PDC-IRAP / pdc-web

Blame view

app/auth/routes.py 2.23 KB
Edit Raw Normal View History
6db3bb00   hitier   New role_required... 
1
2
3
 
from functools import wraps

from flask_login import current_user
08d06308   hitier   New ROLE_DISABLED... 
4
 
from flask import render_template, request, redirect, url_for, flash, current_app
59f42c31   hitier   Allow logout 
5
 
from flask_login import login_user, logout_user
fcac7c5d   hitier   New auth blueprin... 
6
6db3bb00   hitier   New role_required... 
7
8
9
10
11
12
13
14
15
16
17
18
 
from app.auth.models import User
from app.auth import bp


#
# Decorator used to protect routes by role
# inspired from https://flask.palletsprojects.com/en/master/patterns/viewdecorators/
#
def role_required(role):
    def decorator(f):
        @wraps(f)
        def decorated_function(*args, **kwargs):
08d06308   hitier   New ROLE_DISABLED... 
19
20
21
22
 
            try:
                if current_app.config['ROLE_DISABLED']:
                    return f(*args, **kwargs)
            except KeyError:
3b0d5feb   hitier   New Site_Login ca... 
23
 
                # no such config, juste ignore
08d06308   hitier   New ROLE_DISABLED... 
24
 
                pass
6db3bb00   hitier   New role_required... 
25
26
 
            # first check use is logged in
            if not current_user or not current_user.is_authenticated:
08d06308   hitier   New ROLE_DISABLED... 
27
 
                flash(f"Vous devez vous authentifier avec la fonction '{role}'", 'warning')
6db3bb00   hitier   New role_required... 
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
                return redirect(url_for('auth.login'))
            # then check role status
            try:
                is_authorised = current_user.has_role_or_higher(role)
            except ValueError:
                raise Exception("Unknowk role provided %s" % role)
            if not is_authorised:
                flash("Vous n'avez pas les autorisations pour accéder à cette page", 'dark')
                return redirect(url_for('main.index'))
            return f(*args, **kwargs)

        return decorated_function

    return decorator
fcac7c5d   hitier   New auth blueprin... 
42
43
44
45
46
 


@bp.route('/login')
def login():
    return render_template('login.html', title="Login")
6d1690d1   hitier   All login mechani... 
47
0d4479a4   hitier   Add login mechanism 
48
6d1690d1   hitier   All login mechani... 
49
50
51
52
 
@bp.route('/login', methods=['POST'])
def login_post():
    user_login = request.form.get('login')
    user_password = request.form.get('password')
2816e773   hitier   Set flash with bo... 
53
 
    # user_remember = request.form.get('remember')
0d4479a4   hitier   Add login mechanism 
54
 
    user = User.query.filter_by(login=user_login).one_or_none()
82642adb   hitier   Update routes and... 
55
 
    if user and user.check_password(user_password):
0d4479a4   hitier   Add login mechanism 
56
 
        login_user(user)
2816e773   hitier   Set flash with bo... 
57
 
        flash("Connection Réussie !", 'success')
0d4479a4   hitier   Add login mechanism 
58
59
 
        return redirect(url_for('main.index'))
    else:
2816e773   hitier   Set flash with bo... 
60
 
        flash("Mauvais login ou mot de passe.", 'warning')
0d4479a4   hitier   Add login mechanism 
61
 
        return redirect(url_for('auth.login'))
59f42c31   hitier   Allow logout 
62
63
64
65
66
 


@bp.route('/logout')
def logout():
    logout_user()
2816e773   hitier   Set flash with bo... 
67
 
    flash("Vous êtes maintenant déconnecté", 'info')
59f42c31   hitier   Allow logout 
68
 
    return redirect(url_for('main.index'))