some auth

5 files changed, 88 insertions, 2 deletions

diff --git a/apioforum/__init__.py b/apioforum/__init__.py
index 6d4e53d..bdfe88f 100644
--- a/apioforum/__init__.py
+++ b/apioforum/__init__.py
@@ -3,13 +3,26 @@
 
 from flask import Flask
 from .db import get_db
+import os
 
 def create_app():
-    app = Flask(__name__)
+    app = Flask(__name__, instance_relative_config=True)
+    app.config.from_mapping(
+        SECRET_KEY="dev",
+        DATABASE=os.path.join(app.instance_path, 'database.db'),
+    )
+    app.config.from_pyfile("config.py",silent=True)
+    try:
+        os.makedirs(app.instance_path)
+    except OSError:
+        pass
 
     from . import db
     db.init_app(app)
 
+    from . import auth
+    app.register_blueprint(auth.bp)
+
     @app.route("/")
     def main():
         return "the"
diff --git a/apioforum/auth.py b/apioforum/auth.py
new file mode 100644
index 0000000..2d42407
--- /dev/null
+++ b/apioforum/auth.py
@@ -0,0 +1,40 @@
+from flask import (
+    Blueprint, session, request, url_for, render_template, redirect,
+    flash, 
+)
+from .db import get_db
+    
+
+bp = Blueprint("auth", __name__, url_prefix="/auth")
+
+@bp.route("/login",methods=('GET','POST'))
+def login():
+    if request.method == "POST":
+        username = request.form["username"]
+        password = request.form["password"]
+        db = get_db()
+        err = None
+        if not username:
+            err = "Username required"
+        elif not password:
+            err = "Password required"
+        elif username != "bee" or password != "form":
+            err = "Invalid login"
+
+        if err is None:
+            session.clear()
+            session['user'] = 'bee'
+            return redirect(url_for('auth.cool'))
+
+        flash(err)
+        
+    return render_template("auth/login.html")
+
+
+@bp.route("/cool")
+def cool():
+    user = session.get("user")
+    if user is None:
+        return "you are not logged in"
+    else:
+        return f"you are logged in as {user}"
diff --git a/apioforum/db.py b/apioforum/db.py
index be2d7e0..6a45640 100644
--- a/apioforum/db.py
+++ b/apioforum/db.py
@@ -5,7 +5,10 @@ from flask.cli import with_appcontext
 
 def get_db():
     if 'db' not in g:
-        g.db = sqlite3.connect('database.db',detect_types=sqlite3.PARSE_DECLTYPES)
+        g.db = sqlite3.connect(
+            current_app.config['DATABASE'],
+            detect_types=sqlite3.PARSE_DECLTYPES
+        )
         g.db.row_factory = sqlite3.Row
     g.db.execute("PRAGMA foreighn_keys = ON;")
     return g.db
diff --git a/apioforum/templates/auth/login.html b/apioforum/templates/auth/login.html
new file mode 100644
index 0000000..f7da0d3
--- /dev/null
+++ b/apioforum/templates/auth/login.html
@@ -0,0 +1,14 @@
+{% extends "base.html" %}
+{% block header %}
+    <h1>{% block title %}login{% endblock %}</h1>
+{% endblock %}
+
+{% block content %}
+<form method="post">
+    <label for="username">Username</label>
+    <input name="username" id="username" required>
+    <label for="password">Password</label>
+    <input name="password" id="password" required>
+    <input type="submit" value="yes">
+</form>
+{% endblock %}
diff --git a/apioforum/templates/base.html b/apioforum/templates/base.html
new file mode 100644
index 0000000..01339c1
--- /dev/null
+++ b/apioforum/templates/base.html
@@ -0,0 +1,16 @@
+{# BASED? BASED ON WHAT? #}
+<!DOCTYPE html>
+<html>
+    <head>
+        <title>{%block title %}{% endblock %}</title>
+        <meta name="viewport" content="width=device-width, initial-scale=1">
+    </head>
+    <body>
+        {% block header %}{% endblock %}
+        {% for msg in get_flashed_messages() %}
+            <div class="flash">{{ msg }}</div>
+        {% endfor %}
+        {%block content %}{% endblock %}
+    </body>
+</html>
+