diff options
| author | Gertjan van den Burg <gertjanvandenburg@gmail.com> | 2019-06-03 15:21:49 +0100 |
|---|---|---|
| committer | Gertjan van den Burg <gertjanvandenburg@gmail.com> | 2019-06-03 15:21:49 +0100 |
| commit | 0bfd9cb7e0ba942053cf3899b2e73f340161629c (patch) | |
| tree | 1e0a336f9e14002efa14779572c8fe024968e95d /app | |
| parent | Rewrite the task assignment flow (diff) | |
| download | AnnotateChange-0bfd9cb7e0ba942053cf3899b2e73f340161629c.tar.gz AnnotateChange-0bfd9cb7e0ba942053cf3899b2e73f340161629c.zip | |
Automatically logout users
This accompanies the new task assignment strategy.
By logging users out, we have a chance of
assigning them new tasks when they login again.
If they would never be logged out, it wouldn't
be straightforward to decide when to assign
them new tasks.
Diffstat (limited to 'app')
| -rw-r--r-- | app/__init__.py | 6 | ||||
| -rw-r--r-- | app/auth/forms.py | 3 | ||||
| -rw-r--r-- | app/auth/routes.py | 22 |
3 files changed, 27 insertions, 4 deletions
diff --git a/app/__init__.py b/app/__init__.py index 864de2b..01e3267 100644 --- a/app/__init__.py +++ b/app/__init__.py @@ -65,6 +65,12 @@ def create_app(config_class=Config): app.register_blueprint(admin_bp) + # Register the auto_logout function + from app.auth.routes import auto_logout + + app.before_request(auto_logout) + + if not app.debug: if app.config["MAIL_SERVER"]: auth = None diff --git a/app/auth/forms.py b/app/auth/forms.py index 5bff46f..7758342 100644 --- a/app/auth/forms.py +++ b/app/auth/forms.py @@ -3,7 +3,7 @@ from flask import current_app from flask_wtf import FlaskForm -from wtforms import StringField, PasswordField, BooleanField, SubmitField +from wtforms import StringField, PasswordField, SubmitField from wtforms.validators import DataRequired, ValidationError, Email, EqualTo from app.models import User @@ -12,7 +12,6 @@ from app.models import User class LoginForm(FlaskForm): username = StringField("Username", validators=[DataRequired()]) password = PasswordField("Password", validators=[DataRequired()]) - remember_me = BooleanField("Remember Me") submit = SubmitField("Sign In") diff --git a/app/auth/routes.py b/app/auth/routes.py index bc5e9b3..2a8a0bd 100644 --- a/app/auth/routes.py +++ b/app/auth/routes.py @@ -2,7 +2,15 @@ import datetime -from flask import render_template, flash, redirect, url_for, request +from flask import ( + render_template, + flash, + redirect, + url_for, + current_app, + session, + request, +) from flask_login import current_user, login_user, logout_user from werkzeug.urls import url_parse @@ -24,15 +32,25 @@ from app.models import User, Task from app.utils.tasks import generate_user_task +def auto_logout(): + # Automatically logout after a period of inactivity + # https://stackoverflow.com/a/40914886/1154005 + session.permanent = True + current_app.permanent_session_lifetime = datetime.timedelta(minutes=15) + session.modified = True + + @bp.route("/login", methods=("GET", "POST")) def login(): form = LoginForm() if form.validate_on_submit(): + # log the user in if exists user = User.query.filter_by(username=form.username.data).first() if user is None or not user.check_password(form.password.data): flash("Invalid username or password", "error") return redirect(url_for("auth.login")) - login_user(user, remember=form.remember_me.data) + login_user(user) + # record last_active time current_user.last_active = datetime.datetime.utcnow() db.session.commit() |