From b68788f65cdd8afbb456835d272a8a1f94d75db7 Mon Sep 17 00:00:00 2001
From: Gergely Polonkai <gergely@polonkai.eu>
Date: Fri, 29 Jun 2018 08:03:49 +0200
Subject: [PATCH] Allow users to login

---
 Pipfile                  |  1 +
 Pipfile.lock             | 83 +++++++++++++++++++++++++++++++++++++++-
 app/__init__.py          | 14 ++++++-
 app/config_dev.py        |  3 ++
 app/security.py          |  3 ++
 app/templates/base.html  | 10 +++++
 app/templates/index.html |  5 +++
 7 files changed, 116 insertions(+), 3 deletions(-)
 create mode 100644 app/security.py
 create mode 100644 app/templates/index.html

diff --git a/Pipfile b/Pipfile
index 9d506a6..48354b7 100644
--- a/Pipfile
+++ b/Pipfile
@@ -10,6 +10,7 @@ flask-sqlalchemy = "*"
 python-dotenv = "*"
 flask-security = "*"
 sqlalchemy-utils = "*"
+bcrypt = "*"
 
 [dev-packages]
 
diff --git a/Pipfile.lock b/Pipfile.lock
index 14b0341..636e8ca 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "8bf0527ea7e02c2ee9f7bd25d680a7c911d8392944073706e3ef1b6cdafd8fe4"
+            "sha256": "3d544c0d9f97c1ce08e62a19c126c98649a07cb8a7b6d871a27779424b954c46"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -23,12 +23,87 @@
             ],
             "version": "==2.6.0"
         },
+        "bcrypt": {
+            "hashes": [
+                "sha256:01477981abf74e306e8ee31629a940a5e9138de000c6b0898f7f850461c4a0a5",
+                "sha256:054d6e0acaea429e6da3613fcd12d05ee29a531794d96f6ab959f29a39f33391",
+                "sha256:0872eeecdf9a429c1420158500eedb323a132bc5bf3339475151c52414729e70",
+                "sha256:09a3b8c258b815eadb611bad04ca15ec77d86aa9ce56070e1af0d5932f17642a",
+                "sha256:0f317e4ffbdd15c3c0f8ab5fbd86aa9aabc7bea18b5cc5951b456fe39e9f738c",
+                "sha256:2788c32673a2ad0062bea850ab73cffc0dba874db10d7a3682b6f2f280553f20",
+                "sha256:321d4d48be25b8d77594d8324c0585c80ae91ac214f62db9098734e5e7fb280f",
+                "sha256:346d6f84ff0b493dbc90c6b77136df83e81f903f0b95525ee80e5e6d5e4eef84",
+                "sha256:34dd60b90b0f6de94a89e71fcd19913a30e83091c8468d0923a93a0cccbfbbff",
+                "sha256:3b4c23300c4eded8895442c003ae9b14328ae69309ac5867e7530de8bdd7875d",
+                "sha256:43d1960e7db14042319c46925892d5fa99b08ff21d57482e6f5328a1aca03588",
+                "sha256:49e96267cd9be55a349fd74f9852eb9ae2c427cd7f6455d0f1765d7332292832",
+                "sha256:67ed1a374c9155ec0840214ce804616de49c3df9c5bc66740687c1c9b1cd9e8d",
+                "sha256:6efd9ca20aefbaf2e7e6817a2c6ed4a50ff6900fafdea1bcb1d0e9471743b144",
+                "sha256:8569844a5d8e1fdde4d7712a05ab2e6061343ac34af6e7e3d7935b2bd1907bfd",
+                "sha256:8629ea6a8a59f865add1d6a87464c3c676e60101b8d16ef404d0a031424a8491",
+                "sha256:988cac675e25133d01a78f2286189c1f01974470817a33eaf4cfee573cfb72a5",
+                "sha256:9a6fedda73aba1568962f7543a1f586051c54febbc74e87769bad6a4b8587c39",
+                "sha256:9eced8962ce3b7124fe20fd358cf8c7470706437fa064b9874f849ad4c5866fc",
+                "sha256:a005ed6163490988711ff732386b08effcbf8df62ae93dd1e5bda0714fad8afb",
+                "sha256:ae35dbcb6b011af6c840893b32399252d81ff57d52c13e12422e16b5fea1d0fb",
+                "sha256:b1e8491c6740f21b37cca77bc64677696a3fb9f32360794d57fa8477b7329eda",
+                "sha256:c906bdb482162e9ef48eea9f8c0d967acceb5c84f2d25574c7d2a58d04861df1",
+                "sha256:cb18ffdc861dbb244f14be32c47ab69604d0aca415bee53485fcea4f8e93d5ef",
+                "sha256:d86da365dda59010ba0d1ac45aa78390f56bf7f992e65f70b3b081d5e5257b09",
+                "sha256:e22f0997622e1ceec834fd25947dc2ee2962c2133ea693d61805bc867abaf7ea",
+                "sha256:f2fe545d27a619a552396533cddf70d83cecd880a611cdfdbb87ca6aec52f66b",
+                "sha256:f7fd3ed3745fe6e81e28dc3b3d76cce31525a91f32a387e1febd6b982caf8cdb",
+                "sha256:f9210820ee4818d84658ed7df16a7f30c9fba7d8b139959950acef91745cc0f7"
+            ],
+            "index": "pypi",
+            "version": "==3.1.4"
+        },
         "blinker": {
             "hashes": [
                 "sha256:471aee25f3992bd325afa3772f1063dbdbbca947a041b8b89466dc00d606f8b6"
             ],
             "version": "==1.4"
         },
+        "cffi": {
+            "hashes": [
+                "sha256:11d30fc490bbe4d110fb7bfead0f10208275978ced3bce77f202224a0a9b448c",
+                "sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743",
+                "sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef",
+                "sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50",
+                "sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f",
+                "sha256:3bb6bd7266598f318063e584378b8e27c67de998a43362e8fce664c54ee52d30",
+                "sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93",
+                "sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257",
+                "sha256:495c5c2d43bf6cebe0178eb3e88f9c4aa48d8934aa6e3cddb865c058da76756b",
+                "sha256:4b3d70782d55aa38949e4b66d51c461c053b729baa53d94bb8a3a92c1d1d5b88",
+                "sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3",
+                "sha256:57b2533356cb2d8fac1555815929f7f5f14d68ac77b085d2326b571310f34f6e",
+                "sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc",
+                "sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04",
+                "sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6",
+                "sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359",
+                "sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596",
+                "sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b",
+                "sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd",
+                "sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95",
+                "sha256:a6a5cb8809091ec9ac03edde9304b3ad82ad4466333432b16d78ef40e0cce0d5",
+                "sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e",
+                "sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6",
+                "sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca",
+                "sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31",
+                "sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1",
+                "sha256:ca1bd81f40adc59011f58159e4aa6445fc585a32bb8ac9badf7a2c1aa23822f2",
+                "sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085",
+                "sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801",
+                "sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4",
+                "sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184",
+                "sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917",
+                "sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f",
+                "sha256:facc52ea162864a51556925bfa09d8c8c131349aeabfce2da4a43198e36fba5c",
+                "sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb"
+            ],
+            "version": "==1.11.5"
+        },
         "click": {
             "hashes": [
                 "sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d",
@@ -125,6 +200,12 @@
             ],
             "version": "==1.7.1"
         },
+        "pycparser": {
+            "hashes": [
+                "sha256:99a8ca03e29851d96616ad0404b4aad7d9ee16f25c9f9708a11faf2810f7b226"
+            ],
+            "version": "==2.18"
+        },
         "python-dotenv": {
             "hashes": [
                 "sha256:4965ed170bf51c347a89820e8050655e9c25db3837db6602e906b6d850fad85c",
diff --git a/app/__init__.py b/app/__init__.py
index 58e8584..dbf7f61 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -18,26 +18,36 @@ import os
 
 from flask import Flask, render_template
 from flask_babel import Babel
+from flask_security import SQLAlchemyUserDatastore, current_user
 
 
 class CalendarSocialApp(Flask):
     def __init__(self, name, config=None):
-        from app.models import db
+        from app.models import db, User, Role
+        from app.security import security
 
         Flask.__init__(self, name)
 
         config_name = os.environ.get('ENV', config or 'dev')
         self.config.from_pyfile(f'config_{config_name}.py', True)
+        # Make sure we look up users both by their usernames and email addresses
+        self.config['SECURITY_USER_IDENTITY_ATTRIBUTES'] = ('username', 'email')
         db.init_app(self)
         babel = Babel(app=self)
 
+        user_store = SQLAlchemyUserDatastore(db, User, Role)
+        security.init_app(self, datastore=user_store)
+
 
 app = CalendarSocialApp(__name__)
 
 
 @app.route('/')
 def hello():
-    return render_template('welcome.html')
+    if not current_user.is_authenticated:
+        return render_template('welcome.html')
+
+    return render_template('index.html')
 
 
 if __name__ == '__main__':
diff --git a/app/config_dev.py b/app/config_dev.py
index 4f7ec9c..7c5d90b 100644
--- a/app/config_dev.py
+++ b/app/config_dev.py
@@ -2,3 +2,6 @@ DEBUG = True
 ENV = 'dev'
 SQLALCHEMY_DATABASE_URI = 'sqlite:///local.db'
 SQLALCHEMY_TRACK_MODIFICATIONS = False
+SECRET_KEY = 'ThisIsNotSoSecret'
+SECURITY_PASSWORD_HASH = 'bcrypt'
+SECURITY_PASSWORD_SALT = SECRET_KEY
diff --git a/app/security.py b/app/security.py
new file mode 100644
index 0000000..56ff78e
--- /dev/null
+++ b/app/security.py
@@ -0,0 +1,3 @@
+from flask_security import Security
+
+security = Security()
diff --git a/app/templates/base.html b/app/templates/base.html
index a52002f..230637c 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -16,6 +16,16 @@
     <body>
         <header>
             <h1>Calendar.social</h1>
+            <nav class="menu">
+                {{ _('Logged in as %(username)s', username=current_user.username) }}
+                <ul>
+{% if not current_user.is_authenticated %}
+                    <li><a href="{{ url_for('security.login') }}">{% trans %}Login{% endtrans %}</a></li>
+{% else %}
+                    <li><a href="{{ url_for('security.logout') }}">{% trans %}Logout{% endtrans %}</a></li>
+{% endif %}
+                </ul>
+            </nav>
         </header>
 {% block content %}{% endblock %}
         <footer>
diff --git a/app/templates/index.html b/app/templates/index.html
new file mode 100644
index 0000000..f446a60
--- /dev/null
+++ b/app/templates/index.html
@@ -0,0 +1,5 @@
+{% extends 'base.html' %}
+
+{% block content %}
+{{ _('Welcome to Calendar.social, %(username)s!', username=current_user.username) }}
+{% endblock content %}