Добавлена модель пользователя и функционал логина

Author: korneevm

create_admin.py

@@ -0,0 +1,29 @@
+from getpass import getpass
+import sys
+
+from webapp import create_app
+from webapp.model import db, User
+
+app = create_app()
+
+with app.app_context():
+    username = input('Введите имя:')
+
+    if User.query.filter(User.username == username).count():
+        print('Пользователь с таким именем уже существует')
+        sys.exit(0)
+
+    password1 = getpass('Введите пароль')
+    password2 = getpass('Повторите пароль')
+
+    if not password1 == password2:
+        print('Пароли не одинаковые')
+        sys.exit(0)
+
+    new_user = User(username=username, role='admin')
+    new_user.set_password(password1)
+
+    db.session.add(new_user)
+    db.session.commit()
+    print('Создан пользователь с id={}'.format(new_user.id))
+    

requirements.txt

@@ -0,0 +1,25 @@
+astroid==2.1.0
+beautifulsoup4==4.6.3
+certifi==2018.10.15
+chardet==3.0.4
+Click==7.0
+Flask==1.0.2
+Flask-Login==0.4.1
+Flask-SQLAlchemy==2.3.2
+Flask-WTF==0.14.2
+idna==2.7
+isort==4.3.4
+itsdangerous==1.1.0
+Jinja2==2.10
+lazy-object-proxy==1.3.1
+MarkupSafe==1.1.0
+mccabe==0.6.1
+pylint==2.2.2
+requests==2.20.1
+six==1.11.0
+SQLAlchemy==1.2.15
+typed-ast==1.1.0
+urllib3==1.24.1
+Werkzeug==0.14.1
+wrapt==1.10.11
+WTForms==2.2.1

webapp/__init__.py

@@ -1,18 +1,64 @@
-from flask import Flask, render_template
+from flask import Flask, flash, render_template, redirect, url_for
+from flask_login import LoginManager, current_user, login_required, login_user, logout_user
 
-from webapp.model import db, News
+from webapp.forms import LoginForm
+from webapp.model import db, News, User
 from webapp.weather import weather_by_city
 
 def create_app():
     app = Flask(__name__)
     app.config.from_pyfile('config.py')
     db.init_app(app)
 
+    login_manager = LoginManager()
+    login_manager.init_app(app)
+    login_manager.login_view = 'login'
+
+    @login_manager.user_loader
+    def load_user(user_id):
+        return User.query.get(user_id)
+
     @app.route('/')
     def index():
         title = "Новости Python"
         weather = weather_by_city(app.config['WEATHER_DEFAULT_CITY'])
         news_list = News.query.order_by(News.published.desc()).all()
         return render_template('index.html', page_title=title, weather=weather, news_list=news_list)
 
+    @app.route('/login')
+    def login():
+        if current_user.is_authenticated:
+            return redirect(url_for('index'))
+        title = "Авторизация"
+        login_form = LoginForm()
+        return render_template('login.html', page_title=title, form=login_form)
+
+    @app.route('/process-login', methods=['POST'])
+    def process_login():
+        form = LoginForm()
+
+        if form.validate_on_submit():
+            user = User.query.filter(User.username == form.username.data).first()
+            if user and user.check_password(form.password.data):
+                login_user(user)
+                flash('Вы успешно вошли на сайт')
+                return redirect(url_for('index'))
+
+        flash('Неправильные имя пользователя или пароль')
+        return redirect(url_for('login'))
+
+    @app.route('/logout')
+    def logout():
+        logout_user()
+        flash('Вы успешно разлогинились')
+        return redirect(url_for('index'))
+
+    @app.route('/admin')
+    @login_required
+    def admin_index():
+        if current_user.is_admin:
+            return 'Привет админ!'
+        else:
+            return 'Ты не админ!'
+
     return app

webapp/forms.py

@@ -0,0 +1,8 @@
+from flask_wtf import FlaskForm
+from wtforms import StringField, PasswordField, SubmitField
+from wtforms.validators import DataRequired
+
+class LoginForm(FlaskForm):
+    username = StringField('Имя пользователя', validators=[DataRequired()], render_kw={"class": "form-control"})
+    password = PasswordField('Пароль', validators=[DataRequired()], render_kw={"class": "form-control"})
+    submit = SubmitField('Отправить!', render_kw={"class": "btn btn-primary"})

webapp/model.py

@@ -1,4 +1,6 @@
+from flask_login import UserMixin
 from flask_sqlalchemy import SQLAlchemy
+from werkzeug.security import generate_password_hash, check_password_hash
 
 db = SQLAlchemy()
 
@@ -11,3 +13,22 @@ class News(db.Model):
 
     def __repr__(self):
         return '<News {} {}>'.format(self.title, self.url)
+
+class User(db.Model, UserMixin):
+    id = db.Column(db.Integer, primary_key=True)
+    username = db.Column(db.String(50), index=True, unique=True)
+    password = db.Column(db.String(128))
+    role = db.Column(db.String(10), index=True)
+
+    def set_password(self, password):
+        self.password = generate_password_hash(password)
+
+    def check_password(self, password):
+        return check_password_hash(self.password, password)
+
+    @property
+    def is_admin(self):
+        return self.role == 'admin'
+
+    def __repr__(self):
+        return '<User name={} id={}>'.format(self.username, self.id)

webapp/templates/index.html

@@ -15,6 +15,15 @@
     <h1>{{ page_title }}</h1>
     <div class="row">
         <div class="col-8">
+            {% with messages = get_flashed_messages() %}
+                {% if messages %}
+                <div class="alert alert-warning" role="alert">
+                    {% for message in messages %}
+                        {{ message }}<br>
+                    {% endfor %}
+                </div>
+                {% endif %}
+            {% endwith %}
             <h2>Новости</h2>
             {% for news in news_list %}
             <h3><a href="{{ news.url }}">{{ news.title }}</a></h3>

webapp/templates/login.html

@@ -0,0 +1,51 @@
+<!doctype html>
+<html lang="ru">
+  <head>
+    <!-- Required meta tags -->
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+
+    <!-- Bootstrap CSS -->
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous">
+
+    <title>{{ page_title }}</title>
+  </head>
+  <body>
+    <div class="container">
+    <h1>{{ page_title }}</h1>
+    <div class="row">
+        <div class="col-4">
+            {% with messages = get_flashed_messages() %}
+                {% if messages %}
+                <div class="alert alert-warning" role="alert">
+                    {% for message in messages %}
+                        {{ message }}<br>
+                    {% endfor %}
+                </div>
+                {% endif %}
+            {% endwith %}
+            <form action="{{ url_for('process_login') }}" method="POST">
+                {{ form.hidden_tag() }}
+                <div class="form-group">
+                    {{ form.username.label }}
+                    {{ form.username() }}
+                </div>
+                <div class="form-group">
+                    {{ form.password.label }}
+                    {{ form.password() }}
+                </div>
+                {{ form.submit() }}
+            </form>
+        </div>
+        <div class="col-8">
+
+        </div>
+    </div>
+    </div>
+    <!-- Optional JavaScript -->
+    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
+    <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
+    <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
+  </body>
+</html>