94 lines
3.1 KiB
Python
94 lines
3.1 KiB
Python
from flask import Blueprint, render_template, request, redirect, url_for, flash, current_app
|
|
from flask_login import login_user, logout_user, login_required, current_user
|
|
from models import User, db
|
|
from utils.timezone import taiwan_now
|
|
|
|
auth_bp = Blueprint('auth', __name__)
|
|
|
|
|
|
@auth_bp.route('/login', methods=['GET', 'POST'])
|
|
def login():
|
|
if current_user.is_authenticated:
|
|
return redirect(url_for('temp_spec.spec_list'))
|
|
|
|
context = {}
|
|
|
|
if request.method == 'POST':
|
|
username = request.form['username'].strip()
|
|
password = request.form['password']
|
|
context['username'] = username
|
|
|
|
if not username or not password:
|
|
flash('請輸入帳號與密碼', 'warning')
|
|
return render_template('login.html', **context)
|
|
|
|
user = User.query.filter_by(username=username).first()
|
|
|
|
if user and user.check_password(password):
|
|
user.last_login = taiwan_now()
|
|
db.session.commit()
|
|
login_user(user)
|
|
current_app.logger.info(f"User logged in via local authentication: {username}")
|
|
return redirect(url_for('temp_spec.spec_list'))
|
|
|
|
current_app.logger.warning(f"Failed local login attempt for: {username}")
|
|
flash('帳號或密碼錯誤,請重新輸入', 'danger')
|
|
|
|
return render_template('login.html', **context)
|
|
|
|
|
|
@auth_bp.route('/register', methods=['GET', 'POST'])
|
|
def register():
|
|
if current_user.is_authenticated:
|
|
return redirect(url_for('temp_spec.spec_list'))
|
|
|
|
context = {}
|
|
|
|
if request.method == 'POST':
|
|
username = request.form['username'].strip()
|
|
name = request.form['name'].strip()
|
|
password = request.form['password']
|
|
confirm_password = request.form['confirm_password']
|
|
|
|
context['username'] = username
|
|
context['name'] = name
|
|
|
|
errors = []
|
|
|
|
if not username:
|
|
errors.append('請輸入帳號')
|
|
if not name:
|
|
errors.append('請輸入姓名')
|
|
if not password:
|
|
errors.append('請輸入密碼')
|
|
if password and len(password) < 6:
|
|
errors.append('密碼長度至少需 6 碼')
|
|
if password != confirm_password:
|
|
errors.append('確認密碼不相符')
|
|
if username and User.query.filter_by(username=username).first():
|
|
errors.append('帳號已存在,請改用其他帳號')
|
|
|
|
if errors:
|
|
for message in errors:
|
|
flash(message, 'danger')
|
|
return render_template('register.html', **context)
|
|
|
|
new_user = User(username=username, name=name, role='viewer')
|
|
new_user.set_password(password)
|
|
new_user.last_login = taiwan_now()
|
|
db.session.add(new_user)
|
|
db.session.commit()
|
|
login_user(new_user)
|
|
current_app.logger.info(f"New user registered: {username}")
|
|
flash('帳號建立完成,已自動登入', 'success')
|
|
return redirect(url_for('temp_spec.spec_list'))
|
|
|
|
return render_template('register.html', **context)
|
|
|
|
|
|
@auth_bp.route('/logout')
|
|
@login_required
|
|
def logout():
|
|
logout_user()
|
|
return redirect(url_for('auth.login'))
|