from flask import Blueprint, render_template, request, redirect, url_for, flash from flask_login import login_user, logout_user, login_required, current_user from werkzeug.security import check_password_hash from models import User, db from datetime import datetime from werkzeug.security import check_password_hash, generate_password_hash auth_bp = Blueprint('auth', __name__) @auth_bp.route('/login', methods=['GET', 'POST']) def login(): # 如果使用者已經登入,直接重新導向到總表,不顯示登入頁 if current_user.is_authenticated: return redirect(url_for('temp_spec.spec_list')) if request.method == 'POST': username = request.form['username'] password = request.form['password'] user = User.query.filter_by(username=username).first() if user and check_password_hash(user.password_hash, password): login_user(user) user.last_login = datetime.now() db.session.commit() return redirect(url_for('temp_spec.spec_list')) else: flash('帳號或密碼錯誤,請重新輸入', 'danger') return render_template('login.html') @auth_bp.route('/register', methods=['GET', 'POST']) def register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] confirm_password = request.form['confirm_password'] # 檢查使用者名稱是否已存在 if User.query.filter_by(username=username).first(): flash('此使用者名稱已被註冊,請更換一個。', 'danger') return redirect(url_for('auth.register')) # 檢查兩次密碼輸入是否一致 if password != confirm_password: flash('兩次輸入的密碼不一致。', 'danger') return redirect(url_for('auth.register')) # 建立新使用者,預設角色為 'viewer' new_user = User( username=username, password_hash=generate_password_hash(password), role='viewer' ) db.session.add(new_user) db.session.commit() flash('帳號建立成功!您現在可以登入了。', 'success') return redirect(url_for('auth.login')) return render_template('register.html') @auth_bp.route('/logout') @login_required def logout(): logout_user() return redirect(url_for('auth.login'))