import bcrypt
from sqlalchemy.orm.exc import NoResultFound
from flask import (
Blueprint, render_template, request, session, redirect, url_for
)
from src.data_interface import model
bp = Blueprint("login", __name__)
[docs]def valid_signin(username, password):
is_valid = False
try:
hashed_password = model.User.query\
.with_entities(model.User.password)\
.filter(model.User.username == username)\
.one()[0]
except NoResultFound:
return is_valid
if bcrypt.checkpw(password.encode("utf8"), hashed_password):
is_valid = True
return is_valid
[docs]def valid_signup(username, password):
return all([username, password])
[docs]@bp.route("/signin", methods=("GET", "POST"))
def signin():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if valid_signin(username, password):
session["username"] = username
return redirect(url_for("home.index"))
else:
error = "Bad login"
return render_template("login/signin.html", error=error)
return render_template("login/signin.html")
[docs]@bp.route("/signup", methods=("GET", "POST"))
def signup():
if request.method == "POST":
username = request.form["username"]
password = request.form["password"]
if valid_signup(username, password):
hashed_password = bcrypt.hashpw(
password.encode("utf8"),
bcrypt.gensalt()
)
user = model.User(
username=username,
password=hashed_password
)
model.insert(user)
return redirect(url_for("login.signin"))
return render_template("login/signup.html")
[docs]@bp.route("/signout", methods=("POST",))
def signout():
session.pop("username")
return redirect(url_for("home.index"))