Add some login machinery.

2013-09-23 12:37:40 -04:00 · 2013-09-23 12:37:40 -04:00 · e107d79612
commit e107d79612
parent 366907b08d
10 changed files with 172 additions and 11 deletions
--- a/app.py
+++ b/app.py
@ -1,10 +1,55 @@
-from flask import Flask, make_response, jsonify
+import logging
+
+from flask import (Flask, make_response, request, abort, render_template,
+                   redirect, url_for)
 from flask.ext.principal import Principal
+from flask.ext.login import login_user, LoginManager
+
+import model

 app = Flask(__name__)
+logger = logging.getLogger(__name__)

 Principal(app, use_sessions=False)

+app.secret_key = '1cb18882-6d12-440d-a4cc-b7430fb5f884'
+
+login_manager = LoginManager()
+login_manager.init_app(app)
+login_manager.login_view = 'signin'
+
+
+@login_manager.user_loader
+def load_user(username):
+  return model.get_user(username)
+
+
+@app.route('/', methods=['GET'])
+def index():
+  return render_template('index.html')
+
+
+@app.route('/signin', methods=['POST'])
+def signin():
+  username = request.form['username']
+  password = request.form['password']
+
+  #TODO Allow email login
+  verified = model.verify_user(username, password)
+  if verified:
+    logger.debug('Successfully signed in as: %s' % username)
+
+    login_user(verified)
+    return redirect(request.args.get('next') or url_for('index'))
+
+  abort(403)
+
+
+@app.route('/signin', methods=['GET'])
+def render_signin_page():
+  return render_template('signin.html')
+
+
@app.route('/_ping')
@app.route('/v1/_ping')
 def ping():