31 lines
1 KiB
Python
31 lines
1 KiB
Python
import json
|
|
|
|
from flask import request, redirect, render_template, g, abort
|
|
|
|
from roc_fnb.util import log
|
|
from roc_fnb.website.server.decorators import require_user, logger_request_bindings
|
|
|
|
def setup_user_routes(app, db):
|
|
@app.post('/login')
|
|
@logger_request_bindings(log)
|
|
def submit_login(log):
|
|
form = request.json
|
|
log.info('user attempting login', name=form.get('name'))
|
|
user = db.get_user_by_name(form['name'])
|
|
if not user.check_password(form['password']):
|
|
log.warn('incorrect password submitted', name=form['name'])
|
|
abort(401) # unauthorized
|
|
session['user'] = json.dumps(user.public_fields)
|
|
return redirect('/me')
|
|
|
|
@app.get('/login')
|
|
def render_login_page():
|
|
if getattr(g, 'user', None):
|
|
log.debug('user is already logged in', user=g.user)
|
|
return redirect('/me')
|
|
return render_template('login.html')
|
|
|
|
@app.get('/me')
|
|
@require_user()
|
|
def get_profile():
|
|
return render_template('profile.html', user=g.user) |