45 lines
1.8 KiB
Python
45 lines
1.8 KiB
Python
from flask import Blueprint, request, redirect, url_for, flash, render_template
|
|
from flask_login import login_user, logout_user
|
|
from app.models.users import User
|
|
from datetime import datetime, timedelta
|
|
from app.models import db
|
|
|
|
import sys
|
|
|
|
auth = Blueprint('auth', __name__)
|
|
|
|
def _authenticate(username, password):
|
|
user = User.query.filter_by(username=username).first()
|
|
if user and user.password == password:
|
|
print(sys.version)
|
|
return user
|
|
return None
|
|
|
|
def login():
|
|
if request.method == 'POST':
|
|
username = request.form.get('username')
|
|
password = request.form.get('password')
|
|
user = User.query.filter_by(username=username).first()
|
|
if user:
|
|
if user.failed_login_attempts is not None and user.failed_login_attempts >= 10:
|
|
cooldown_expires = user.last_failed_login_attempt + timedelta(minutes=10)
|
|
if datetime.now() < cooldown_expires:
|
|
flash('You have exceeded the maximum number of failed login attempts. Please try again in {} minutes.'.format((cooldown_expires - datetime.now()).seconds // 60), 'danger')
|
|
return render_template('login.html')
|
|
if user.password == password:
|
|
user.failed_login_attempts = 0
|
|
login_user(user)
|
|
return redirect(url_for('main.wines_route'))
|
|
else:
|
|
user.failed_login_attempts = (user.failed_login_attempts or 0) + 1
|
|
user.last_failed_login_attempt = datetime.now()
|
|
db.session.commit()
|
|
flash('Invalid username or password.', 'danger')
|
|
else:
|
|
flash('Invalid username or password.', 'danger')
|
|
return render_template('login.html')
|
|
|
|
def logout():
|
|
logout_user()
|
|
flash('You have been logged out.', 'info')
|
|
return redirect(url_for('main.login_route')) |