REMOVE LDAP

2025-09-25 08:44:44 +08:00
commit 333a640a3b
53 changed files with 4231 additions and 0 deletions
--- a/routes/auth.py
+++ b/routes/auth.py
@@ -0,0 +1,93 @@
+from flask import Blueprint, render_template, request, redirect, url_for, flash, current_app
+from flask_login import login_user, logout_user, login_required, current_user
+from models import User, db
+from utils.timezone import taiwan_now
+
+auth_bp = Blueprint('auth', __name__)
+
+
+@auth_bp.route('/login', methods=['GET', 'POST'])
+def login():
+    if current_user.is_authenticated:
+        return redirect(url_for('temp_spec.spec_list'))
+
+    context = {}
+
+    if request.method == 'POST':
+        username = request.form['username'].strip()
+        password = request.form['password']
+        context['username'] = username
+
+        if not username or not password:
+            flash('請輸入帳號與密碼', 'warning')
+            return render_template('login.html', **context)
+
+        user = User.query.filter_by(username=username).first()
+
+        if user and user.check_password(password):
+            user.last_login = taiwan_now()
+            db.session.commit()
+            login_user(user)
+            current_app.logger.info(f"User logged in via local authentication: {username}")
+            return redirect(url_for('temp_spec.spec_list'))
+
+        current_app.logger.warning(f"Failed local login attempt for: {username}")
+        flash('帳號或密碼錯誤，請重新輸入', 'danger')
+
+    return render_template('login.html', **context)
+
+
+@auth_bp.route('/register', methods=['GET', 'POST'])
+def register():
+    if current_user.is_authenticated:
+        return redirect(url_for('temp_spec.spec_list'))
+
+    context = {}
+
+    if request.method == 'POST':
+        username = request.form['username'].strip()
+        name = request.form['name'].strip()
+        password = request.form['password']
+        confirm_password = request.form['confirm_password']
+
+        context['username'] = username
+        context['name'] = name
+
+        errors = []
+
+        if not username:
+            errors.append('請輸入帳號')
+        if not name:
+            errors.append('請輸入姓名')
+        if not password:
+            errors.append('請輸入密碼')
+        if password and len(password) < 6:
+            errors.append('密碼長度至少需 6 碼')
+        if password != confirm_password:
+            errors.append('確認密碼不相符')
+        if username and User.query.filter_by(username=username).first():
+            errors.append('帳號已存在，請改用其他帳號')
+
+        if errors:
+            for message in errors:
+                flash(message, 'danger')
+            return render_template('register.html', **context)
+
+        new_user = User(username=username, name=name, role='viewer')
+        new_user.set_password(password)
+        new_user.last_login = taiwan_now()
+        db.session.add(new_user)
+        db.session.commit()
+        login_user(new_user)
+        current_app.logger.info(f"New user registered: {username}")
+        flash('帳號建立完成，已自動登入', 'success')
+        return redirect(url_for('temp_spec.spec_list'))
+
+    return render_template('register.html', **context)
+
+
+@auth_bp.route('/logout')
+@login_required
+def logout():
+    logout_user()
+    return redirect(url_for('auth.login'))