sssnake/autarch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Autarch Will Control The Internet

Browse Source
This commit is contained in:
DigiJ
2026-03-13 15:17:15 -07:00
commit 4d3570781e
401 changed files with 484494 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
web/routes/auth_routes.py Normal file
View File

@@ -0,0 +1,61 @@
"""Auth routes - login, logout, password change"""
from flask import Blueprint, render_template, request, redirect, url_for, session, flash, jsonify
from web.auth import check_password, hash_password, load_credentials, save_credentials
auth_bp = Blueprint('auth', __name__)
@auth_bp.route('/login', methods=['GET', 'POST'])
def login():
if 'user' in session:
return redirect(url_for('dashboard.index'))
if request.method == 'POST':
username = request.form.get('username', '')
password = request.form.get('password', '')
creds = load_credentials()
if username == creds['username'] and check_password(password, creds['password']):
session['user'] = username
if creds.get('force_change'):
flash('Please change the default password.', 'warning')
return redirect(url_for('settings.index'))
next_url = request.args.get('next', url_for('dashboard.index'))
return redirect(next_url)
else:
flash('Invalid credentials.', 'error')
return render_template('login.html')
@auth_bp.route('/api/login', methods=['POST'])
def api_login():
"""JSON login endpoint for the companion app."""
data = request.get_json(silent=True) or {}
username = data.get('username', '')
password = data.get('password', '')
if not username or not password:
return jsonify({'ok': False, 'error': 'Missing username or password'}), 400
creds = load_credentials()
if username == creds['username'] and check_password(password, creds['password']):
session['user'] = username
return jsonify({'ok': True, 'user': username})
else:
return jsonify({'ok': False, 'error': 'Invalid credentials'}), 401
@auth_bp.route('/api/check', methods=['GET'])
def api_check():
"""Check if the current session is authenticated."""
if 'user' in session:
return jsonify({'ok': True, 'user': session['user']})
return jsonify({'ok': False}), 401
@auth_bp.route('/logout')
def logout():
session.clear()
return redirect(url_for('auth.login'))