feat(routes/auth.py): add auth.py route blueprint

2025-08-25 19:31:55 +02:00
parent 50be48dba4
commit bbaffb344f
1 changed files with 42 additions and 0 deletions
--- a/src/judas_server/web/routes/auth.py
+++ b/src/judas_server/web/routes/auth.py
@@ -0,0 +1,42 @@
+# -*- coding: utf-8 -*-
+from __future__ import annotations
+from typing import TYPE_CHECKING
+
+import flask
+import flask_login
+
+from judas_server.web.user import User
+
+if TYPE_CHECKING:
+    from werkzeug.wrappers import Response
+
+auth_bp: flask.Blueprint = flask.Blueprint(
+    "auth", __name__, url_prefix="/auth"
+)
+
+
+@auth_bp.route("/login", methods=["GET", "POST"])
+def login() -> Response | str:
+    """Handles user login via password form."""
+    if flask.request.method == "POST":
+        password = flask.request.form.get("password", "")
+        if password == flask.current_app.config["PASSWORD"]:
+            user = User("admin")
+            flask_login.login_user(user)
+            next_page = flask.request.args.get("next")
+            return flask.redirect(next_page or flask.url_for("index.index"))
+            # return flask.redirect(flask.url_for("panel.panel"))
+        else:
+            return flask.render_template(
+                "login.html",
+                error="Invalid password. Please try again.",
+            )
+    return flask.render_template("login.html")
+
+
+@auth_bp.route("/logout")
+@flask_login.login_required
+def logout() -> Response:
+    """Logs out the current user."""
+    flask_login.logout_user()
+    return flask.redirect(flask.url_for("index.index"))