added auth examples to template

app.py

@@ -39,10 +39,11 @@ from models import *
 
 # Register all blueprints/routes
 from blueprints import home_blueprint, persons_blueprint
-# from blueprints.auth import auth_blueprint
+from blueprints.auth import auth_blueprint
+
 app.register_blueprint(home_blueprint)
 app.register_blueprint(persons_blueprint)
-# app.register_blueprint(auth_blueprint)
+app.register_blueprint(auth_blueprint)
 
 # ===================== MIGRATION SETUP =====================
 APP_CONFIG_BINDINGS_DICT_KEY = "SQLALCHEMY_BINDS"

blueprints/auth.py

+from flask import Blueprint, render_template, request, redirect, flash
+from imperial_ldap.auth import ldap_login, ldap_logout
+from config import url_for2
+
+# Authentication (login) related routes
+auth_blueprint = Blueprint("auth", __name__, url_prefix="/auth")
+
+
+@auth_blueprint.route("/login", methods=["GET", "POST"])
+def login():
+    if request.method == "GET":
+        return render_template("login.html") 
+    
+    # Handle post request
+    username = request.form.get("username")
+    password = request.form.get("password")
+    if username and password:
+
+        user = ldap_login(username, password)
+        if user:
+            # we're logged in
+            return redirect(url_for2("home.dashboard"))
+
+        else:
+            # bad credentials
+            flash("Invalid login credentials.")
+            return redirect(url_for2("auth.login"))
+
+    return "Please provide a username and password"
+
+
+@auth_blueprint.route("/logout", methods=["GET"])
+def logout():
+    ldap_logout() # Ignore this if using token-based authentication
+    return redirect(url_for2("home.index"))

blueprints/home.py

 from flask import Blueprint, render_template
+from imperial_ldap.auth import login_required
 
 home_blueprint = Blueprint('home', __name__, url_prefix='/')
 
 @home_blueprint.route('')
-def home():
+def index():
     return render_template('index.html')
 
 
-@home_blueprint.route('/hello/<name>')
-def hello(name: str):
-    return "Hello, " + name
+@home_blueprint.route('/dashboard')
+@login_required
+def dashboard(user):
+    return render_template('dashboard.html', user=user)
+

config/config.py

@@ -3,8 +3,9 @@ from utils.debug_utils import DebugUtils
 
 # This should match exactly the name of the app you specified
 APP_NAME = "MY_APP_NAME_HERE"
-# default mode is "dev" if environment variable doesn't have an assigned value
-DEFAULT_MODE = "dev"
+
+# default mode is "prod" if environment variable doesn't have an assigned value
+DEFAULT_MODE = "prod"
 ENV = os.environ.get('ENV', DEFAULT_MODE).lower()
 DEBUG_MODE = ENV != 'prod'
 URL_PREFIX = f"/{APP_NAME}" if not DEBUG_MODE else ""
@@ -99,6 +100,10 @@ def get_app_config():
 
 
 class Config(object):
+    APP_NAME = APP_NAME
+    URL_PREFIX = URL_PREFIX
+    SECRET_KEY = "my secret key"
+    SESSION_COOKIE_SECURE = True
     DEBUG = False
     TESTING = False
     SQLALCHEMY_TRACK_MODIFICATIONS = False
@@ -107,10 +112,10 @@ class Config(object):
 
 # Flask App settings for production environment
 class ProductionConfig(Config):
+    SECRET_KEY = "my secret key"    # need to set this to something secure
     PREFERRED_URL_SCHEME = 'https'
     DEBUG = False
     APPLICATION_ROOT = f"/{APP_NAME}"
-    # Source: https://flask-sqlalchemy.palletsprojects.com/en/2.x/binds/
     SQLALCHEMY_BINDS = PROD_BINDINGS
 
 

requirements.txt

@@ -9,3 +9,8 @@ Flask-SQLAlchemy
 SQLAlchemy
 psycopg2-binary
 Flask-Migrate
+Flask-Compress
+Flask-CORS
+python_ldap
+pyjwt
+https://gitlab.doc.ic.ac.uk/paas-packages/imperial_ldap/-/raw/master/dist/imperial-ldap-0.0.1.tar.gz

static/css/login.css

+html,
+body {
+  height: 100%;
+}
+
+body {
+  display: -ms-flexbox;
+  display: -webkit-box;
+  display: flex;
+  -ms-flex-align: center;
+  -ms-flex-pack: center;
+  -webkit-box-align: center;
+  align-items: center;
+  -webkit-box-pack: center;
+  justify-content: center;
+  padding-top: 40px;
+  padding-bottom: 40px;
+  background-color: #f5f5f5;
+}
+
+.form-signin {
+  width: 100%;
+  max-width: 330px;
+  padding: 15px;
+  margin: 0 auto;
+}
+.form-signin .checkbox {
+  font-weight: 400;
+}
+.form-signin .form-control {
+  position: relative;
+  box-sizing: border-box;
+  height: auto;
+  padding: 10px;
+  font-size: 16px;
+}
+.form-signin .form-control:focus {
+  z-index: 2;
+}
+.form-signin input[type="email"] {
+  margin-bottom: -1px;
+  border-bottom-right-radius: 0;
+  border-bottom-left-radius: 0;
+}
+.form-signin input[type="password"] {
+  margin-bottom: 10px;
+  border-top-left-radius: 0;
+  border-top-right-radius: 0;
+}

templates/base.html

+<!doctype html>
+<html>
+  <head>
+    {% block head %}
+    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" crossorigin="anonymous">
+    <title>{% block title %}{% endblock %}</title>
+    {% endblock %}
+  </head>
+  <body>
+    <div id="content">
+
+        <!-- Flashed alerts go here --> 
+        {% with messages = get_flashed_messages() %}
+        {% if messages %}
+          <ul class=flashes>
+          {% for message in messages %}
+            <div class="alert alert-danger alert-dismissible fade show" role="alert">
+              <strong>{{ message }}</strong> Please try again with your Imperial username and password.
+              <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+                <span aria-hidden="true">&times;</span>
+              </button>
+            </div>
+          {% endfor %}
+          </ul>
+        {% endif %}
+      {% endwith %}
+
+      <!-- Body of the web page goes here -->
+      {% block content %}{% endblock %}
+    </div>
+    <script src="https://code.jquery.com/jquery-3.4.1.slim.min.js" crossorigin="anonymous"></script>
+    <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js" crossorigin="anonymous"></script>
+    <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js" crossorigin="anonymous"></script>
+  </body>
+</html>
\ No newline at end of file

templates/dashboard.html

+{% extends "base.html" %}
+
+{% block title %}Dashboard{% endblock %}
+
+{% block content %}
+
+    <nav class="navbar navbar-expand-lg navbar-light bg-light">
+        <a class="navbar-brand" href="{{ url('home.index') }}">My Web App</a>
+        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
+          <span class="navbar-toggler-icon"></span>
+        </button>
+        <div class="collapse navbar-collapse" id="navbarNavAltMarkup">
+          <div class="navbar-nav">
+            <a class="nav-item nav-link" href="{{ url('home.index') }}">Home <span class="sr-only">(current)</span></a>
+            <a class="nav-item nav-link active" href="{{ url('home.dashboard') }}">Dashboard</a>
+            <a class="nav-item nav-link" href="{{ url('auth.logout') }}">Logout</a>
+          </div>
+        </div>
+    </nav>
+
+    <h1>My Dashboard</h1>
+
+    <h3>Welcome back, {{ user.name }} {{ user.surname }}!</h3>
+
+
+    <h6>Example CRUD form - Create a record in the database:</h6>
+    <form method="post" action="{{ url('home.entities') }}">
+        Name:<br>
+        <input type="text" name="name">
+        <br>
+        Age:<br>
+        <input type="number" name="age">
+        <br>
+        <button type="submit">Create Entry</button>
+    </form>
+    <br>
+    <a href="{{ url('home.entities') }}">View records</a>
+
+
+{% endblock %}
\ No newline at end of file

templates/index.html

-<!DOCTYPE html>
-<html lang="en">
-    <head>
-        <title>Flask Template</title>
-        <meta charset="UTF-8">
-        <meta name="viewport" content="width=device-width, initial-scale=1">
-        
-    </head>
-    <body>
-        <h1 id="title">Imperial PaaS - Python Flask Template</h1>
-        <nav>
-            <ul>
-                <li><a href="{{ url('home.home') }}">HOME</a></li>
-            </ul>
-        </nav>
-
-        <img src="{{ url('static', filename='img/python-logo.png') }}" width="100px" alt="python logo"/>
-
-        <h2>What is Flask Template</h2>
-        <p>
-            Flask Template is a simple web app programmed in Python-3 using flask micro-framework. It is created for begginers to understand the basics of creating a flask web app and deploying it on the Heroku. It can also be used as a template to create your new flask web apps.
-        </p><br>
-
-        <h3>Example CRUD form - Create a record in the database:</h3>
-        <form method="post" action="{{ url('persons.create_person') }}">
-            Firstname:<br>
-            <input type="text" name="firstname">
-            <br>
-            Surname:<br>
-            <input type="text" name="surname">
-            <br>
-            Age:<br>
-            <input type="number" name="age">
-            <br>
-            <button type="submit">Create Entry</button>
-        </form>
-        <br>
-        <a href="{{ url('persons.display_all_persons') }}">View records</a>
-    </body>
-</html>
\ No newline at end of file
+{% extends "base.html" %}
+
+{% block title %}Home{% endblock %}
+
+{% block content %}
+
+    <nav class="navbar navbar-expand-lg navbar-light bg-light">
+        <a class="navbar-brand" href="{{ url('home.index') }}">My Web App</a>
+        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarNavAltMarkup" aria-controls="navbarNavAltMarkup" aria-expanded="false" aria-label="Toggle navigation">
+          <span class="navbar-toggler-icon"></span>
+        </button>
+        <div class="collapse navbar-collapse" id="navbarNavAltMarkup">
+          <div class="navbar-nav">
+            <a class="nav-item nav-link active" href="{{ url('home.index') }}">Home <span class="sr-only">(current)</span></a>
+            <a class="nav-item nav-link" href="{{ url('home.dashboard') }}">Dashboard</a>
+          </div>
+        </div>
+    </nav>
+
+    <h1>Imperial PaaS - Python Flask Template</h1>
+
+    <img src="{{ url('static', filename='img/python-logo.png') }}" width="100px" alt="python logo"/>
+
+    <p>Python Flask template with Login</p><br>
+
+    <a href="{{ url('auth.login') }}">LOGIN HERE</a>
+
+
+{% endblock %}
\ No newline at end of file

templates/login.html

-<!DOCTYPE html>
-<html lang="en">
-    <head>
-        <title>Flask Template</title>
-        <meta charset="UTF-8">
-        <meta name="viewport" content="width=device-width, initial-scale=1">
-        
-    </head>
-    <body>
-        <h1 id="title">Imperial PaaS - Python Flask Template</h1>
-        <nav>
-            <ul>
-                <li><a href="{{ url('home.home') }}">HOME</a></li>
-            </ul>
-        </nav>
-
-        <form method="post">
-            LDAP Username:<br>
-            <input type="text" name="username">
-            <br>
-            Password:<br>
-            <input type="password" name="password">
-            <br>
-            <button type="submit">Login</button>
+{% extends "base.html" %}
+
+{% block title %}Login{% endblock %}
+
+{% block head %}
+    {{ super() }}
+
+    <link rel="stylesheet" href="{{ url('static', filename='css/login.css') }}">
+    
+{% endblock %}
+
+
+{% block content %}
+
+    <div class="text-center">
+        <form class="form-signin" method="post">
+            <img class="mb-4" src="{{ url('static', filename='img/imperial-logo.png') }}" alt="" width="72" height="72">
+            <h1 class="h3 mb-3 font-weight-normal">Imperial LDAP Login</h1>
+
+            <label for="inputUsername" class="sr-only">LDAP Username</label>
+            <input type="text" name="username" id="inputUsername" class="form-control" placeholder="Username" required="" autofocus="">
+
+            <label for="inputPassword" class="sr-only">Password</label>
+            <input type="password" name="password" id="inputPassword" class="form-control" placeholder="Password" required="">
+
+            <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
         </form>
-    </body>
-</html>
\ No newline at end of file
+    </div>
+
+{% endblock %}
\ No newline at end of file