Flask Login

2026-01-09 17:45:03 -06:00 · 2026-01-09 17:45:03 -06:00 · 4880ef61cf
commit 4880ef61cf
parent 849754ea4a
3 changed files with 109 additions and 52 deletions
--- a/flask/app.py
+++ b/flask/app.py
@ -2,27 +2,56 @@ import sys
 from pathlib import Path
 sys.path.insert(0, str(Path(__file__).resolve().parent.parent))

-from flask import Flask, render_template, request, jsonify, redirect
-from flask_login import LoginManager, UserMixin
+from flask import Flask, render_template, request, redirect, flash
+from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user
 import hashlib
 import hmac
 import base64

 from settings import FLASK_SECRET_KEY, TELEGRAM_API_TOKEN, TELEGRAM_BOT_NAME, TELEGRAM_BOT_DOMAIN
+from db.queries import user_get

 app = Flask(__name__)

 app.secret_key = FLASK_SECRET_KEY

+login_manager = LoginManager()
+login_manager.init_app(app)
+login_manager.login_view = "index"
+
+class FlaskUser(UserMixin):
+  def __init__(self, db_user):
+    self.db_user = db_user
+
+  def get_id(self):
+    return self.db_user.telegram_username
+
+@login_manager.user_loader
+def load_user(user_id):
+    try:
+      db_user = user_get(user_id)
+      return FlaskUser(db_user)
+    except:
+      return None
+
@app.route('/')
 def index():
-  data = {'bot_name': TELEGRAM_BOT_NAME, 'bot_damin': TELEGRAM_BOT_DOMAIN}
-  return render_template('index.html', data = data)
+  if not current_user.is_authenticated:
+    data = {'bot_name': TELEGRAM_BOT_NAME, 'bot_damin': TELEGRAM_BOT_DOMAIN}
+    return render_template('index.html', data = data)
+  else:
+    return redirect('/dashboard')

@app.route('/dashboard')
+@login_required
 def dashboard():
  return render_template('dashboard.html')

+@app.route('/logout')
+def logout():
+  logout_user()
+  return redirect('/')
+
 def string_generator(data_incoming):
  data = data_incoming.copy()
  del data['hash']
@ -50,13 +79,18 @@ def login():
  data_check_string_bytes = bytes(data_check_string, 'utf-8')
  hmac_string = hmac.new(secret_key_bytes, data_check_string_bytes, hashlib.sha256).hexdigest()
  if hmac_string == tg_data['hash']:
-    return redirect('/dashboard')
+    try:
+      db_user = user_get(tg_data['username'])
+      login_user(FlaskUser(db_user))
+    except:
+      flash("Login failed. Please try again.")
+      return redirect('/')
+  else:
+    flash("Login failed. Please try again.")
+    return redirect('/')

-  return jsonify({
-    'hmac_string': hmac_string,
-    'tg_hash': tg_data['hash'],
-    'tg_data': tg_data
-  })
+
+  return redirect('/dashboard')

 if __name__ == '__main__':
  app.run(host='0.0.0.0', debug=True, port=8080)
--- a/flask/templates/dashboard.html
+++ b/flask/templates/dashboard.html
@ -5,30 +5,31 @@
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

-    <!-- Bootstrap CSS -->
-    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+    <title>Gear Orders Bot</title>

-    <title>Dashboard</title>
+    <style>
+      body {
+        font-family: Arial;
+      }
+
+      h1 {
+        font-size: 18pt;
+      }
+
+      .grid {
+        display: grid;
+        justify-items: center;
+        align-content: center;
+        height: 80vh;
+      }
+    </style>
  </head>

-<body class="w-100 h-100">
-  <div id="s_cover3" class="pt-5 pi-draggable text-white bg-primary">
-    <div class="container">
-      <div class="row">
-        <div class="col-md-12 text-md-left text-center align-self-center my-5">
-          <h1 class="display-1">Dashboard</h1>
-          <p class="lead">Successfuly logged in and the login verified</p>
-        </div>
-      </div>
-    </div>
+<body>
+  <div class="grid">
+    <h1>Dashboard</h1>
+    <p>Successfuly logged in and the login verified</p>
  </div>
-  <meta charset="utf-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css" type="text/css">
-  <link rel="stylesheet" href="theme.css" type="text/css">
-  <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
-  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
-  <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
 </body>

 </html>
--- a/flask/templates/index.html
+++ b/flask/templates/index.html
@ -5,29 +5,51 @@
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

-    <!-- Bootstrap CSS -->
-    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+    <title>Gear Orders Bot</title>

-    <title>Hello, world!</title>
+    <style>
+      body {
+        font-family: Arial;
+      }
+
+      h1 {
+        font-size: 18pt;
+      }
+
+      .grid {
+        display: grid;
+        justify-items: center;
+        align-content: center;
+        height: 80vh;
+      }
+
+      .flashes {
+        padding: 10px;
+        margin: 10px;
+        background-color: rgb(255, 193, 7);
+        color: rgb(51, 39, 1);
+        border: 1px solid rgb(51, 39, 1);
+        text-align: center;
+
+        p {
+          margin: 0;
+        }
+      }
+    </style>
  </head>
- <div class="py-5 text-center opaque-overlay filter-gradient">
-    <div class="container py-5">
-      <div class="row">
-        <div class="col-md-12 text-white">
-          <h1 class="display-3 mb-4">Telegram Login</h1>
-          <p class="lead mb-5">A simple telegram login using flask. The instructions can be found
-            <br>mithun.co</p>
-          <script async src="https://telegram.org/js/telegram-widget.js?19" data-telegram-login="{{ data['bot_name'] }}" data-size="large" data-auth-url="{{ data['bot_domain'] }}/login" data-request-access="write"></script>
-        </div>
-      </div>
+  <body>
+    <div class="grid">
+      <h1>Gear Orders Bot</h1>
+      <script async src="https://telegram.org/js/telegram-widget.js?19" data-telegram-login="{{ data['bot_name'] }}" data-size="large" data-auth-url="{{ data['bot_domain'] }}/login" data-request-access="write"></script>
+      {% with messages = get_flashed_messages() %}
+        {% if messages %}
+          <div class="flashes">
+          {% for message in messages %}
+            <p>{{ message }}</p>
+          {% endfor %}
+          </div>
+        {% endif %}
+      {% endwith %}
    </div>
-  </div>
-
-    <!-- Optional JavaScript -->
-    <!-- jQuery first, then Popper.js, then Bootstrap JS -->
-    <script src="https://code.jquery.com/jquery-3.2.1.slim.min.js" integrity="sha384-KJ3o2DKtIkvYIK3UENzmM7KCkRr/rE9/Qpg6aAZGJwFDMVNA/GpGFF93hXpG5KkN" crossorigin="anonymous"></script>
-    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
-    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
-    
  </body>
 </html>