-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.py
More file actions
109 lines (89 loc) · 3.73 KB
/
app.py
File metadata and controls
109 lines (89 loc) · 3.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
from flask import Flask, render_template, request, jsonify, session, flash, redirect, url_for, make_response, g
from flask_bcrypt import Bcrypt
from common.mongo_connection import MongoConnection
from config import MONGO_CONNECTION_STRING, MONGO_AUTH_DATABASE, MONGO_DATABASE_NAME
from common.login_manager import authenticate_user
from common.session_manager import SessionManager
from controllers.user_controller import user_bp
from controllers.dailySales_controller import sales_bp
from controllers.products_controller import product_bp
from controllers.supplier_controller import supplier_bp
from controllers.notifications_controller import notifications_bp
from controllers.addstock_controller import addstock_bp
app = Flask(__name__)
bcrypt = Bcrypt(app)
app.secret_key = 'demo_session_kapita'
mongo = MongoConnection(
connection_string=MONGO_CONNECTION_STRING,
db_name=MONGO_DATABASE_NAME
)
auth_mongo = MongoConnection(
connection_string=MONGO_CONNECTION_STRING,
db_name=MONGO_AUTH_DATABASE
)
session_manager = SessionManager()
app.register_blueprint(user_bp, url_prefix='/users_management')
app.register_blueprint(product_bp, url_prefix='/products')
app.register_blueprint(supplier_bp, url_prefix='/suppliers')
app.register_blueprint(sales_bp, url_prefix='/daily_sales')
app.register_blueprint(notifications_bp, url_prefix='/notifications')
app.register_blueprint(addstock_bp, url_prefix='/add_stock')
@app.before_request
def check_login_before_request():
"""
Fungsi ini akan berjalan OTOMATIS sebelum setiap request ke halaman manapun.
"""
allowed_routes = ['login', 'static']
if request.endpoint and any(route in request.endpoint for route in allowed_routes):
return None
token = request.cookies.get('token')
if not token:
return redirect(url_for('login'))
session_data = session_manager.verify_token(token)
if not session_data:
flash('Sesi Anda telah berakhir atau tidak valid. Silakan login kembali.', 'error')
response = make_response(redirect(url_for('login')))
response.set_cookie('token', '', expires=0)
return response
session['user_id'] = session_data.get('username')
session['role'] = session_data.get('role')
return None
@app.route('/')
def index():
if session.get('role').lower() == 'admin':
return redirect(url_for('user_bp.get_users'))
elif session.get('role').lower() == 'operator':
return redirect(url_for('sales_bp.daily_sales'))
else:
flash('Role tidak dikenali.', 'error')
return redirect(url_for('login'))
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = authenticate_user(username, password)
if user:
role = user['role'].lower()
token = session_manager.generate_token(user['username'], role)
session['user_id'] = user['username']
session['role'] = role
target_url = url_for('index') if role == 'admin' else url_for('sales_bp.daily_sales')
response = make_response(redirect(target_url))
response.set_cookie('token', token)
return response
else:
flash('Username atau password salah.', 'error')
return render_template('login.html')
@app.route('/logout')
def logout():
token = request.cookies.get('token')
if token:
session_manager.remove_token(token)
session.clear()
response = make_response(redirect(url_for('login')))
response.set_cookie('token', '', expires=0)
flash('Anda telah berhasil logout.', 'success')
return response
if __name__ == '__main__':
app.run(debug=True)