Refactored, redesigned Authmethods
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
from flask import render_template, request, make_response
|
||||
from flask import render_template, request, make_response, redirect
|
||||
import database, re, bcrypt, secrets, time
|
||||
|
||||
from app import app
|
||||
@@ -24,6 +24,15 @@ def get_session(request):
|
||||
|
||||
return sessioninfo[0] + (sessionid,)
|
||||
|
||||
@app.route("/auth/headerbar")
|
||||
def headerbar():
|
||||
sessioninfo = get_session(request)
|
||||
|
||||
if not sessioninfo:
|
||||
return render_template("auth/headerbar.html", loggedin=False)
|
||||
|
||||
return render_template("auth/headerbar.html", loggedin=True)
|
||||
|
||||
@app.route("/auth/sessioninfo", methods=['GET'])
|
||||
def sessioninfo():
|
||||
time.sleep(secrets.randbelow(100)/50) # Rate limiting
|
||||
@@ -49,7 +58,7 @@ def sessioninfo():
|
||||
def logout():
|
||||
sessioninfo = get_session(request)
|
||||
|
||||
response = make_response("Erfolgreich abgemeldet")
|
||||
response = redirect("/")
|
||||
response.set_cookie('session', value='', expires=0)
|
||||
|
||||
if not sessioninfo:
|
||||
@@ -57,7 +66,7 @@ def logout():
|
||||
|
||||
database.execute("DELETE FROM session WHERE value = ?", [sessioninfo[4]])
|
||||
|
||||
return response
|
||||
return response
|
||||
|
||||
@app.route("/auth/login", methods=['GET', 'POST'])
|
||||
def login():
|
||||
@@ -118,7 +127,7 @@ def login():
|
||||
(uidquery, int(time.time()), timeout, "", session)
|
||||
)
|
||||
|
||||
response = make_response(render_template("auth/loginsuccess.html", username=username))
|
||||
response = redirect("/")
|
||||
response.set_cookie('session', value=session, expires=timeout)
|
||||
return response
|
||||
|
||||
|
||||
Reference in New Issue
Block a user