresse e-mail"
#: view/register.py:53
#: view/register.py:55
msgid "Invalid request"
msgstr "Requête invalide"
#: view/register.py:63
#: view/register.py:65
msgid "Your account is now active. You can login in"
msgstr "Votre compte est maintenant activé. Vous pouvez vous connecter"
......@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PROJECT VERSION\n"
"Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
"POT-Creation-Date: 2019-09-08 18:45+0200\n"
"POT-Creation-Date: 2019-09-08 22:35+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
......@@ -17,14 +17,18 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: Babel 2.7.0\n"
#: app.py:58 view/panel.py:11
#: app.py:57 view/panel.py:18
msgid "Panel"
msgstr ""
#: app.py:70
#: app.py:69
msgid "Login"
msgstr ""
#: app.py:80
msgid "Bad mail or password"
msgstr ""
#: templates/404.html:321
msgid "GO BACK HOME"
msgstr ""
......@@ -33,19 +37,23 @@ msgstr ""
msgid "Close"
msgstr ""
#: view/register.py:19
#: view/panel.py:12
msgid "Please login to continue"
msgstr ""
#: view/register.py:20
msgid "Register"
msgstr ""
#: view/register.py:27
#: view/register.py:28
msgid "Missing required fields"
msgstr ""
#: view/register.py:38
#: view/register.py:40
msgid "please activate your account"
msgstr ""
#: view/register.py:39
#: view/register.py:41
#, python-format
msgid ""
"Welcome %s,\n"
......@@ -53,21 +61,21 @@ msgid ""
"Please click on this link to activate your account on %s:\n"
msgstr ""
#: view/register.py:42
#: view/register.py:44
msgid ""
"User successfully created. Please check your mail to validate your "
"account."
msgstr ""
#: view/register.py:45
#: view/register.py:47
msgid "There is already a user with this mail address"
msgstr ""
#: view/register.py:53
#: view/register.py:55
msgid "Invalid request"
msgstr ""
#: view/register.py:63
#: view/register.py:65
msgid "Your account is now active. You can login in"
msgstr ""
from flask import Blueprint, render_template
from flask import Blueprint, render_template, session, redirect, flash, url_for, request, Response
from flask_babel import gettext as _
from settings import SITE_NAME
......@@ -6,6 +6,16 @@ from settings import SITE_NAME
page = Blueprint('panel', __name__)
@page.before_request
def before_request():
if "is_authenticated" not in session or session["is_authenticated"] is None or not session["is_authenticated"]:
if "application/json" in dict(request.accept_mimetypes):
return Response(response={"success": False, "message": _("Not authenticated")}, status=403,
mimetype="application/json")
flash("error|" + _("Please login to continue"))
return redirect(url_for("login", after=request.full_path, email=session["email"] if "email" in session else ""))
@page.route('/panel')
def panel_home():
return render_template("panel/basis.html", title=_("Panel") + " | " + SITE_NAME)
\ No newline at end of file
return render_template("panel/basis.html", title=_("Panel") + " | " + SITE_NAME)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment