from app import db from app.auth import bp from app.auth.email import send_password_reset_email from app.auth.forms import LoginForm, RegistrationForm, ResetPasswordForm, ResetPasswordRequestForm from app.models import User from app.utils.routes_utils import render_custom_template as render_template from flask import flash, redirect, request, url_for from flask_login import current_user, login_user, logout_user from werkzeug.urls import url_parse @bp.route('/register', methods=['GET', 'POST']) def web_register(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data) user.set_password(form.password.data) db.session.add(user) db.session.commit() flash('Congratulations, you are now a registered user!') return redirect(url_for('auth.web_login')) return render_template('auth/register.html', title='Register', form=form) @bp.route('/login', methods=['GET', 'POST']) def web_login(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = LoginForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user is None or not user.check_password(form.password.data): flash('Invalid email or password') return redirect(url_for('auth.web_login')) login_user(user, remember=form.remember_me.data) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('main.index') return redirect(next_page) return render_template('auth/login.html', title='Sign In', form=form) @bp.route('/logout') def web_logout(): logout_user() return redirect(url_for('main.index')) @bp.route('/reset_password_request', methods=['GET', 'POST']) def reset_password_request(): if current_user.is_authenticated: return redirect(url_for('index')) form = ResetPasswordRequestForm() if form.validate_on_submit(): user = User.query.filter_by(email=form.email.data).first() if user: send_password_reset_email(user) flash('Check your email for the instructions to reset your password') return redirect(url_for('auth.web_login')) return render_template('auth/reset_password_request.html', title='Reset Password', form=form) @bp.route('/reset_password/', methods=['GET', 'POST']) def reset_password(token): if current_user.is_authenticated: return redirect(url_for('index')) user = User.verify_reset_password_token(token) if not user: return redirect(url_for('index')) form = ResetPasswordForm() if form.validate_on_submit(): user.set_password(form.password.data) db.session.commit() flash('Your password has been reset.') return redirect(url_for('auth.web_login')) return render_template('auth/reset_password.html', form=form)