Allow redirects

main
Micke Nordin 10 months ago
parent 1155e226ab
commit 3f541a2dcb
No known key found for this signature in database
GPG Key ID: F53C4CC83EDAB3BE

@ -4,6 +4,7 @@ from typing import Union
from flask import (Flask, flash, redirect, render_template, request,
send_from_directory, url_for)
from flask_login import LoginManager, login_required, login_user, logout_user
from urllib.parse import unquote
from forms import LoginForm
from latosa import LaToSa
@ -33,15 +34,19 @@ def load_user(user_id) -> Union[User, None]:
@app.route('/', methods=['GET', 'POST'])
def index():
i18n = latosa.get_i18n(request)
redirect_to = request.args.get('redirect_to', None)
form = LoginForm()
form.redirect_to.data = redirect_to
if request.method == 'POST':
username = form.username.data
password = form.password.data
redirect_to = url_for('admin')
if form.redirect_to.data:
redirect_to = unquote(form.redirect_to.data)
user = latosa.login_user(username, password)
if user:
login_user(user)
flash(i18n['login']['success'])
return redirect(url_for('admin'))
return redirect(redirect_to)
flash(i18n['login']['failed'])
return render_template('index.html', i18n=i18n, form=form)

@ -1,8 +1,9 @@
from flask_wtf import FlaskForm
from wtforms import PasswordField, StringField, SubmitField
from wtforms import PasswordField, StringField, SubmitField, HiddenField
from wtforms.validators import DataRequired
class LoginForm(FlaskForm):
username = StringField('Username', validators=[DataRequired()])
password = PasswordField('Password', validators=[DataRequired()])
submit = SubmitField('Submit')
redirect_to = HiddenField('redirect_to')

Loading…
Cancel
Save