This commit is contained in:
2025-10-20 20:57:08 +02:00
parent b163ec9bd9
commit a4e39a469b

View File

@@ -9,7 +9,6 @@ from flask_socketio import join_room
import pytz
from flask import (
Blueprint,
Response,
abort,
current_app,
flash,
@@ -18,6 +17,7 @@ from flask import (
render_template,
request,
send_from_directory,
session,
url_for,
)
@@ -104,6 +104,15 @@ def index():
else:
return render_template('index.html', active_banner=get_active_banner(), decks=get_unlocked_decks(token), user_name=token.name, active_course=token.active_course, courses=get_all_courses())
def set_cookie(token):
next_url = session.pop('next_url', None)
if not next_url:
next_url = url_for("main.index")
resp = make_response(redirect(next_url))
resp.set_cookie('access_token', serialize_token(token), httponly=True)
return resp
@main.route('/set_token', methods=['POST', 'GET'])
def set_token():
"""
@@ -126,11 +135,12 @@ def set_token():
flash(f'The username "{user_name}" does not exist.', 'error')
return render_template('set_token.html')
resp = make_response(redirect(url_for("main.index")))
resp.set_cookie('access_token', serialize_token(token), httponly=True)
return resp
next_url = session.pop('next_url', None)
if not next_url:
next_url = url_for("main.index")
set_cookie(token)
# If GET request, render the form
return render_template('set_token.html')
@@ -163,10 +173,7 @@ def register():
token = create_token(user_name)
print(f"User registered: {user_name}")
resp = make_response(redirect(url_for("main.index")))
resp.set_cookie('access_token', serialize_token(token), httponly=True)
return resp
set_cookie(token)
# If GET request, render the form
return render_template('register.html')
@@ -218,6 +225,14 @@ def admin_login():
def process_access_code(access_code: str):
token = get_token()
if not token:
# remember where the user wanted to go
session['next_url'] = url_for('main.access', access_code=access_code, method="GET")
print(session)
return redirect(url_for('main.set_token'))
password = db.session.execute(
db.select(Password)
.where(Password.value == access_code)