From a6ce11b10b1bc1930a7d356a34aed9925ddf00dc Mon Sep 17 00:00:00 2001 From: Shirkanesi Date: Sun, 20 Aug 2023 00:58:02 +0200 Subject: [PATCH] Removed flask-login in favour of custom solution --- jon/__init__.py | 13 +++---------- jon/auth.py | 35 +++++++++++++++++++---------------- jon/entry.py | 4 ---- jon/inventory.py | 7 ------- jon/location.py | 2 -- requirements.txt | 1 - 6 files changed, 22 insertions(+), 40 deletions(-) diff --git a/jon/__init__.py b/jon/__init__.py index 55d1e7f..01498d4 100644 --- a/jon/__init__.py +++ b/jon/__init__.py @@ -3,7 +3,6 @@ import json import sys from flask import Flask, render_template -from flask_login import LoginManager, login_required from . import ( auth, @@ -24,14 +23,9 @@ def create_app(): db.init_app(app) - login_manager = LoginManager() - login_manager.login_view = 'auth.login' - login_manager.init_app(app) - - @login_manager.user_loader - def load_user(user_id): - # since the user_id is just the primary key of our user table, use it in the query for the user - return auth.User() + @app.before_request + def before_req_fun(): + return auth.before_request() @app.context_processor def utility_processor(): @@ -42,7 +36,6 @@ def create_app(): app.register_blueprint(entry.bp) app.register_blueprint(auth.auth) @app.route("/") - @login_required def index(): return render_template("index.html") diff --git a/jon/auth.py b/jon/auth.py index b895615..b843f2d 100644 --- a/jon/auth.py +++ b/jon/auth.py @@ -1,5 +1,4 @@ -from flask import Blueprint, request, redirect -from flask_login import login_user, UserMixin, login_required, logout_user +from flask import Blueprint, request, redirect, make_response from . import db import random import string @@ -19,23 +18,27 @@ ERROR_TEXT = """ """ -class User(UserMixin): - id: int = 0 -@auth.route('/login') -def login(): - token = request.args.get('token') - next: str = request.args.get('next') or "/" - if token is None: - # TODO: make template - return ERROR_TEXT.format(next=next) + "No token provided!" +def before_request(): + token = request.cookies.get('token') if token == ACCESS_TOKEN: - login_user(User(), remember=True) - return redirect(next) + pass else: - return ERROR_TEXT.format(next=next) + "Invalid token!" + token = request.args.get('token') + next: str = request.args.get('next') or "/" + if token is None: + # TODO: make template + return ERROR_TEXT.format(next=next) + "No token provided!" + if token != ACCESS_TOKEN: + return ERROR_TEXT.format(next=next) + "Invalid token!" + else: + resp = make_response(redirect(next)) + resp.set_cookie('token', token) + return resp + @auth.route('/logout') def logout(): - logout_user() - return redirect("/") + resp = make_response(redirect("/")) + resp.set_cookie('token', "") + return resp diff --git a/jon/entry.py b/jon/entry.py index 800dd60..d97c423 100644 --- a/jon/entry.py +++ b/jon/entry.py @@ -3,7 +3,6 @@ import zoneinfo from flask import Blueprint, redirect, render_template, request, session -from flask_login import login_required from . import db @@ -12,13 +11,11 @@ bp = Blueprint("entry", __name__, url_prefix="/entry") @bp.get("/") -@login_required def index(): return render_template("entry/index.html") @bp.route("/edit-item-data", methods=["GET", "POST"]) -@login_required def edit_item_data(): if "entry" not in session: session["entry"] = dict() @@ -48,7 +45,6 @@ def edit_item_data(): @bp.route("/select-snack-entry", methods=["GET", "POST"]) -@login_required def edit_snack_data(): if "entry" not in session: return redirect("/entry/edit-item-data") diff --git a/jon/inventory.py b/jon/inventory.py index c1422a3..43aafad 100644 --- a/jon/inventory.py +++ b/jon/inventory.py @@ -1,5 +1,4 @@ from flask import Blueprint, redirect, render_template, request, session -from flask_login import login_required from . import db @@ -8,7 +7,6 @@ bp = Blueprint("inventory", __name__, url_prefix="/inventory") @bp.get("/") -@login_required def index(): location = session.get("location", None) items = db.run_query("get_inventory_overview.sql", { @@ -21,7 +19,6 @@ def index(): @bp.get("/report") -@login_required def read_report(): location = session.get("location", None) items = db.run_query("get_inventory_report.sql", { @@ -34,7 +31,6 @@ def read_report(): @bp.get("/item/") -@login_required def read_item(item_id: int): item = db.run_query("get_item_by_id.sql", { "item_id": item_id @@ -57,7 +53,6 @@ def read_item(item_id: int): @bp.post("/item//deactivate") -@login_required def deactivate_item(item_id: int): item = db.run_query("get_item_by_id.sql", { "item_id": item_id @@ -75,7 +70,6 @@ def deactivate_item(item_id: int): @bp.post("/correction") -@login_required def create_correction(): try: item_id = int(request.form.get("item_id")) @@ -101,7 +95,6 @@ def create_correction(): @bp.post("/transfer") -@login_required def transfer_items(): try: from_item_id = int(request.form.get("from_item_id")) diff --git a/jon/location.py b/jon/location.py index c7df17d..daf84bd 100644 --- a/jon/location.py +++ b/jon/location.py @@ -1,5 +1,4 @@ from flask import Blueprint, render_template, request, session -from flask_login import login_required from . import db @@ -8,7 +7,6 @@ bp = Blueprint("location", __name__, url_prefix="/location") @bp.route("/", methods=["GET", "POST"]) -@login_required def index(): if request.method == "POST": location_id = request.form.get("location_id", "") diff --git a/requirements.txt b/requirements.txt index c4968a8..555baae 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,6 @@ blinker==1.6.2 click==8.1.3 Flask==2.3.2 -flask-login itsdangerous==2.1.2 Jinja2==3.1.2 MarkupSafe==2.1.2