diff --git a/trurt/account/forms.py b/trurt/account/forms.py
index 78ff46cc67ce8976bc196df4795626ff4825734f..b3b1c82c53f79c5e0d285b428cf0444a670df4ab 100644
--- a/trurt/account/forms.py
+++ b/trurt/account/forms.py
@@ -5,6 +5,6 @@ import flask_wtf
class LoginForm(flask_wtf.FlaskForm):
- email = fields.StringField(_('E-mail'), [validators.Email()])
- pw = fields.PasswordField(_('Password'), [validators.DataRequired()])
+ username = fields.StringField(_('Username'), [validators.DataRequired()])
+ password = fields.PasswordField(_('Password'), [validators.DataRequired()])
submit = fields.SubmitField(_('Sign in'))
diff --git a/trurt/account/login.py b/trurt/account/login.py
index dd4609baae636a37b2fc977c22217310852001e3..bc76474290d53535b96bc26cc85ab4d47e25fe9e 100644
--- a/trurt/account/login.py
+++ b/trurt/account/login.py
@@ -5,14 +5,14 @@ import flask_login
import flask
-@blueprint.route("/login")
+@blueprint.route("/login", methods=["GET", "POST"])
def login():
form = forms.LoginForm()
if form.validate_on_submit():
- user = models.User.login(form.username, form.password)
+ user = models.User.login(form.username.data, form.password.data)
if user:
flask_login.login_user(user)
- endpoint = flask.request.args.get("next", "/")
+ endpoint = flask.request.args.get("next", "account.login")
return flask.redirect(flask.url_for(endpoint, **flask.request.args))
else:
flask.flash("Wrong credentials")
diff --git a/trurt/account/templates/account_login.html b/trurt/account/templates/account_login.html
index 8aa4a92f30e2b4828be02ef231c849d2cf542db5..8db7bb235615b7d019ded5d3cb6ccbb0b4db7aa0 100644
--- a/trurt/account/templates/account_login.html
+++ b/trurt/account/templates/account_login.html
@@ -1,3 +1,13 @@
{% extends "base.html" %}
-<h1>Test</h1>
+{% block title %}Log in{% endblock %}
+{% block subtitle %}{% endblock %}
+
+{% block content %}
+<form method="POST" action="{{ url_for("account.login") }}">
+ {{ form.hidden_tag() }}
+ {{ form.username }}
+ {{ form.password }}
+ {{ form.submit }}
+</form>
+{% endblock %}
diff --git a/trurt/models.py b/trurt/models.py
index c03b7042a89087a484660b31bfdbcf1b85e0eb32..57b3338017df75c3a61e1b7a29404a27299e17ab 100644
--- a/trurt/models.py
+++ b/trurt/models.py
@@ -68,6 +68,18 @@ class User(db.Model):
def get(cls, id):
return cls.query.get(id)
+ @classmethod
+ def login(cls, username, password):
+ user = cls.query.filter_by(username=username).first()
+ if not user:
+ return False
+ auth = Auth.query.filter_by(user_id=user.id).first()
+ if not auth:
+ return False
+ if not auth.check_password(password):
+ return False
+ return user
+
def get_id(self):
return self.id
@@ -97,7 +109,7 @@ class Auth(db.Model):
self.value = hash.pbkdf2_sha256.hash(password)
def check_password(self, password):
- return hash.pbkdf2_sha256.verify(password, self.password)
+ return hash.pbkdf2_sha256.verify(password, self.value)
class Service(db.Model):
diff --git a/trurt/templates/base.html b/trurt/templates/base.html
index c6a6a9e247ca897b6818c3c5a23f6c1943f344fc..a16c46dcea1081ecfd0946616ebc9c381e133a26 100644
--- a/trurt/templates/base.html
+++ b/trurt/templates/base.html
@@ -18,12 +18,8 @@
<aside class="main-sidebar">
<section class="sidebar">
- {% if current_user %}
- <div class="user-panel">
- <div class="info">
- <p>{{ current_user.username }}</p>
- </div>
- </div>
+ {% if current_user.is_authenticated %}
+ <h4 class="text-center text-primary">{{ current_user.username }}</h4>
{% endif %}
<ul class="sidebar-menu" data-widget="tree">