From bbaffb344fe0d519d2c535dc61902514acb3db9a Mon Sep 17 00:00:00 2001
From: Artur Borecki <me@pufereq.pl>
Date: Mon, 25 Aug 2025 19:31:55 +0200
Subject: [PATCH] feat(routes/auth.py): add auth.py route blueprint

---
 src/judas_server/web/routes/auth.py | 42 +++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 src/judas_server/web/routes/auth.py

diff --git a/src/judas_server/web/routes/auth.py b/src/judas_server/web/routes/auth.py
new file mode 100644
index 0000000..c9043f7
--- /dev/null
+++ b/src/judas_server/web/routes/auth.py
@@ -0,0 +1,42 @@
+# -*- coding: utf-8 -*-
+from __future__ import annotations
+from typing import TYPE_CHECKING
+
+import flask
+import flask_login
+
+from judas_server.web.user import User
+
+if TYPE_CHECKING:
+    from werkzeug.wrappers import Response
+
+auth_bp: flask.Blueprint = flask.Blueprint(
+    "auth", __name__, url_prefix="/auth"
+)
+
+
+@auth_bp.route("/login", methods=["GET", "POST"])
+def login() -> Response | str:
+    """Handles user login via password form."""
+    if flask.request.method == "POST":
+        password = flask.request.form.get("password", "")
+        if password == flask.current_app.config["PASSWORD"]:
+            user = User("admin")
+            flask_login.login_user(user)
+            next_page = flask.request.args.get("next")
+            return flask.redirect(next_page or flask.url_for("index.index"))
+            # return flask.redirect(flask.url_for("panel.panel"))
+        else:
+            return flask.render_template(
+                "login.html",
+                error="Invalid password. Please try again.",
+            )
+    return flask.render_template("login.html")
+
+
+@auth_bp.route("/logout")
+@flask_login.login_required
+def logout() -> Response:
+    """Logs out the current user."""
+    flask_login.logout_user()
+    return flask.redirect(flask.url_for("index.index"))