login is working

This commit is contained in:
forest 2020-05-09 23:32:13 -05:00
parent 64bca1fd97
commit 3406ff3358
3 changed files with 21 additions and 3 deletions

View File

@ -10,6 +10,7 @@ from flask import request
from flask import session
from flask import render_template
from flask_mail import Message
from werkzeug.exceptions import abort
from capsulflask.db import get_model
@ -61,6 +62,16 @@ def login():
return render_template("login.html")
@bp.route("/magic/<string:token>", methods=("GET", ))
def magiclink(token):
email = get_model().consumeToken(token)
if email is not None:
session.clear()
session["account"] = email
return redirect(url_for("index"))
else:
abort(404, f"Token {token} doesn't exist or has already been used.")
@bp.route("/logout")
def logout():
session.clear()

View File

@ -14,8 +14,15 @@ class Model:
token = generate()
self.cursor.execute("INSERT INTO logintokens (email, token) VALUES (%s, %s)", (email, token))
self.connection.commit()
return token
def consumeToken(self, token):
self.cursor.execute("SELECT email FROM logintokens WHERE token = %s", (token, ))
rows = self.cursor.fetchall()
if len(rows) > 0:
self.cursor.execute("DELETE FROM logintokens WHERE token = %s", (token, ))
self.connection.commit()
return rows[0][0]
return None

View File

@ -13,8 +13,8 @@
<header>
<div class="float-right">
{% if g.user %}
<span>{{ g.user['username'] }}</span>
{% if session["account"] %}
<span>{{ session["account"] }}</span>
<a href="{{ url_for('auth.logout') }}">Log Out</a>
{% else %}
<a href="{{ url_for('auth.login') }}">Log In</a>