it sends a magic link when you log in

2020-05-09 22:59:22 -05:00
parent edb476ec41
commit 64bca1fd97
10 changed files with 137 additions and 28 deletions
--- a/capsulflask/auth.py
+++ b/capsulflask/auth.py
@ -1,10 +1,15 @@
 import functools

 from flask import Blueprint
+from flask import flash
+from flask import current_app
 from flask import g
 from flask import redirect
 from flask import url_for
+from flask import request
 from flask import session
+from flask import render_template
+from flask_mail import Message

 from capsulflask.db import get_model

@ -22,32 +27,41 @@ def account_required(view):

    return wrapped_view

-
-@bp.route("/register", methods=("GET", "POST"))
-def register():
-
+@bp.route("/login", methods=("GET", "POST"))
+def login():
    if request.method == "POST":
        email = request.form["email"]
-        model = get_model()
        error = None

        if not email:
            error = "Email is required."
-        elif (
-            model.
-        ):
-            error = f"User {username} is already registered."

        if error is None:
-            # the name is available, store it in the database and go to
-            # the login page
-            db.execute(
-                "INSERT INTO user (username, password) VALUES (?, ?)",
-                (username, generate_password_hash(password)),
+            token = get_model().login(email)
+
+            link = f"{current_app.config['BASE_URL']}/auth/magic/{token}"
+
+            current_app.config["FLASK_MAIL_INSTANCE"].send(
+                Message(
+                  "Click This Link to Login to Capsul",
+                  body=f"""
+                    Navigate to {link} to log into capsul.
+                  """,
+                  html=f"""
+                    Navigate to <a href="{link}">{link}</a> to log into capsul.
+                  """,
+                  sender=current_app.config['MAIL_DEFAULT_SENDER'],
+                  recipients=[email]
+                )
            )
-            db.commit()
-            return redirect(url_for("auth.login"))
+
+            return render_template("check-your-email.html")

        flash(error)

-    return render_template("auth/register.html")
+    return render_template("login.html")
+
+@bp.route("/logout")
+def logout():
+    session.clear()
+    return redirect(url_for("index"))