routes.py 2.22 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68


from functools import wraps

from flask_login import current_user
from flask import render_template, request, redirect, url_for, flash, current_app
from flask_login import login_user, logout_user

from app.auth.models import User
from app.auth import bp


#
# Decorator used to protect routes by role
# inspired from https://flask.palletsprojects.com/en/master/patterns/viewdecorators/
#
def role_required(role):
    def decorator(f):
        @wraps(f)
        def decorated_function(*args, **kwargs):
            try:
                if current_app.config['ROLE_DISABLED']:
                    return f(*args, **kwargs)
            except KeyError:
                # no such config, juste ignore
                pass
            # first check use is logged in
            if not current_user or not current_user.is_authenticated:
                flash(f"Vous devez vous authentifier avec la fonction '{role}'", 'warning')
                return redirect(url_for('auth.login'))
            # then check role status
            try:
                is_authorised = current_user.has_role_or_higher(role)
            except ValueError:
                raise Exception("Unknowk role provided %s" % role)
            if not is_authorised:
                flash("Vous n'avez pas les autorisations pour accéder à cette page", 'dark')
                return redirect(url_for('main.index'))
            return f(*args, **kwargs)

        return decorated_function

    return decorator


@bp.route('/login')
def login():
    return render_template('login.html', title="Login")


@bp.route('/login', methods=['POST'])
def login_post():
    user_login = request.form.get('login')
    user_password = request.form.get('password')
    # user_remember = request.form.get('remember')
    user = User.query.filter_by(login=user_login).one_or_none()
    if user and user.password == user_password:
        login_user(user)
        flash("Connection Réussie !", 'success')
        return redirect(url_for('main.index'))
    else:
        flash("Mauvais login ou mot de passe.", 'warning')
        return redirect(url_for('auth.login'))


@bp.route('/logout')
def logout():
    logout_user()
    flash("Vous êtes maintenant déconnecté", 'info')
    return redirect(url_for('main.index'))