PDC-IRAP / pdc-web

Blame view

app/auth/routes.py 2.2 KB
Edit Raw Normal View History
6db3bb00   hitier   New role_required... 
1
2
3
 
from functools import wraps

from flask_login import current_user
08d06308   hitier   New ROLE_DISABLED... 
4
 
from flask import render_template, request, redirect, url_for, flash, current_app
59f42c31   hitier   Allow logout 
5
 
from flask_login import login_user, logout_user
fcac7c5d   hitier   New auth blueprin... 
6
6db3bb00   hitier   New role_required... 
7
8
9
 
from app.auth.models import User
from app.auth import bp
65b2833e   hitier   Fix some sonar co... 
10
11
 
main_index = 'main.index'
6db3bb00   hitier   New role_required... 
12
13
14
15
16
17
18
19
20
 

#
# Decorator used to protect routes by role
# inspired from https://flask.palletsprojects.com/en/master/patterns/viewdecorators/
#
def role_required(role):
    def decorator(f):
        @wraps(f)
        def decorated_function(*args, **kwargs):
08d06308   hitier   New ROLE_DISABLED... 
21
22
23
24
 
            try:
                if current_app.config['ROLE_DISABLED']:
                    return f(*args, **kwargs)
            except KeyError:
3b0d5feb   hitier   New Site_Login ca... 
25
 
                # no such config, juste ignore
08d06308   hitier   New ROLE_DISABLED... 
26
 
                pass
6db3bb00   hitier   New role_required... 
27
28
 
            # first check use is logged in
            if not current_user or not current_user.is_authenticated:
08d06308   hitier   New ROLE_DISABLED... 
29
 
                flash(f"Vous devez vous authentifier avec la fonction '{role}'", 'warning')
6db3bb00   hitier   New role_required... 
30
31
32
33
34
 
                return redirect(url_for('auth.login'))
            # then check role status
            try:
                is_authorised = current_user.has_role_or_higher(role)
            except ValueError:
65b2833e   hitier   Fix some sonar co... 
35
 
                raise ValueError("Unknown role provided %s" % role)
6db3bb00   hitier   New role_required... 
36
37
 
            if not is_authorised:
                flash("Vous n'avez pas les autorisations pour accéder à cette page", 'dark')
65b2833e   hitier   Fix some sonar co... 
38
 
                return redirect(url_for(main_index))
6db3bb00   hitier   New role_required... 
39
40
41
42
43
 
            return f(*args, **kwargs)

        return decorated_function

    return decorator
fcac7c5d   hitier   New auth blueprin... 
44
45
46
47
48
 


@bp.route('/login')
def login():
    return render_template('login.html', title="Login")
6d1690d1   hitier   All login mechani... 
49
0d4479a4   hitier   Add login mechanism 
50
6d1690d1   hitier   All login mechani... 
51
52
53
54
 
@bp.route('/login', methods=['POST'])
def login_post():
    user_login = request.form.get('login')
    user_password = request.form.get('password')
0d4479a4   hitier   Add login mechanism 
55
 
    user = User.query.filter_by(login=user_login).one_or_none()
82642adb   hitier   Update routes and... 
56
 
    if user and user.check_password(user_password):
0d4479a4   hitier   Add login mechanism 
57
 
        login_user(user)
2816e773   hitier   Set flash with bo... 
58
 
        flash("Connection Réussie !", 'success')
65b2833e   hitier   Fix some sonar co... 
59
 
        return redirect(url_for(main_index))
0d4479a4   hitier   Add login mechanism 
60
 
    else:
2816e773   hitier   Set flash with bo... 
61
 
        flash("Mauvais login ou mot de passe.", 'warning')
0d4479a4   hitier   Add login mechanism 
62
 
        return redirect(url_for('auth.login'))
59f42c31   hitier   Allow logout 
63
64
65
66
67
 


@bp.route('/logout')
def logout():
    logout_user()
2816e773   hitier   Set flash with bo... 
68
 
    flash("Vous êtes maintenant déconnecté", 'info')
65b2833e   hitier   Fix some sonar co... 
69
 
    return redirect(url_for(main_index))