66 lines
2.5 KiB
Python
66 lines
2.5 KiB
Python
from flask import Blueprint, render_template, request, redirect, url_for, flash, session
|
|
from flask_login import login_user, login_required, logout_user
|
|
|
|
from app.extensions.audit_logger import AuditLogger
|
|
from app.extensions.db import db
|
|
from app.models import User
|
|
from app.services.auth_service import authenticate_user, parse_ldap_user
|
|
|
|
auditlog = AuditLogger(db.session)
|
|
|
|
auth_bp = Blueprint('auth', __name__, url_prefix='/telezab/')
|
|
|
|
@auth_bp.route('/login', methods=['GET', 'POST'])
|
|
def login():
|
|
if 'user_id' in session:
|
|
return redirect(url_for('dashboard.dashboard'))
|
|
|
|
if request.method == 'POST':
|
|
username = request.form['username']
|
|
password = request.form['password']
|
|
|
|
success, user_info, error = authenticate_user(username, password)
|
|
|
|
if not success:
|
|
flash(error, 'danger')
|
|
auditlog.auth(username_attempted=username, success=False, error=error)
|
|
session['login_username'] = username # сохраняем введённый логин
|
|
return redirect(url_for('auth.login')) # редирект вместо render_template
|
|
|
|
# Очистка сохранённого логина при успешном входе
|
|
session.pop('login_username', None)
|
|
|
|
data = parse_ldap_user(user_info)
|
|
display_name = (f"{data['user_surname']} {data['user_name']} {data['user_middle_name']}").strip()
|
|
user = User(
|
|
user_id=data['sam_account_name'],
|
|
user_name=data['user_name'],
|
|
user_surname=data['user_surname'],
|
|
user_middle_name=data['user_middle_name'],
|
|
display_name=display_name,
|
|
email=data['email']
|
|
)
|
|
|
|
session.permanent = True
|
|
session['username'] = data['sam_account_name']
|
|
session['display_name'] = display_name
|
|
session['user_data'] = data
|
|
login_user(user)
|
|
|
|
auditlog.auth(username_attempted=username, success=True, ldap_user_id=data['sam_account_name'], display_name=display_name)
|
|
flash("Logged in successfully!", "success")
|
|
return redirect(url_for("dashboard.dashboard"))
|
|
|
|
# GET-запрос — передаём в шаблон ранее введённый логин, если есть
|
|
username_prefill = session.pop('login_username', '')
|
|
return render_template("login.html", username=username_prefill)
|
|
|
|
|
|
|
|
@auth_bp.route('/logout')
|
|
@login_required
|
|
def logout():
|
|
logout_user()
|
|
session.clear()
|
|
return redirect(url_for('auth.login'))
|