Peter
35 lines
1.2 KiB
Python
35 lines
1.2 KiB
Python
"""Login und Captcha Routes"""
|
|
from flask import Blueprint, request, jsonify, session
|
|
from auth import generate_captcha, verify_captcha, check_admin_password
|
|
|
|
auth_bp = Blueprint('auth', __name__)
|
|
|
|
@auth_bp.route('/api/captcha', methods=['GET'])
|
|
def get_captcha():
|
|
captcha = generate_captcha()
|
|
session['captcha_answer'] = captcha['answer']
|
|
return jsonify({"question": captcha['question'], "token": captcha['token']})
|
|
|
|
@auth_bp.route('/api/admin/login', methods=['POST'])
|
|
def admin_login():
|
|
data = request.get_json() or {}
|
|
password = data.get('password', '')
|
|
|
|
if check_admin_password(password):
|
|
session['user_role'] = 'admin'
|
|
session['login_time'] = __import__('time').time()
|
|
return jsonify({"status": "ok", "role": "admin"})
|
|
return jsonify({"error": "Invalid credentials"}), 401
|
|
|
|
@auth_bp.route('/api/admin/logout', methods=['POST'])
|
|
def admin_logout():
|
|
session.pop('user_role', None)
|
|
session.pop('login_time', None)
|
|
return jsonify({"status": "ok"})
|
|
|
|
@auth_bp.route('/api/session', methods=['GET'])
|
|
def check_session():
|
|
role = session.get('user_role')
|
|
if role:
|
|
return jsonify({"role": role, "logged_in": True})
|