release: publish saldo 0.1.0

app/auth/__init__.py

@@ -0,0 +1,2 @@
+from .routes import auth_bp
+

app/auth/routes.py

@@ -0,0 +1,77 @@
+from __future__ import annotations
+
+from flask import Blueprint, flash, redirect, render_template, request, url_for
+from flask_login import current_user, login_required, login_user, logout_user
+
+from app.extensions import db
+from app.models import NotificationPreference, User
+from app.seed import seed_data
+auth_bp = Blueprint("auth", __name__, url_prefix="/auth")
+
+
+@auth_bp.route("/setup", methods=["GET", "POST"])
+def setup():
+    if current_user.is_authenticated:
+        return redirect(url_for("main.index"))
+    if User.query.count() > 0:
+        return redirect(url_for("auth.login"))
+
+    if request.method == "POST":
+        username = request.form.get("username", "").strip()
+        display_name = request.form.get("display_name", "").strip()
+        email = request.form.get("email", "").strip()
+        password = request.form.get("password", "")
+        password_confirm = request.form.get("password_confirm", "")
+
+        if not username or not display_name or not email or not password:
+            flash("Bitte alle Pflichtfelder ausfüllen.", "danger")
+        elif password != password_confirm:
+            flash("Die Passwörter stimmen nicht überein.", "danger")
+        elif User.query.filter((User.username == username) | (User.email == email)).first():
+            flash("Benutzername oder E-Mail existieren bereits.", "danger")
+        else:
+            seed_data()
+            user = User(
+                username=username,
+                display_name=display_name,
+                email=email,
+                role="admin",
+                is_active=True,
+            )
+            user.set_password(password)
+            db.session.add(user)
+            db.session.flush()
+            db.session.add(NotificationPreference(user_id=user.id))
+            db.session.commit()
+            login_user(user, remember=True)
+            flash("Admin eingerichtet. Saldo ist startklar.", "success")
+            return redirect(url_for("main.index"))
+
+    return render_template("auth/setup.html")
+
+
+@auth_bp.route("/login", methods=["GET", "POST"])
+def login():
+    if current_user.is_authenticated:
+        return redirect(url_for("main.index"))
+    if User.query.count() == 0:
+        return redirect(url_for("auth.setup"))
+    has_users = User.query.count() > 0
+    if request.method == "POST":
+        username = request.form.get("username", "").strip()
+        password = request.form.get("password", "")
+        user = User.query.filter_by(username=username, is_active=True).first()
+        if user and user.check_password(password):
+            login_user(user, remember=True)
+            flash("Willkommen zurück.", "success")
+            return redirect(request.args.get("next") or url_for("main.index"))
+        flash("Login fehlgeschlagen. Bitte prüfe Benutzername und Passwort.", "danger")
+    return render_template("auth/login.html", has_users=has_users)
+
+
+@auth_bp.route("/logout", methods=["POST"])
+@login_required
+def logout():
+    logout_user()
+    flash("Du wurdest abgemeldet.", "info")
+    return redirect(url_for("auth.login"))