# app/auth/routes.py from flask import Blueprint, render_template, request, redirect, url_for, flash, session,make_response from flask_login import login_user, logout_user, login_required from app.services.appwrite_client import AppWriteClient auth_bp = Blueprint("auth", __name__, url_prefix="/auth") @auth_bp.route("/register", methods=["GET", "POST"]) def register(): if request.method == "POST": email = request.form.get("email", "").strip() password = request.form.get("password", "") name = (request.form.get("name") or "").strip() or None if not email or not password: flash("Email and password are required.", "error") return redirect(url_for("auth.register")) try: aw = AppWriteClient() aw.create_new_user(email,password,name) login_valid, error = aw.log_user_in(email,password) if login_valid: flash("Account created and you are now logged in.", "success") return redirect(url_for("main.dashboard")) else: flash(str(error), "error") except Exception as e: flash(str(e), "error") return redirect(url_for("auth.register")) return render_template("auth/register.html") @auth_bp.route("/login", methods=["GET", "POST"]) def login(): if request.method == "POST": email = request.form.get("email", "").strip() password = request.form.get("password", "") if not email or not password: flash("Email and password are required.", "error") return redirect(url_for("auth.login")) aw = AppWriteClient() login_valid, error = aw.log_user_in(email,password) try: if login_valid: username = session.get("user",{}).get("name","User") flash(f"Welcome Back {username}", "success") return redirect(url_for("main.dashboard")) else: flash(str(error), "error") except Exception as e: flash(str(e), "error") return redirect(url_for("auth.login")) # Get method return render_template("auth/login.html") @auth_bp.route("/logout", methods=["GET", "POST"]) def logout(): aw = AppWriteClient() aw.log_user_out() session.clear() flash("Signed out.", "success") return redirect(url_for("auth.login")) @auth_bp.route("/send", methods=["POST"]) def send(): """ Sends a verification email to the currently logged-in user. Appwrite will redirect the user back to /verify/callback with userId & secret. """ try: aw = AppWriteClient() aw.send_email_verification() flash("Verification email sent. Please check your inbox.", "info") except Exception as e: flash(f"Could not send verification email: {e}", "error") # Go back to where the user came from, or your dashboard return redirect(request.referrer or url_for("main.dashboard")) @auth_bp.route("/callback", methods=["GET"]) def callback(): """ Completes verification after user clicks the email link. Requires the user to be logged in (Appwrite Account endpoints need a session). If not logged in, we stash the link params and send them to log in first. """ aw = AppWriteClient() user_id = request.args.get("userId") secret = request.args.get("secret") if not user_id or not secret: flash("Invalid verification link.", "error") return redirect(url_for("auth.login")) try: # If we don't currently have an Appwrite session, ask them to log in, then resume. if not aw.verify_email(user_id,secret): session["pending_verification"] = {"userId": user_id, "secret": secret} flash("Please log in to complete email verification.", "warning") return redirect(url_for("auth.login")) # We have a session; complete verification flash("Email verified! You're all set.", "success") return redirect(url_for("main.dashboard")) except Exception as e: flash(f"Verification failed: {e}", "error") return redirect(url_for("auth.login"))