Removed flask-login in favour of custom solution

jon/__init__.py

@@ -3,7 +3,6 @@ import json
 import sys
 
 from flask import Flask, render_template
-from flask_login import LoginManager, login_required
 
 from . import (
     auth,
@@ -24,14 +23,9 @@ def create_app():
 
     db.init_app(app)
 
-    login_manager = LoginManager()
-    login_manager.login_view = 'auth.login'
-    login_manager.init_app(app)
-
-    @login_manager.user_loader
-    def load_user(user_id):
-        # since the user_id is just the primary key of our user table, use it in the query for the user
-        return auth.User()
+    @app.before_request
+    def before_req_fun():
+        return auth.before_request()
 
     @app.context_processor
     def utility_processor():
@@ -42,7 +36,6 @@ def create_app():
     app.register_blueprint(entry.bp)
     app.register_blueprint(auth.auth)
     @app.route("/")
-    @login_required
     def index():
         return render_template("index.html")
 

jon/auth.py

@@ -1,5 +1,4 @@
-from flask import Blueprint, request, redirect
-from flask_login import login_user, UserMixin, login_required, logout_user
+from flask import Blueprint, request, redirect, make_response
 from . import db
 import random
 import string
@@ -19,23 +18,27 @@ ERROR_TEXT =  """
 
               """
 
-class User(UserMixin):
-    id: int = 0
 
-@auth.route('/login')
-def login():
-    token = request.args.get('token')
-    next: str = request.args.get('next') or "/"
-    if token is None:
-        # TODO: make template
-        return ERROR_TEXT.format(next=next) + "No token provided!"
+def before_request():
+    token = request.cookies.get('token')
     if token == ACCESS_TOKEN:
-        login_user(User(), remember=True)
-        return redirect(next)
+        pass
     else:
-        return ERROR_TEXT.format(next=next) + "Invalid token!"
+        token = request.args.get('token')
+        next: str = request.args.get('next') or "/"
+        if token is None:
+            # TODO: make template
+            return ERROR_TEXT.format(next=next) + "No token provided!"
+        if token != ACCESS_TOKEN:
+            return ERROR_TEXT.format(next=next) + "Invalid token!"
+        else:
+            resp = make_response(redirect(next))
+            resp.set_cookie('token', token)
+            return resp
+
 
 @auth.route('/logout')
 def logout():
-    logout_user()
-    return redirect("/")
+    resp = make_response(redirect("/"))
+    resp.set_cookie('token', "")
+    return resp

jon/entry.py

@@ -3,7 +3,6 @@ import zoneinfo
 
 
 from flask import Blueprint, redirect, render_template, request, session
-from flask_login import login_required
 
 from . import db
 
@@ -12,13 +11,11 @@ bp = Blueprint("entry", __name__, url_prefix="/entry")
 
 
 @bp.get("/")
-@login_required
 def index():
     return render_template("entry/index.html")
 
 
 @bp.route("/edit-item-data", methods=["GET", "POST"])
-@login_required
 def edit_item_data():
     if "entry" not in session:
         session["entry"] = dict()
@@ -48,7 +45,6 @@ def edit_item_data():
 
 
 @bp.route("/select-snack-entry", methods=["GET", "POST"])
-@login_required
 def edit_snack_data():
     if "entry" not in session:
         return redirect("/entry/edit-item-data")

jon/inventory.py

@@ -1,5 +1,4 @@
 from flask import Blueprint, redirect, render_template, request, session
-from flask_login import login_required
 
 from . import db
 
@@ -8,7 +7,6 @@ bp = Blueprint("inventory", __name__, url_prefix="/inventory")
 
 
 @bp.get("/")
-@login_required
 def index():
     location = session.get("location", None)
     items = db.run_query("get_inventory_overview.sql", {
@@ -21,7 +19,6 @@ def index():
 
 
 @bp.get("/report")
-@login_required
 def read_report():
     location = session.get("location", None)
     items = db.run_query("get_inventory_report.sql", {
@@ -34,7 +31,6 @@ def read_report():
 
 
 @bp.get("/item/<item_id>")
-@login_required
 def read_item(item_id: int):
     item = db.run_query("get_item_by_id.sql", {
         "item_id": item_id
@@ -57,7 +53,6 @@ def read_item(item_id: int):
 
 
 @bp.post("/item/<item_id>/deactivate")
-@login_required
 def deactivate_item(item_id: int):
     item = db.run_query("get_item_by_id.sql", {
         "item_id": item_id
@@ -75,7 +70,6 @@ def deactivate_item(item_id: int):
 
 
 @bp.post("/correction")
-@login_required
 def create_correction():
     try:
         item_id = int(request.form.get("item_id"))
@@ -101,7 +95,6 @@ def create_correction():
 
 
 @bp.post("/transfer")
-@login_required
 def transfer_items():
     try:
         from_item_id = int(request.form.get("from_item_id"))

jon/location.py

@@ -1,5 +1,4 @@
 from flask import Blueprint, render_template, request, session
-from flask_login import login_required
 
 from . import db
 
@@ -8,7 +7,6 @@ bp = Blueprint("location", __name__, url_prefix="/location")
 
 
 @bp.route("/", methods=["GET", "POST"])
-@login_required
 def index():
     if request.method == "POST":
         location_id = request.form.get("location_id", "")

requirements.txt

@@ -1,7 +1,6 @@
 blinker==1.6.2
 click==8.1.3
 Flask==2.3.2
-flask-login
 itsdangerous==2.1.2
 Jinja2==3.1.2
 MarkupSafe==2.1.2