linuxrouter/docker/routlin-dash/app/pages/accountlogin/action.py

from pathlib import Path
from flask import Blueprint, request, session, redirect, flash
import bcrypt
import auth
import config_utils
import sanitize
import settings

_PAGE = Path(__file__).parent.name

bp = Blueprint(_PAGE, __name__)


@bp.route('/action/accountlogin/form_login', methods=['POST'])
@auth.require_level('nothing')
def form_login():
    if session.get('access_level', 'nothing') != 'nothing':
        return redirect('/overview')

    email    = sanitize.email(request.form.get('email', ''))
    password = request.form.get('password', '')

    if not email or not password:
        flash('Email address and password are required.', 'error')
        return redirect(f'/{_PAGE}')

    account = config_utils.get_account_by_email(email)

    if account is None:
        flash('Email address not recognised.', 'error')
        return redirect(f'/{_PAGE}')

    if not account.get('hashed_password'):
        flash('Account setup is not complete. Please use Create Account to set your password first.', 'error')
        return redirect(f'/{_PAGE}')

    if not bcrypt.checkpw(password.encode('utf-8'), account['hashed_password'].encode('utf-8')):
        flash('Invalid email address or password.', 'error')
        return redirect(f'/{_PAGE}')

    session.clear()
    session['account_id']                = account['account_id']
    session['tz_offset_seconds']         = settings.get_host_utc_offset()
    session['apply_changes_immediately'] = False
    session.permanent                    = True

    return redirect('/overview')