DengDai/Nexusphp-Panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ad2c65affb855500957df34637d137ab92577478
Nexusphp-Panel/routes/auth.py
DengDai ad2c65affb init
2025-12-08 14:31:21 +08:00

64 lines
2.4 KiB
Python
Raw Blame History

from flask import Blueprint, render_template, request, redirect, url_for, session, jsonify
import sqlite3
import hashlib
import os
auth_bp = Blueprint('auth', __name__)
def get_db_connection():
conn = sqlite3.connect('pt_manager.db')
conn.row_factory = sqlite3.Row
return conn
@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
conn = get_db_connection()
user = conn.execute('SELECT * FROM users WHERE username = ?', (username,)).fetchone()
conn.close()
if user and user['password_hash'] == password: # In production, use proper password hashing
session['user_id'] = user['id']
session['username'] = user['username']
session['role'] = user['role']
return redirect(url_for('main.index'))
else:
return render_template('auth/login.html', error='Invalid credentials')
return render_template('auth/login.html')
@auth_bp.route('/logout')
def logout():
session.clear()
return redirect(url_for('auth.login'))
@auth_bp.route('/change_password', methods=['GET', 'POST'])
def change_password():
if 'user_id' not in session:
return redirect(url_for('auth.login'))
if request.method == 'POST':
current_password = request.form['current_password']
new_password = request.form['new_password']
confirm_password = request.form['confirm_password']
if new_password != confirm_password:
return render_template('auth/change_password.html', error='New passwords do not match')
conn = get_db_connection()
user = conn.execute('SELECT * FROM users WHERE id = ?', (session['user_id'],)).fetchone()
if user and user['password_hash'] == current_password: # In production, use proper password hashing
conn.execute('UPDATE users SET password_hash = ? WHERE id = ?',
(new_password, session['user_id']))
conn.commit()
conn.close()
return redirect(url_for('main.index'))
else:
conn.close()
return render_template('auth/change_password.html', error='Current password is incorrect')
return render_template('auth/change_password.html')
Reference in New Issue View Git Blame Copy Permalink