ForME/app/auth.py

from flask import Blueprint, current_app, render_template, request, redirect, url_for, session, abort, flash


auth_bp = Blueprint("auth", __name__)


def is_logged_in() -> bool:
    return bool(session.get("logged_in"))


def login_required():
    if not is_logged_in():
        abort(404)


@auth_bp.app_context_processor
def inject_auth():
    return {"logged_in": is_logged_in()}


@auth_bp.route("/login", methods=["GET", "POST"])
def login():
    if request.method == "POST":
        username = request.form.get("username", "")
        password = request.form.get("password", "")
        if (
            username == current_app.config["ADMIN_USERNAME"]
            and password == current_app.config["ADMIN_PASSWORD"]
        ):
            session["logged_in"] = True
            flash("Вход выполнен", "success")
            return redirect(url_for("admin.index"))
        flash("Неверные логин или пароль", "error")
    return render_template("login.html")


@auth_bp.route("/logout", methods=["POST"])
def logout():
    session.clear()
    abort(404)