Switch back to using form-based login/logout

I've decided I want this application to be a progressive enhancement
application. That means that I'm not going to keep dealing with the
insanity that is Javascript bundling and transpiling and building the
entire UI in JS. I want to believe I can treat the web the way that it's
been designed for decades - as a document platform with enhancement
capabilities rather than as an emerging VM

templates/index.html

@@ -1,19 +1,7 @@
-<html>
+{% extends 'layout.html' %}
-<body>
+{% block body %}
-	<div id="container"/>
+<h1>Hello {{ current_user.name }} from Vanth</h1>
-{% if current_user and current_user.is_authenticated %}
+<form action="/logout/" method="POST">
-	<h1>Hello {{ current_user.name }} from Vanth</h1>
-	<form action="/logout/" method="POST">
 	<input type="submit">Log out</input>
-	</form>
+</form>
-{% else %}
+{% endblock %}
-	<h1>Please log in</h1>
-	<form action="/login/" method="POST">
-		<label>username</label><input type="text" name="username"></input>
-		<label>password</label><input type="password" name="password"></input>
-		<input type="submit">Log in</input>
-	</form>
-{% endif %}
-	<script src="build/bundle.js"></script>
-</body>
-</html>

templates/layout.html

@@ -0,0 +1,9 @@
+<html>
+<body>
+<div id="container">
+	{% block body %}
+	default stuff
+	{% endblock %}
+</div>
+</body>
+</html>

templates/login.html

@@ -0,0 +1,9 @@
+{% extends 'layout.html' %}
+{% block body %}
+<h1>Please log in</h1>
+<form action="/login/" method="POST">
+	<label>username</label><input type="text" name="username"></input>
+	<label>password</label><input type="password" name="password"></input>
+	<input type="submit">Log in</input>
+</form>
+{% endblock %}

vanth/server.py

@@ -1,3 +1,4 @@
+import logging
 import uuid
 
 import flask
@@ -13,6 +14,8 @@ import vanth.api.user
 import vanth.auth
 import vanth.user
 
+LOGGER = logging.getLogger(__name__)
+
 EXPOSE_HEADERS = [
     'Location',
 ]
@@ -21,11 +24,12 @@ def index():
     return flask.render_template('index.html')
 
 def load_user(user_id):
+    LOGGER.debug("Loading user %s", user_id)
     return vanth.user.load(user_id)
 
 def login():
     if flask.request.method == 'GET':
-        return flask.render_template('index.html')
+        return flask.render_template('login.html')
     elif flask.request.method == 'POST':
         user = vanth.user.load(uuid.uuid4())
         flask_login.login_user(user)
@@ -34,8 +38,16 @@ def login():
     return flask.redirect('/')
 
 def logout():
+    LOGGER.info("Logging out user %s", flask.session['user_id'])
     flask_login.logout_user()
-    return flask.redirect('/')
+    return flask.redirect('/login/')
+
+def require_login():
+    LOGGER.debug("Current user %s for %s", flask.session, flask.request.path)
+    if flask.request.path == '/login/':
+        return
+    if not flask.session.get('user_id'):
+        return flask.redirect('/login/')
 
 def create_app(config):
     app = flask.Flask('vanth', template_folder='../templates')
@@ -58,12 +70,14 @@ def create_app(config):
         supports_credentials=True,
         expose_headers=EXPOSE_HEADERS,
     )
-    vanth.auth.register_auth_handlers(app)
+    #vanth.auth.register_auth_handlers(app)
 
     app.route('/',          methods=['GET'])(index)
     app.route('/login/',    methods=['GET', 'POST', 'DELETE'])(login)
     app.route('/logout/',   methods=['POST'])(logout)
 
+    app.before_request(require_login)
+
     sepiida.endpoints.add_resource(app, vanth.api.about.About,          endpoint='about')
     sepiida.endpoints.add_resource(app, vanth.api.ofxsource.OFXSource,  endpoint='ofxsource')
     sepiida.endpoints.add_resource(app, vanth.api.session.Session,      endpoint='session')