Handle login & registration from admin index view.

examples/auth/auth.py

@@ -112,39 +112,36 @@ class MyModelView(sqla.ModelView):
         return login.current_user.is_authenticated()
 
 
-# Create customized index view class
+# Create customized index view class that handles login & registration
 class MyAdminIndexView(admin.AdminIndexView):
 
     @expose('/')
-    # make current_user available in template
     def index(self):
-        self._template_args['user'] = login.current_user
+        if not login.current_user.is_authenticated():
+            return redirect(url_for('.login_view'))
+        # make current_user available in template
+        user = login.current_user
+        self._template_args['user'] = user
         return super(MyAdminIndexView, self).index()
 
-    # restrict access to logged-in users
-    def is_accessible(self):
-        return login.current_user.is_authenticated()
-
-
-# Flask views
-@app.route('/')
-def index():
-    return render_template('index.html', user=login.current_user)
-
-
-@app.route('/login/', methods=('GET', 'POST'))
-def login_view():
+    @expose('/login/', methods=('GET', 'POST'))
+    def login_view(self):
+        # handle user login
         form = LoginForm(request.form)
         if helpers.validate_form_on_submit(form):
             user = form.get_user()
             login.login_user(user)
-        return redirect(url_for('index'))
-
-    return render_template('form.html', form=form)
 
+        if login.current_user.is_authenticated():
+            return redirect(url_for('.index'))
+        link = '<p>Don\'t have an account? <a href="' + url_for('.register_view') + '">Click here to register.</a></p>'
+        self._template_args['user'] = None
+        self._template_args['form'] = form
+        self._template_args['link'] = link
+        return super(MyAdminIndexView, self).index()
 
-@app.route('/register/', methods=('GET', 'POST'))
-def register_view():
+    @expose('/register/', methods=('GET', 'POST'))
+    def register_view(self):
         form = RegistrationForm(request.form)
         if helpers.validate_form_on_submit(form):
             user = User()
@@ -155,15 +152,23 @@ def register_view():
             db.session.commit()
 
             login.login_user(user)
-        return redirect(url_for('index'))
+            return redirect(url_for('.index'))
+        link = '<p>Already have an account? <a href="' + url_for('.login_view') + '">Click here to log in.</a></p>'
+        self._template_args['user'] = None
+        self._template_args['form'] = form
+        self._template_args['link'] = link
+        return super(MyAdminIndexView, self).index()
 
-    return render_template('form.html', form=form)
+    @expose('/logout/')
+    def logout_view(self):
+        login.logout_user()
+        return redirect(url_for('.index'))
 
 
-@app.route('/logout/')
-def logout_view():
-    login.logout_user()
-    return redirect(url_for('index'))
+# Flask views
+@app.route('/')
+def index():
+    return render_template('index.html', user=login.current_user)
 
 
 # Initialize flask-login

examples/auth/templates/admin/index.html

@@ -2,6 +2,9 @@
 {% block body %}
 {{ super() }}
 <div class="row-fluid">
+
+    <div>
+        {% if user and user.is_authenticated() %}
         <h1>Flask-Admin example</h1>
         <p class="lead">
             Authentication
@@ -9,6 +12,28 @@
         <p>
             This example shows how you can use Flask-Login for authentication. It is only intended as a basic demonstration, so please don't freak out when you see passwords being stored as plain text.
         </p>
+        {% else %}
+        <form method="POST" action="">
+            {{ form.hidden_tag() if form.hidden_tag }}
+            {% for f in form if f.type != 'CSRFTokenField' %}
+            <div>
+            {{ f.label }}
+            {{ f }}
+            {% if f.errors %}
+            <ul>
+                {% for e in f.errors %}
+                <li>{{ e }}</li>
+                {% endfor %}
+            </ul>
+            {% endif %}
+            </div>
+            {% endfor %}
+            <button class="btn" type="submit">Submit</button>
+        </form>
+        {{ link | safe }}
+        {% endif %}
+    </div>
+
     <a class="btn btn-primary" href="/"><i class="icon-arrow-left icon-white"></i> Back</a>
 </div>
 {% endblock body %}
\ No newline at end of file

examples/auth/templates/form.html

-<html>
-    <body>
-        <form method="POST" action="">
-            {{ form.hidden_tag() if form.hidden_tag }}
-            {% for f in form if f.type != 'CSRFTokenField' %}
-            <div>
-            {{ f.label }}
-            {{ f }}
-            {% if f.errors %}
-            <ul>
-                {% for e in f.errors %}
-                <li>{{ e }}</li>
-                {% endfor %}
-            </ul>
-            {% endif %}
-            </div>
-            {% endfor %}
-            <input type="submit" />
-        </form>
-    </body>
-</html>

examples/auth/templates/index.html

 <html>
     <body>
-        <div>
-            {% if user and user.is_authenticated() %}
-                Hello {{ user.login }}! <a href="{{ url_for('logout_view') }}">Logout</a>
-            {% else %}
-                Welcome anonymous user!
-                <a href="{{ url_for('login_view') }}">Login</a>&nbsp;<a href="{{ url_for('register_view') }}">Register</a>
-            {% endif %}
-        </div>
         <div>
             <a href="{{ url_for('admin.index') }}">Go to admin!</a>
         </div>

examples/auth/templates/my_master.html

 {% extends 'admin/base.html' %}
 
 {% block access_control %}
+{% if user %}
 <div class="btn-group pull-right">
     <a class="btn dropdown-toggle" data-toggle="dropdown" href="#">
         <i class="icon-user"></i> {{ user.login }} <span class="caret"></span>
     </a>
     <ul class="dropdown-menu">
-        <li><a href="/logout/">Log out</a></li>
+        <li><a href="/admin/logout/">Log out</a></li>
     </ul>
 </div>
+{% endif %}
 {% endblock %}
\ No newline at end of file