Restyled Login Container and removed unnessecery code

2025-02-11 14:47:02 +01:00
parent 6947b1d9bb
commit f9db8c5a92
7 changed files with 269 additions and 82 deletions
--- a/app/controllers/auth_controller.py
+++ b/app/controllers/auth_controller.py
@ -1,14 +1,17 @@
 from flask import Blueprint, request, redirect, url_for, flash, render_template
 from flask_login import login_user, logout_user
 from app.models.users import User
+from datetime import datetime, timedelta
+from app.models import db

+import sys

 auth = Blueprint('auth', __name__)

-
 def _authenticate(username, password):
    user = User.query.filter_by(username=username).first()
-    if user and user.password == password:  
+    if user and user.password == password: 
+        print(sys.version) 
        return user  
    return None

@ -16,11 +19,22 @@ def login():
    if request.method == 'POST':
        username = request.form.get('username')
        password = request.form.get('password')
-        user = _authenticate(username, password)
+        user = User.query.filter_by(username=username).first()
        if user:
-            login_user(user)
-            flash('Logged in successfully!', 'success')
-            return redirect(url_for('main.users_route'))  
+            if user.failed_login_attempts is not None and user.failed_login_attempts >= 10:
+                cooldown_expires = user.last_failed_login_attempt + timedelta(minutes=10)
+                if datetime.now() < cooldown_expires:
+                    flash('You have exceeded the maximum number of failed login attempts. Please try again in {} minutes.'.format((cooldown_expires - datetime.now()).seconds // 60), 'danger')
+                    return render_template('login.html')
+            if user.password == password:
+                user.failed_login_attempts = 0
+                login_user(user)
+                return redirect(url_for('main.wines_route'))
+            else:
+                user.failed_login_attempts = (user.failed_login_attempts or 0) + 1
+                user.last_failed_login_attempt = datetime.now()
+                db.session.commit()
+                flash('Invalid username or password.', 'danger')
        else:
            flash('Invalid username or password.', 'danger')
    return render_template('login.html')