Revised the log in process of the test site to return to the previous page after logging in.

This commit is contained in:
依瑪貓 2023-04-11 22:05:57 +08:00
parent 12ccf658bf
commit fadd8e73b6
4 changed files with 15 additions and 6 deletions

View File

@ -22,7 +22,8 @@ import typing as t
from secrets import token_urlsafe from secrets import token_urlsafe
from click.testing import Result from click.testing import Result
from flask import Flask, Blueprint, render_template, redirect, Response from flask import Flask, Blueprint, render_template, redirect, Response, \
url_for
from flask.testing import FlaskCliRunner from flask.testing import FlaskCliRunner
from flask_babel_js import BabelJS from flask_babel_js import BabelJS
from flask_sqlalchemy import SQLAlchemy from flask_sqlalchemy import SQLAlchemy
@ -86,7 +87,8 @@ def create_app(is_testing: bool = False) -> Flask:
and auth.current_user().username == "admin" and auth.current_user().username == "admin"
def unauthorized(self) -> Response: def unauthorized(self) -> Response:
return redirect("/login") from accounting.utils.next_uri import append_next
return redirect(append_next(url_for("auth.login-form")))
@property @property
def cls(self) -> t.Type[auth.User]: def cls(self) -> t.Type[auth.User]:

View File

@ -18,7 +18,7 @@
""" """
from flask import Blueprint, render_template, Flask, redirect, url_for, \ from flask import Blueprint, render_template, Flask, redirect, url_for, \
session, request, g session, request, g, Response
from . import db from . import db
@ -44,11 +44,13 @@ class User(db.Model):
@bp.get("login", endpoint="login-form") @bp.get("login", endpoint="login-form")
def show_login_form() -> str: def show_login_form() -> str | Response:
"""Shows the login form. """Shows the login form.
:return: The login form. :return: The login form.
""" """
if "user" in session:
return redirect(url_for("accounting-report.default"))
return render_template("login.html") return render_template("login.html")
@ -58,11 +60,12 @@ def login() -> redirect:
:return: The redirection to the home page. :return: The redirection to the home page.
""" """
from accounting.utils.next_uri import inherit_next, or_next
if request.form.get("username") not in {"viewer", "editor", "admin", if request.form.get("username") not in {"viewer", "editor", "admin",
"nobody"}: "nobody"}:
return redirect(url_for("auth.login")) return redirect(inherit_next(url_for("auth.login")))
session["user"] = request.form.get("username") session["user"] = request.form.get("username")
return redirect(url_for("home.home")) return redirect(or_next(url_for("accounting-report.default")))
@bp.post("logout", endpoint="logout") @bp.post("logout", endpoint="logout")

View File

@ -27,6 +27,9 @@ First written: 2023/1/27
<form action="{{ url_for("auth.login") }}" method="post"> <form action="{{ url_for("auth.login") }}" method="post">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"> <input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
{% if request.args.next %}
<input type="hidden" name="next" value="{{ request.args.next }}">
{% endif %}
<button class="btn btn-primary" type="submit" name="username" value="viewer">{{ _("Viewer") }}</button> <button class="btn btn-primary" type="submit" name="username" value="viewer">{{ _("Viewer") }}</button>
<button class="btn btn-primary" type="submit" name="username" value="editor">{{ _("Editor") }}</button> <button class="btn btn-primary" type="submit" name="username" value="editor">{{ _("Editor") }}</button>
<button class="btn btn-primary" type="submit" name="username" value="admin">{{ _("Administrator") }}</button> <button class="btn btn-primary" type="submit" name="username" value="admin">{{ _("Administrator") }}</button>

View File

@ -103,6 +103,7 @@ def get_client(app: Flask, username: str) -> tuple[httpx.Client, str]:
csrf_token: str = get_csrf_token(client) csrf_token: str = get_csrf_token(client)
response: httpx.Response = client.post("/login", response: httpx.Response = client.post("/login",
data={"csrf_token": csrf_token, data={"csrf_token": csrf_token,
"next": "/",
"username": username}) "username": username})
assert response.status_code == 302 assert response.status_code == 302
assert response.headers["Location"] == "/" assert response.headers["Location"] == "/"