From 3406ff33581cb57d9e55f1fa9a2fd7a61eb2ebb7 Mon Sep 17 00:00:00 2001
From: forest <forest.n.johnson@gmail.com>
Date: Sat, 9 May 2020 23:32:13 -0500
Subject: [PATCH] login is working

---
 capsulflask/auth.py             | 11 +++++++++++
 capsulflask/model.py            |  9 ++++++++-
 capsulflask/templates/base.html |  4 ++--
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/capsulflask/auth.py b/capsulflask/auth.py
index 306f8dd..b8177d9 100644
--- a/capsulflask/auth.py
+++ b/capsulflask/auth.py
@@ -10,6 +10,7 @@ from flask import request
 from flask import session
 from flask import render_template
 from flask_mail import Message
+from werkzeug.exceptions import abort
 
 from capsulflask.db import get_model
 
@@ -61,6 +62,16 @@ def login():
 
     return render_template("login.html")
 
+@bp.route("/magic/<string:token>", methods=("GET", ))
+def magiclink(token):
+    email = get_model().consumeToken(token)
+    if email is not None:
+        session.clear()
+        session["account"] = email
+        return redirect(url_for("index"))
+    else:
+        abort(404, f"Token {token} doesn't exist or has already been used.")
+
 @bp.route("/logout")
 def logout():
     session.clear()
diff --git a/capsulflask/model.py b/capsulflask/model.py
index 41526cd..ce75c7f 100644
--- a/capsulflask/model.py
+++ b/capsulflask/model.py
@@ -14,8 +14,15 @@ class Model:
 
     token = generate()
     self.cursor.execute("INSERT INTO logintokens (email, token) VALUES (%s, %s)", (email, token))
-
     self.connection.commit()
 
     return token
     
+  def consumeToken(self, token):
+    self.cursor.execute("SELECT email FROM logintokens WHERE token = %s", (token, ))
+    rows = self.cursor.fetchall()
+    if len(rows) > 0:
+      self.cursor.execute("DELETE FROM logintokens WHERE token = %s", (token, ))
+      self.connection.commit()
+      return rows[0][0]
+    return None
\ No newline at end of file
diff --git a/capsulflask/templates/base.html b/capsulflask/templates/base.html
index 6ffa507..3294226 100644
--- a/capsulflask/templates/base.html
+++ b/capsulflask/templates/base.html
@@ -13,8 +13,8 @@
 <header>
 
     <div class="float-right">
-      {% if g.user %}
-        <span>{{ g.user['username'] }}</span>
+      {% if session["account"] %}
+        <span>{{ session["account"] }}</span>
         <a href="{{ url_for('auth.logout') }}">Log Out</a>
       {% else %}
         <a href="{{ url_for('auth.login') }}">Log In</a>