108536490: Initial effort to implement log in

Add endpoint for post to /sign-in Initialise role data
2026-05-05 16:38:59 -04:00 · 2015-11-27 09:47:29 +00:00
parent 4d2b9c7fc2
commit 7f96ef5a25
17 changed files with 183 additions and 56 deletions
--- a/app/main/init.py
+++ b/app/main/init.py
@@ -3,4 +3,4 @@ from flask import Blueprint
 main = Blueprint('main', __name__)


-from app.main.views import index
+from app.main.views import index, sign_in
--- a/app/main/dao/users_dao.py
+++ b/app/main/dao/users_dao.py
@@ -1,8 +1,10 @@
 from app import db
 from app.models import Users
+from app.main.encryption import encrypt


 def insert_user(user):
+    user.password = encrypt(user.password)
    db.session.add(user)
    db.session.commit()

@@ -13,3 +15,7 @@ def get_user_by_id(id):

 def get_all_users():
    return Users.query.all()
+
+
+def get_user_by_email(email_address):
+    return Users.query.filter_by(email_address=email_address).first()
--- a/app/main/encryption.py
+++ b/app/main/encryption.py
@@ -0,0 +1,7 @@
+import hashlib
+from flask import current_app
+
+
+def encrypt(value):
+    key = current_app.config['SECRET_KEY']
+    return hashlib.sha256((key + value).encode('UTF-8')).hexdigest()
--- a/app/main/forms.py
+++ b/app/main/forms.py
@@ -0,0 +1,14 @@
+from flask_wtf import Form
+from wtforms import StringField, PasswordField
+from wtforms.validators import DataRequired, Email, Length
+
+
+class LoginForm(Form):
+    email_address = StringField('Email address', validators=[
+        Length(255),
+        DataRequired(message='Email cannot be empty'),
+        Email(message='Please enter a valid email address')
+    ])
+    password = PasswordField('Password', validators=[
+        DataRequired(message='Please enter your password')
+    ])
--- a/app/main/views/index.py
+++ b/app/main/views/index.py
@@ -43,11 +43,6 @@ def dashboard():
    return render_template('dashboard.html')


-@main.route("/sign-in")
-def signin():
-    return render_template('signin.html')
-
-
@main.route("/add-service")
 def addservice():
    return render_template('add-service.html')
--- a/app/main/views/sign_in.py
+++ b/app/main/views/sign_in.py
@@ -0,0 +1,43 @@
+from datetime import datetime
+
+from flask import render_template, redirect, url_for, jsonify
+from flask_login import login_user
+
+from app.main import main
+from app.main.forms import LoginForm
+from app.main.dao import users_dao
+from app.models import Users
+from app.main.encryption import encrypt
+
+
+@main.route("/sign-in", methods=(['GET']))
+def render_sign_in():
+    return render_template('signin.html', form=LoginForm())
+
+
+@main.route('/sign-in', methods=(['POST']))
+def process_sign_in():
+    form = LoginForm()
+    if form.validate_on_submit():
+        user = users_dao.get_user_by_email(form.email_address)
+        if user is None:
+            return jsonify(authorization=False), 404
+        if user.password == encrypt(form.password):
+            login_user(user)
+        else:
+            return jsonify(authorization=False), 404
+
+    return redirect('/two-factor')
+
+
+@main.route('/create_user', methods=(['POST']))
+def create_user_for_test():
+    form = LoginForm()
+    user = Users(email_address=form.email_address,
+                 name=form.email_address,
+                 password=form.password,
+                 created_at=datetime.now(),
+                 role_id=1)
+    users_dao.insert_user(user)
+
+    return 'created'
--- a/app/templates/signin.html
+++ b/app/templates/signin.html
@@ -1,7 +1,7 @@
 {% extends "admin_template.html" %}

 {% block page_title %}
-Hello world!
+Sign in
 {% endblock %}

 {% block content %}
@@ -12,19 +12,24 @@ Hello world!

 		<p>If you do not have an account, you can <a href="register">register</a>.</p>

-  		<p>
-  		<label class="form-label" for="email">Email address</label>
-  		<input class="form-control-2-3" id="email" type="text"><br>
-  		</p>
-  		<p>
-  		<label class="form-label" for="password">Password</label>
-  		<input class="form-control-1-4" id="password" type="password"><br>
-  		<span class="font-xsmall"><a href="forgot-password">Forgotten password?</a></span>
-  		</p>
+		<form autocomplete="off" action="" method="post">

-  		<p>
-  		<a class="button" href="two-factor" role="button">Continue</a>
-  		</p>
+			<p>
+			<label class="form-label">Email address</label>
+			{{ form.email_address(class="form-control-2-3", autocomplete="off") }} <br>
+			</p>
+			<p>
+			<label class="form-label">Password</label>
+				 {{ form.password(class="form-control-1-4", autocomplete="off") }} <br>
+			</p>
+			<p>
+			<span class="font-xsmall"><a href="">Forgotten password?</a></span>
+			</p>
+
+			<p>
+			<a class="button" href="two-factor" role="button">Continue</a>
+			</p>
+		</form>
 	</div>
 </div>