from flask import render_template, redirect, request, url_for, flash, session from flask_login import login_user, logout_user, login_required, \ current_user from flask_app.decorators import permission_required from . import auth from .. import db from ..models import User, Permission from .forms import LoginForm, RegistrationForm from sqlalchemy import or_ @auth.before_app_request def before_request(): if current_user.is_authenticated: current_user.ping() @auth.app_errorhandler(403) def forbidden_error(error): return render_template('403.html') @auth.route('/user/') @permission_required(Permission.COMMENT) def pleaselogin(): flash("请先登录再访问该页面!") return redirect(url_for('auth.login')) @auth.route('/post/') @permission_required(Permission.COMMENT) def pleaselogin2(): flash("请先登录再访问该页面!") return redirect(url_for('auth.login')) @auth.route('/login', methods=['GET', 'POST']) def login(): form = LoginForm() if form.validate_on_submit(): user = User.query.filter(or_(User.email == form.email_or_username.data.lower(), User.username == form.email_or_username.data)).first() if user is not None and user.verify_password(form.password.data): #验证成功 login_user(user, form.remember_me.data) session['color'] = user.avatar_color next = session.pop('next', None) if next is None: next = url_for('main.root') return redirect(next) flash('账号或密码错误!') return render_template('auth/login.html', form=form) @auth.route('/logout') @login_required def logout(): logout_user() return redirect(url_for('main.index')) @auth.route('/register', methods=['GET', 'POST']) def register(): form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data.lower(), username=form.username.data, password=form.password.data) user.avatar_color = user.get_random_color() db.session.add(user) db.session.commit() flash('现在可以登录了!') return redirect(url_for('auth.login')) return render_template('auth/register.html', form=form)