Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # roughly based on the logic shown at:
- # https://pythonspot.com/en/login-authentication-with-flask/
- from flask import Flask, redirect, render_template, request, session
- from functools import wraps
- import os
- app = Flask(__name__)
- def widoLoginRequired(f):
- #this is the decorator for a route that is to be protected
- @wraps(f)
- def decorated_function(*args, **kwargs):
- if not session.get('logged_in'):
- session['next'] = request.endpoint
- return render_template('login.html')
- return f(*args, **kwargs)
- return decorated_function
- @app.route('/login', methods=['POST'])
- #if this route is called as POST, it means that a password was submitted. Login and forward, or show error+ login screen
- def do_admin_login():
- # this should be replaced by hashed values, and/or a database function:
- passwords = {
- "admin": "enter passwords here",
- "user1": "then remove the the next line which says <passwords = {} > ",
- };
- passwords = {}
- if app.debug:
- passwords = {
- "user1": "pass1",
- "user2": "pass2",
- };
- # validation of password:
- rightPassword = passwords.get(request.form['username']) # this is the password which the user *should* enter
- try:
- givenPassword = request.form['password'] # this is the password which the user *did* enter
- except:
- givenPassword = ""
- if (rightPassword is None):
- valid = False
- elif (rightPassword == givenPassword):
- valid = True
- else:
- valid = False
- # act upon right or wrong user/pass combination:
- session.pop('wrong_password', None) # clear this flag
- if valid:
- session['logged_in'] = True
- session['user'] = request.form['username']
- else:
- session['wrong_password'] = "Password wrong...." # the value of this is irrelevant actually
- return render_template('login.html')
- return redirect (session.get('next'), code=302) # after successful login, make sure the browser shows the right URL
- @app.route('/login', methods=['GET'])
- # direct call of this route - just displays the login form, will then forward to index, and automatically logs out if there was already a login
- def show_login_page():
- session['next']="/"
- session['logged_in'] = False
- return render_template('login.html')
- @app.route("/logout")
- def logout():
- session['logged_in'] = False
- return "Logged out!"
- #######################################################################
- @app.route('/')
- def home():
- return "This is the index page, unprotected"
- @app.route("/status")
- def showstatus():
- return """
- <h3>Status:</h3>
- <p>Logged in: %s</p>
- <p>User: %s</p>
- <p>Next: %s</p>
- """ % (session.get('logged_in'), session.get('user'), session.get('next'))
- @app.route("/protect1")
- @widoLoginRequired
- def protect1():
- return "This is the first protected page protect1"
- @app.route("/protect2")
- @widoLoginRequired
- def protect2():
- return "This is the second protected page protect2"
- @app.route("/protect3")
- @widoLoginRequired
- def protect3():
- return "This is the third protected page protect3"
- if __name__ == "__main__":
- app.secret_key = os.urandom(24)
- app.run(debug=True)
- <link rel="stylesheet" href="/static/loginstyle.css" type="text/css">
- {% block body %}
- {% if session['wrong_password'] %}
- <div class="login-screen">
- <p>Wrong password!</p>
- </div>
- {% endif %}
- {% if session['logged_in'] %}
- <div class="login-screen">
- <p>You're logged in already!</p>
- </div>
- {% endif %}
- <form action="/login" method="POST">
- <input type="text" name="next" value="12341234" hidden>
- <div class="login">
- <div class="login-screen">
- <div class="app-title">
- <h1>Login</h1>
- </div>
- <div class="login-form">
- <div class="control-group">
- <input type="text" class="login-field" value="" placeholder="username" name="username">
- <label class="login-field-icon fui-user" for="login-name"></label>
- </div>
- <div class="control-group">
- <input type="password" class="login-field" value="" placeholder="password" name="password">
- <label class="login-field-icon fui-lock" for="login-pass"></label>
- </div>
- <input type="submit" value="Log in" class="btn btn-primary btn-large btn-block" >
- <br>
- </div>
- </div>
- </div>
- </form>
- {% endblock %}
- * {
- box-sizing: border-box;
- }
- *:focus {
- outline: none;
- }
- body {
- font-family: Arial;
- background-color: #3498DB;
- padding: 50px;
- }
- .login {
- margin: 20px auto;
- width: 300px;
- }
- .login-screen {
- background-color: #FFF;
- padding: 20px;
- border-radius: 5px
- }
- .app-title {
- text-align: center;
- color: #777;
- }
- .login-form {
- text-align: center;
- }
- .control-group {
- margin-bottom: 10px;
- }
- input {
- text-align: center;
- background-color: #ECF0F1;
- border: 2px solid transparent;
- border-radius: 3px;
- font-size: 16px;
- font-weight: 200;
- padding: 10px 0;
- width: 250px;
- transition: border .5s;
- }
- input:focus {
- border: 2px solid #3498DB;
- box-shadow: none;
- }
- .btn {
- border: 2px solid transparent;
- background: #3498DB;
- color: #ffffff;
- font-size: 16px;
- line-height: 25px;
- padding: 10px 0;
- text-decoration: none;
- text-shadow: none;
- border-radius: 3px;
- box-shadow: none;
- transition: 0.25s;
- display: block;
- width: 250px;
- margin: 0 auto;
- }
- .btn:hover {
- background-color: #2980B9;
- }
- .login-link {
- font-size: 12px;
- color: #444;
- display: block;
- margin-top: 12px;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement