112 lines
4.1 KiB
Python
112 lines
4.1 KiB
Python
# app/auth/routes.py
|
|
from flask import Blueprint, render_template, request, redirect, url_for, flash, session,make_response
|
|
|
|
from app.services.appwrite_client import AppWriteClient
|
|
|
|
|
|
auth_bp = Blueprint("auth", __name__, url_prefix="/auth")
|
|
|
|
|
|
@auth_bp.route("/register", methods=["GET", "POST"])
|
|
def register():
|
|
if request.method == "POST":
|
|
email = request.form.get("email", "").strip()
|
|
password = request.form.get("password", "")
|
|
name = (request.form.get("name") or "").strip() or None
|
|
|
|
if not email or not password:
|
|
flash("Email and password are required.", "error")
|
|
return redirect(url_for("auth.register"))
|
|
|
|
try:
|
|
aw = AppWriteClient()
|
|
aw.create_new_user(email,password,name)
|
|
|
|
login_valid, error = aw.log_user_in(email,password)
|
|
if login_valid:
|
|
flash("Account created and you are now logged in.", "success")
|
|
return redirect(url_for("main.dashboard"))
|
|
else:
|
|
flash(str(error), "error")
|
|
except Exception as e:
|
|
flash(str(e), "error")
|
|
return redirect(url_for("auth.register"))
|
|
|
|
return render_template("auth/register.html")
|
|
|
|
@auth_bp.route("/login", methods=["GET", "POST"])
|
|
def login():
|
|
if request.method == "POST":
|
|
email = request.form.get("email", "").strip()
|
|
password = request.form.get("password", "")
|
|
if not email or not password:
|
|
flash("Email and password are required.", "error")
|
|
return redirect(url_for("auth.login"))
|
|
|
|
aw = AppWriteClient()
|
|
login_valid, error = aw.log_user_in(email,password)
|
|
try:
|
|
if login_valid:
|
|
username = session.get("user",{}).get("name","User")
|
|
flash(f"Welcome Back {username}", "success")
|
|
return redirect(url_for("main.dashboard"))
|
|
else:
|
|
flash(str(error), "error")
|
|
except Exception as e:
|
|
flash(str(e), "error")
|
|
return redirect(url_for("auth.login"))
|
|
|
|
# Get method
|
|
|
|
return render_template("auth/login.html")
|
|
|
|
@auth_bp.route("/logout", methods=["GET", "POST"])
|
|
def logout():
|
|
aw = AppWriteClient()
|
|
aw.log_user_out()
|
|
session.clear()
|
|
flash("Signed out.", "success")
|
|
return redirect(url_for("auth.login"))
|
|
|
|
@auth_bp.route("/send", methods=["POST"])
|
|
def send():
|
|
"""
|
|
Sends a verification email to the currently logged-in user.
|
|
Appwrite will redirect the user back to /verify/callback with userId & secret.
|
|
"""
|
|
try:
|
|
aw = AppWriteClient()
|
|
aw.send_email_verification()
|
|
flash("Verification email sent. Please check your inbox.", "info")
|
|
except Exception as e:
|
|
flash(f"Could not send verification email: {e}", "error")
|
|
# Go back to where the user came from, or your dashboard
|
|
return redirect(request.referrer or url_for("main.dashboard"))
|
|
|
|
@auth_bp.route("/callback", methods=["GET"])
|
|
def callback():
|
|
"""
|
|
Completes verification after user clicks the email link.
|
|
Requires the user to be logged in (Appwrite Account endpoints need a session).
|
|
If not logged in, we stash the link params and send them to log in first.
|
|
"""
|
|
aw = AppWriteClient()
|
|
user_id = request.args.get("userId")
|
|
secret = request.args.get("secret")
|
|
if not user_id or not secret:
|
|
flash("Invalid verification link.", "error")
|
|
return redirect(url_for("auth.login"))
|
|
|
|
try:
|
|
# If we don't currently have an Appwrite session, ask them to log in, then resume.
|
|
if not aw.verify_email(user_id,secret):
|
|
session["pending_verification"] = {"userId": user_id, "secret": secret}
|
|
flash("Please log in to complete email verification.", "warning")
|
|
return redirect(url_for("auth.login"))
|
|
|
|
# We have a session; complete verification
|
|
flash("Email verified! You're all set.", "success")
|
|
return redirect(url_for("main.dashboard"))
|
|
except Exception as e:
|
|
flash(f"Verification failed: {e}", "error")
|
|
return redirect(url_for("auth.login")) |