diff --git a/backend/README.md b/backend/README.md index db2552a..fcc71d9 100644 --- a/backend/README.md +++ b/backend/README.md @@ -8,6 +8,9 @@ pip install python-dotenv pip install flask-wtf pip install flask-sqlalchemy pip install flask-migrate +pip install flask-login +pip install email-validator + pip freeze > requirements.txt ``` diff --git a/backend/app/__init__.py b/backend/app/__init__.py index ecf426c..d57d604 100644 --- a/backend/app/__init__.py +++ b/backend/app/__init__.py @@ -2,11 +2,14 @@ from flask import Flask from config import Config from flask_sqlalchemy import SQLAlchemy from flask_migrate import Migrate +from flask_login import LoginManager app = Flask(__name__) app.config.from_object(Config) db = SQLAlchemy(app) migrate = Migrate(app, db) +login = LoginManager(app) +login.login_view = 'login' from app import routes, models diff --git a/backend/app/forms.py b/backend/app/forms.py index 7462ea6..fe31c0e 100644 --- a/backend/app/forms.py +++ b/backend/app/forms.py @@ -1,6 +1,9 @@ from flask_wtf import FlaskForm from wtforms import StringField, PasswordField, BooleanField, SubmitField -from wtforms.validators import DataRequired +from wtforms.validators import DataRequired, ValidationError, Email, EqualTo +import sqlalchemy as sa +from app import db +from app.models import User class LoginForm(FlaskForm): username = StringField('Username', validators=[DataRequired()]) @@ -8,3 +11,19 @@ class LoginForm(FlaskForm): remember_me = BooleanField('Remember Me') submit = SubmitField('Sign In') +class RegistrationForm(FlaskForm): + username = StringField('Username', validators=[DataRequired()]) + email = StringField('Email', validators=[DataRequired(), Email()]) + password = PasswordField('Password', validators=[DataRequired()]) + password2 = PasswordField('Repeat Password', validators=[DataRequired()]) + submit = SubmitField('Register') + + def validate_username(self, username): + user = db.session.scalar(sa.select(User).where(User.username == username.data)) + if user is not None: + raise ValidationError('Please use a different username.') + + def validate_email(self, email): + user = db.session.scalar(sa.select(User).where(User.email == email.data)) + if user is not None: + raise ValidationError('Please use a different email address.') diff --git a/backend/app/models.py b/backend/app/models.py index 3f4e1f5..36cbb11 100644 --- a/backend/app/models.py +++ b/backend/app/models.py @@ -2,15 +2,21 @@ from datetime import datetime, timezone from typing import Optional import sqlalchemy as sa import sqlalchemy.orm as so -from app import db +from app import db, login +from werkzeug.security import generate_password_hash, check_password_hash +from flask_login import UserMixin -class User(db.Model): +class User(UserMixin, db.Model): id: so.Mapped[int] = so.mapped_column(primary_key=True) username: so.Mapped[str] = so.mapped_column(sa.String(64), index=True, unique=True) email: so.Mapped[str] = so.mapped_column(sa.String(120), index=True, unique=True) password_hash: so.Mapped[Optional[str]] = so.mapped_column(sa.String(256)) posts: so.WriteOnlyMapped['Post'] = so.relationship(back_populates='author') + def set_password(self, password): + self.password_hash = generate_password_hash(password) + def check_password(self, password): + return check_password_hash(self.password_hash, password) def __repr__(self): return ''.format(self.username) @@ -25,3 +31,6 @@ class Post(db.Model): return ''.format(self.body) +@login.user_loader +def load_user(id): + return db.session.get(User, int(id)) diff --git a/backend/app/routes.py b/backend/app/routes.py index 5e2a53f..72d750a 100644 --- a/backend/app/routes.py +++ b/backend/app/routes.py @@ -1,9 +1,14 @@ -from flask import render_template, flash, redirect, url_for -from app import app -from app.forms import LoginForm +from flask import render_template, flash, redirect, url_for, request +from urllib.parse import urlsplit +from app import app, db +from app.forms import LoginForm, RegistrationForm +from flask_login import current_user, login_user, logout_user, login_required +import sqlalchemy as sa +from app.models import User @app.route('/') @app.route('/index') +@login_required def index(): user = {'username': 'Finnaa'} @@ -18,14 +23,42 @@ def index(): } ] #return posts; - return render_template('index.html', title='Home', user=user, posts=posts) + return render_template('index.html', title='Home', posts=posts) @app.route('/login', methods=['GET', 'POST']) def login(): + if current_user.is_authenticated: + return redirect(url_for('index')) form = LoginForm() if form.validate_on_submit(): - flash('Login requested for user {}, remember_me={}'.format(form.username.data, form.remember_me.data)) - return redirect(url_for('index')) + user = db.session.scalar(sa.select(User).where(User.username == form.username.data)) + if user is None or not user.check_password(form.password.data): + flash('Invalid u or p') + return redirect(url_for('login')) + login_user(user, remember=form.remember_me.data) + next_page = request.args.get('next') + if not next_page or urlsplit(next_page).netloc != '': + next_page = url_for('index') + return redirect(next_page) return render_template('login.html', title='Sign In', form=form) +@app.route('/logout') +def logout(): + logout_user() + return redirect(url_for('index')) + +@app.route('/register', methods=['GET', 'POST']) +def register(): + if current_user.is_authenticated: + return redirect(url_for('index')) + form = RegistrationForm() + if form.validate_on_submit(): + user = User(username=form.username.data, email=form.email.data) + user.set_password(form.password.data) + db.session.add(user) + db.session.commit() + flash('User has been created.') + return redirect(url_for('login')) + return render_template('register.html', title='Register', form=form) + diff --git a/backend/app/templates/base.html b/backend/app/templates/base.html index 8ecf3bb..e83424e 100644 --- a/backend/app/templates/base.html +++ b/backend/app/templates/base.html @@ -12,7 +12,11 @@
blgo: home + {% if current_user.is_anonymous %} login + {% else %} + logout + {% endif %}
@@ -20,7 +24,7 @@ {% if messages %} {% endif %} diff --git a/backend/app/templates/index.html b/backend/app/templates/index.html index ab4fd46..e2b6d0b 100644 --- a/backend/app/templates/index.html +++ b/backend/app/templates/index.html @@ -1,7 +1,7 @@ {% extends "base.html" %} {% block content %} -

Helloo, {{ user.username }}!

+

Hello, {{ current_user.username }}!

{% for post in posts %}

{{ post.author.username }} says: {{ post.body }}

{% endfor %} diff --git a/backend/app/templates/login.html b/backend/app/templates/login.html index e159759..c604808 100644 --- a/backend/app/templates/login.html +++ b/backend/app/templates/login.html @@ -22,4 +22,7 @@

{{ form.submit }}

+

Register Here

+ + {% endblock %} diff --git a/backend/app/templates/register.html b/backend/app/templates/register.html new file mode 100644 index 0000000..02b4226 --- /dev/null +++ b/backend/app/templates/register.html @@ -0,0 +1,40 @@ +{% extends "base.html" %} + +{% block content %} + +

Register

+
+ {{ form.hidden_tag() }} +

+ {{ form.username.label }}
+ {{ form.username(size=32) }}
+ {% for error in form.username.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.email.label }}
+ {{ form.email(size=64) }}
+ {% for error in form.email.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.password.label }}
+ {{ form.password(size=64) }}
+ {% for error in form.password.errors %} + [{{ error }}] + {% endfor %} +

+

+ {{ form.password2.label }}
+ {{ form.password2(size=64) }}
+ {% for error in form.password2.errors %} + [{{ error }}] + {% endfor %} +

+

{{ form.submit }}

+
+ + +{% endblock %} diff --git a/backend/requirements.txt b/backend/requirements.txt index 77e38d7..98e3753 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -1,11 +1,15 @@ alembic==1.13.2 blinker==1.8.2 click==8.1.7 +dnspython==2.6.1 +email_validator==2.2.0 Flask==3.0.3 +Flask-Login==0.6.3 Flask-Migrate==4.0.7 Flask-SQLAlchemy==3.1.1 Flask-WTF==1.2.1 greenlet==3.0.3 +idna==3.7 itsdangerous==2.2.0 Jinja2==3.1.4 Mako==1.3.5