diff --git a/app/routes.py b/app/routes.py index ae156c5..9b5d86e 100644 --- a/app/routes.py +++ b/app/routes.py @@ -9,7 +9,6 @@ from flask_socketio import join_room import pytz from flask import ( Blueprint, - Response, abort, current_app, flash, @@ -18,6 +17,7 @@ from flask import ( render_template, request, send_from_directory, + session, url_for, ) @@ -104,6 +104,15 @@ def index(): else: return render_template('index.html', active_banner=get_active_banner(), decks=get_unlocked_decks(token), user_name=token.name, active_course=token.active_course, courses=get_all_courses()) +def set_cookie(token): + next_url = session.pop('next_url', None) + if not next_url: + next_url = url_for("main.index") + + resp = make_response(redirect(next_url)) + resp.set_cookie('access_token', serialize_token(token), httponly=True) + return resp + @main.route('/set_token', methods=['POST', 'GET']) def set_token(): """ @@ -126,11 +135,12 @@ def set_token(): flash(f'The username "{user_name}" does not exist.', 'error') return render_template('set_token.html') - resp = make_response(redirect(url_for("main.index"))) - resp.set_cookie('access_token', serialize_token(token), httponly=True) - return resp + next_url = session.pop('next_url', None) + if not next_url: + next_url = url_for("main.index") + + set_cookie(token) - # If GET request, render the form return render_template('set_token.html') @@ -163,10 +173,7 @@ def register(): token = create_token(user_name) print(f"User registered: {user_name}") - - resp = make_response(redirect(url_for("main.index"))) - resp.set_cookie('access_token', serialize_token(token), httponly=True) - return resp + set_cookie(token) # If GET request, render the form return render_template('register.html') @@ -218,6 +225,14 @@ def admin_login(): def process_access_code(access_code: str): + token = get_token() + + if not token: + # remember where the user wanted to go + session['next_url'] = url_for('main.access', access_code=access_code, method="GET") + print(session) + return redirect(url_for('main.set_token')) + password = db.session.execute( db.select(Password) .where(Password.value == access_code)