1 files changed, 38 insertions, 26 deletions

diff --git a/budget/web.py b/budget/web.py
index 46226df..2147359 100644
--- a/budget/web.py
+++ b/budget/web.py
@@ -8,34 +8,40 @@ from utils import get_billform_for, requires_auth
 # create the application, initialize stuff
 app = Flask(__name__)
 
-@app.route("/<string:project_id>/authenticate", methods=["GET", "POST"])
-def authenticate(project_id, redirect_url=None):
-    redirect_url = redirect_url or url_for("list_bills", project_id=project_id)
-    project = Project.query.get(project_id)
-    if not project:
-        return redirect(url_for("create_project", project_id=project_id))
-
-    # if credentials are already in session, redirect
-    if project_id in session and project.password == session[project_id]:
-        return redirect(redirect_url)
-
-    # else create the form and process it
-    form = AuthenticationForm()
-    if request.method == "POST":
-        if form.validate():
-            if not form.password.data == project.password:
-                form.errors['password'] = ["The password is not the right one"]
-            else:
-                session[project_id] = form.password.data
-                session.update()
-                return redirect(redirect_url)
-
-    return render_template("authenticate.html", form=form, project=project)
-
 @app.route("/")
 def home():
-    # FIXME create a real homepage
-    return "this is the homepage"
+    project_form = ProjectForm()
+    auth_form = AuthenticationForm()
+    return render_template("home.html", project_form=project_form, auth_form=auth_form)
+
+@app.route("/authenticate", methods=["GET", "POST"])
+def authenticate(redirect_url=None):
+    form = AuthenticationForm()
+    
+    if form.id.validate():
+    
+        project_id = form.id.data
+    
+        redirect_url = redirect_url or url_for("list_bills", project_id=project_id)
+        project = Project.query.get(project_id)
+        if not project:
+            return redirect(url_for("create_project", project_id=project_id))
+
+        # if credentials are already in session, redirect
+        if project_id in session and project.password == session[project_id]:
+            return redirect(redirect_url)
+
+        # else process the form
+        if request.method == "POST":
+            if form.validate():
+                if not form.password.data == project.password:
+                    form.errors['password'] = ["The password is not the right one"]
+                else:
+                    session[project_id] = form.password.data
+                    session.update()
+                    return redirect(redirect_url)
+
+    return render_template("authenticate.html", form=form)
 
 @app.route("/create", methods=["GET", "POST"])
 def create_project():
@@ -59,6 +65,12 @@ def create_project():
 
     return render_template("create_project.html", form=form)
 
+@app.route("/quit")
+def quit():
+    # delete the session
+    session = None
+    return redirect( url_for("home") )
+
 @app.route("/<string:project_id>/invite")
 @requires_auth
 def invite(project):