Check project id before authentication

2024-09-03 19:26:15 +02:00 · 2011-07-26 16:03:00 +02:00 · 2011-07-26 16:03:00 +02:00 · c7f9df9859
commit c7f9df9859
parent a3b49a231f
3 changed files with 6 additions and 4 deletions
--- a/budget/forms.py
+++ b/budget/forms.py
@ -2,7 +2,7 @@ from flaskext.wtf import *
 from models import Project, Person

 # define forms
-class CreationForm(Form):
+class ProjectForm(Form):
    name = TextField("Project name", validators=[Required()])
    id = TextField("Project identifier", validators=[Required()])
    password = PasswordField("Password", validators=[Required()])
--- a/budget/templates/layout.
+++ b/budget/templates/layout.
--- a/budget/web.py
+++ b/budget/web.py
@ -2,7 +2,7 @@ from flask import Flask, session, request, redirect, url_for, render_template

 # local modules
 from models import db, Project, Person, Bill
-from forms import CreationForm, AuthenticationForm, BillForm, MemberForm
+from forms import ProjectForm, AuthenticationForm, BillForm, MemberForm
 from utils import get_billform_for, requires_auth

 # create the application, initialize stuff
@ -10,8 +10,10 @@ app = Flask(__name__)

@app.route("/<string:project_id>/authenticate", methods=["GET", "POST"])
 def authenticate(project_id, redirect_url=None):
-    project = Project.query.get(project_id)
    redirect_url = redirect_url or url_for("list_bills", project_id=project_id)
+    project = Project.query.get(project_id)
+    if not project:
+        return redirect(url_for("create_project", project_id=project_id))

    # if credentials are already in session, redirect
    if project_id in session and project.password == session[project_id]:
@ -37,7 +39,7 @@ def home():

@app.route("/create", methods=["GET", "POST"])
 def create_project():
-    form = CreationForm()
+    form = ProjectForm()
    if request.method == "GET" and 'project_id' in request.values:
        form.name.data = request.values['project_id']