V1.0.0.2 - Refactor: Moved user Management out of App.py and into users.py

2026-01-23 01:06:30 -06:00
parent c747375f79
commit 518c9478dc
6 changed files with 237 additions and 275 deletions
--- a/utils.py
+++ b/utils.py
@@ -0,0 +1,31 @@
+from functools import wraps
+from flask import session, flash, redirect, url_for
+from db import query_db
+
+def login_required(f):
+    """Require login for route"""
+    @wraps(f)
+    def decorated_function(*args, **kwargs):
+        if 'user_id' not in session:
+            flash('Please log in to access this page', 'warning')
+            return redirect(url_for('login'))
+        return f(*args, **kwargs)
+    return decorated_function
+
+def role_required(*roles):
+    """Require specific role(s) for route"""
+    def decorator(f):
+        @wraps(f)
+        def decorated_function(*args, **kwargs):
+            if 'user_id' not in session:
+                flash('Please log in to access this page', 'warning')
+                return redirect(url_for('login'))
+            
+            user = query_db('SELECT role FROM Users WHERE user_id = ?', [session['user_id']], one=True)
+            if not user or user['role'] not in roles:
+                flash('You do not have permission to access this page', 'danger')
+                return redirect(url_for('dashboard'))
+            
+            return f(*args, **kwargs)
+        return decorated_function
+    return decorator