laserweb/auth.py

import requests
import functools
from flask import session, flash, redirect, request

def try_login(username, password):
    resp = requests.post('https://auth.hackerspace.pl/', data={
        'login': username,
        'password': password
        })

    if resp.status_code == 200:
        session['login'] = username
        return True

    return False

def is_authenticated():
    return session.get('login') is not None

def login_required(fn):
    @functools.wraps(fn)
    def wrapped(*args, **kwargs):
        username = request.form.get('username')
        password = request.form.get('password')
        if username is not None and password is not None and \
                not try_login(username, password):
            flash('Invalid username or password', 'warning')
            return redirect('/')

        if not is_authenticated():
            flash('You are not authorized to see this page', 'warning')
            return redirect('/')

        return fn(*args, **kwargs)

    return wrapped