Development
This commit is contained in:
parent
f5722f3c7b
commit
d60bf15ce4
15 changed files with 367 additions and 285 deletions
|
|
@ -1,28 +1,19 @@
|
|||
from pathlib import Path
|
||||
from flask import Blueprint, request, session, redirect, flash
|
||||
import json, bcrypt
|
||||
import bcrypt
|
||||
import auth
|
||||
import config_utils
|
||||
import sanitize
|
||||
import settings
|
||||
|
||||
_PAGE = Path(__file__).parent.name
|
||||
|
||||
bp = Blueprint(_PAGE, __name__)
|
||||
|
||||
|
||||
|
||||
def _load_accounts():
|
||||
try:
|
||||
with open(config_utils.ACCOUNTS_FILE) as f:
|
||||
return json.load(f)
|
||||
except Exception:
|
||||
return {'accounts': []}
|
||||
|
||||
|
||||
@bp.route('/action/accountlogin/form_login', methods=['POST'])
|
||||
@auth.require_level('nothing')
|
||||
def form_login():
|
||||
# Abort if already logged in
|
||||
if session.get('access_level', 'nothing') != 'nothing':
|
||||
return redirect('/overview')
|
||||
|
||||
|
|
@ -33,8 +24,7 @@ def form_login():
|
|||
flash('Email address and password are required.', 'error')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
accounts = _load_accounts().get('accounts', [])
|
||||
account = next((a for a in accounts if a.get('email_address', '').lower() == email), None)
|
||||
account = config_utils.get_account_by_email(email)
|
||||
|
||||
if account is None:
|
||||
flash('Email address not recognised.', 'error')
|
||||
|
|
@ -44,16 +34,14 @@ def form_login():
|
|||
flash('Account setup is not complete. Please use Create Account to set your password first.', 'error')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
stored_hash = account['hashed_password'].encode('utf-8')
|
||||
if not bcrypt.checkpw(password.encode('utf-8'), stored_hash):
|
||||
if not bcrypt.checkpw(password.encode('utf-8'), account['hashed_password'].encode('utf-8')):
|
||||
flash('Invalid email address or password.', 'error')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
session.clear()
|
||||
session['email_address'] = account['email_address']
|
||||
session['access_level'] = account.get('access_level', 'viewer')
|
||||
session['timezone'] = account.get('timezone', '')
|
||||
session['account_id'] = account['account_id']
|
||||
session['tz_offset_seconds'] = settings.get_host_utc_offset()
|
||||
session['apply_changes_immediately'] = False
|
||||
session.permanent = True
|
||||
session.permanent = True
|
||||
|
||||
return redirect('/overview')
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue