Application User Auth

blog-app/blogapp/__init__.py

@@ -3,7 +3,7 @@
 from flask import Flask
 from flask_sqlalchemy import SQLAlchemy   # type: ignore
 from flask_bcrypt import Bcrypt  # type: ignore
-
+from flask_login import LoginManager # type: ignore
 
 
 app = Flask(__name__)
@@ -11,5 +11,8 @@ app.config['SECRET_KEY'] = 'db3746b2ffa650b3804e4316d227f853'
 app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///blogsite.db'
 db = SQLAlchemy(app)
 bcrypt = Bcrypt(app)
+login_manager = LoginManager(app)
+login_manager.login_view = 'login'
+# login_manager.login_message_category = 'info' bootstrap class
 
 from blogapp import routes

blog-app/blogapp/models.py

@@ -1,8 +1,12 @@
 from datetime import datetime
-from blogapp import db
+from blogapp import db, login_manager
+from flask_login import UserMixin # type: ignore
 
+@login_manager.user_loader
+def load_user(user_id):
+    return User.query.get(int(user_id))
 
-class User(db.Model):
+class User(db.Model, UserMixin):
     id = db.Column(db.Integer, primary_key=True)
     username = db.Column(db.String(20), unique=True, nullable=False)
     email = db.Column(db.String(120), unique=True, nullable=False)

blog-app/blogapp/routes.py

@@ -1,8 +1,8 @@
-from flask import render_template, url_for, flash, redirect
+from flask import render_template, url_for, flash, redirect, request
 from blogapp import app, db, bcrypt
 from blogapp.forms import RegistrationForm, LoginForm
 from blogapp.models import User, Post
-
+from flask_login import login_user, current_user, logout_user, login_required  # type: ignore
 
 pagetitle = [
 
@@ -14,6 +14,9 @@ pagetitle = [
     },
     {
         'title': 'register'
+    },
+    {
+        'title': 'account'
     }
 ]
 
@@ -26,6 +29,8 @@ def home():
 
 @app.route("/register", methods=['GET', 'POST'])
 def register():
+    if current_user.is_authenticated:
+        return redirect(url_for('home'))
     form = RegistrationForm()
     if form.validate_on_submit():
         hashed_password = bcrypt.generate_password_hash(
@@ -42,11 +47,25 @@ def register():
 
 @app.route("/login", methods=['GET', 'POST'])
 def login():
+    if current_user.is_authenticated:
+        return redirect(url_for('home'))
     form = LoginForm()
     if form.validate_on_submit():
-        if form.email.data == 'admin' and form.password.data == 'admin':
-            flash(f'You have been log in !')
-            return redirect(url_for('home'))
+        user = User.query.filter_by(email=form.email.data).first()
+        if user and bcrypt.check_password_hash(user.password, form.password.data):
+            login_user(user, remember=form.remember.data)
+            next_page = request.args.get('next')
+            return redirect(next_page) if next_page else redirect(url_for('home'))
         else:
-            flash(f'Login Unsuccessful')
+            flash('Login Unsuccessful. Please check email and password')
     return render_template('login.html', title='login', form=form, pagetitle=pagetitle)
+
+@app.route("/logout")
+def logout():
+    logout_user()
+    return redirect(url_for('home'))
+
+@app.route("/account")
+@login_required
+def account():
+    return render_template('account.html', title='account', pagetitle=pagetitle)

blog-app/blogapp/templates/account.html

@@ -0,0 +1,7 @@
+{% extends "layout.html" %}
+
+{% block content %}
+
+<h2> Welcome {{ current_user.username }} </h2>
+
+{% endblock content %}

blog-app/blogapp/templates/layout.html

@@ -17,8 +17,13 @@
     {% block navbar %}
     <ul>
         <li><a href="{{ url_for('home') }}"> home </a></li>
+        {% if current_user.is_authenticated %}
+        <li><a href="{{ url_for('account') }}"> account </a></li>
+        <li><a href="{{ url_for('logout') }}"> logout </a></li>
+        {% else %}
         <li><a href="{{ url_for('login') }}"> login </a></li>
         <li><a href="{{ url_for('register') }}">register</a></li>
+        {% endif %}
     </ul>
     {% endblock %}
     </header>