1 files changed, 74 insertions, 1 deletions

diff --git a/app/auth/__init__.py b/app/auth/__init__.py
index 52f0cd7..b419351 100644
--- a/app/auth/__init__.py
+++ b/app/auth/__init__.py
@@ -1,3 +1,76 @@
-from flask import Blueprint
+from flask import Blueprint, request, redirect, url_for, flash, render_template
+from flask_login import current_user, login_user
+from werkzeug.security import check_password_hash, generate_password_hash
+
+from app.auth.forms import LoginForm, RegisterForm
+from app.database import User
+from app import db
+
+import ulid
 
 bp = Blueprint('auth', __name__, url_prefix='/auth')
+
+@bp.route("/login", methods=["GET", "POST"])
+def login():
+    if current_user.is_authenticated:
+        flash("You are already logged in")
+        return redirect(url_for("meta.home"))
+
+    form = LoginForm(request.form)
+
+    if request.method == 'POST' and form.validate():
+        email = request.form.get('username')
+        password = request.form.get('password')
+
+        u = User.query.fetch_one().filter_by(email=email)
+
+        if u is not None:
+            if check_password_hash(u.password, password):
+                login_user(u)
+
+                flash("Logged in successfully")
+
+                return redirect(url_for("meta.home"))
+
+            else:
+                flash("Incorrect password")
+        else:
+            flash("Incorrect username")
+
+    return render_template("login.html", form=form)
+
+@bp.route("/register", methods=["GET", "POST"])
+def register():
+    if current_user.is_authenticated:
+        flash("You are already logged in")
+        return redirect(url_for("meta.home"))
+
+    form = RegisterForm(request.form)
+
+    if request.method == 'POST' and form.validate():
+        email = request.form.get("username")
+        pref_name = request.form.get("pref_name")
+        password = request.form.get("password")
+        pw_confirm = request.form.get("password_confirm")
+
+        if password == pw_confirm:
+            # Passwords match
+            
+            user = User(
+                id=str(ulid.new()),
+                email=email,
+                password=generate_password_hash(password),
+                pref_name=pref_name,
+                last_login=datetime.now(),
+                active=True
+                )
+
+            db.session.add(user)
+            db.session.commit()
+            flask_login.login_user(user)
+
+            return redirect(url_for('meta.home'))
+        else:
+            flash("Passwords do not match")
+
+    return render_template("register.html")