Merge pull request #15 from beackers/required

beackers · web-flow · commit 087eb719fc4f · 2025-12-16T11:15:58.000-06:00
fixes #14
diff --git a/app.py b/app.py
@@ -277,7 +277,7 @@ def view_or_edit_user(id: int):
 @needs_csrf
 def login():
     if request.method == "GET":
-        return render_template("login.html", username=session.get("username") or "", csrf=session["csrf"], loggedinas=session.get("user"))
+        return render_template("login.html", csrf=session["csrf"], loggedinas=session.get("user"))
 
     elif request.method == "POST":
         u = request.form
@@ -303,7 +303,8 @@ def login():
             user = userfunc.User(u["username"].lower())
         except:
             log.info("someone tried to log in with a username that doesn't exist")
-            abort(400)
+            flash("That callsign doesn't exist.\nIf it should, contact an admin.")
+            return redirect('/login', code=301)
         if user.pwdhash and (check_password_hash(user.pwdhash, u["password"])):
             session["user"] = user.callsign
             return redirect("/", code=301)
@@ -312,7 +313,8 @@ def login():
             return redirect("/", code=301)
         else:
             log.info("someone attempted login with a wrong password")
-            abort(403)
+            flash("That password didn't match, can you try that again?")
+            return redirect('/login', code=301)
 
     elif request.method == "DELETE":
         session.clear()
diff --git a/myop.db b/myop.db
diff --git a/templates/add_user.html b/templates/add_user.html
@@ -13,7 +13,7 @@
 
 	<form action="/control/user/add" method="POST">
 		<label for="callsign">Callsign:</label>
-		<input type="text" id="callsign" name="callsign"><br>
+		<input type="text" id="callsign" name="callsign" required><br>
 		<label for="name">Name:</label>
 		<input type="text" id="name" name="name"><br>
 		<label for="permissions">Requested permissions:</label>
diff --git a/templates/control.html b/templates/control.html
@@ -19,14 +19,12 @@
             <tr style="background-color: gray;">
                 <td>Name</td>
                 <td>Callsign</td>
-                <td>Permissions</td>
                 <td>Edit Link</td>
             </tr>
 	    {% for u in users%}
                 <tr>
                     <td>{{ u.name }}</td>
                     <td>{{ u.callsign }}</td>
-                    <td>{{ u.permissions }}</td>
                     <td>
                         <form action="/control/user/{{ u.id }}" method="get">
                             <button type="submit">View</button>
diff --git a/templates/login.html b/templates/login.html
@@ -11,7 +11,7 @@
         <div id="navdiv"></div>
     </nav>
     {% with msgs = get_flashed_messages() %}
-    {% if messages %}
+    {% if msgs %}
     {% for msg in msgs %}
     <div class="flashes">
 	    <p>{{ msg }}</p>
@@ -22,7 +22,7 @@
     {% if not loggedinas %}
     <form action="/login" method="POST">
         <label for="username">Call sign:</label>
-        <input type="text" id="username" name="username" value="{{ username }}"><br>
+        <input type="text" id="username" name="username" required><br>
         <label for="password">Password:</label>
         <input type="password" id="password" name="password"><br>
         <input type="hidden" name="csrf" value="{{ csrf }}">
