Remove register URL | Closes #2

2026-03-01 19:30:52 +05:30 · 2026-03-01 19:30:52 +05:30 · 67953ac42e
commit 67953ac42e
parent ed71714a79
6 changed files with 10 additions and 4 deletions
--- a/flaskr/init.py
+++ b/flaskr/init.py
@ -8,6 +8,7 @@ def create_app(test_config=None):
    app.config.from_mapping(
        SECRET_KEY='dev',
        DATABASE=os.path.join(app.instance_path, 'flaskr.sqlite'),
+        ALLOW_REGISTER=False,
    )

    app.wsgi_app = ProxyFix(
--- a/flaskr/auth.py
+++ b/flaskr/auth.py
@ -1,7 +1,7 @@
 import functools

 from flask import (
-    Blueprint, flash, g, redirect, render_template, request, session, url_for
+    Blueprint, flash, g, redirect, render_template, request, session, url_for, current_app
 )
 from werkzeug.security import check_password_hash, generate_password_hash

@ -11,7 +11,8 @@ bp = Blueprint('auth', __name__, url_prefix='/auth')

@bp.route('/register', methods=('GET', 'POST'))
 def register():
-    # return "Admin only", 403
+    if not current_app.config["ALLOW_REGISTER"]:
+        return "Admin only", 403
    if request.method == 'POST':
        username = request.form['username']
        password = request.form['password']
--- a/flaskr/templates/base.html
+++ b/flaskr/templates/base.html
@ -9,7 +9,6 @@
      <li><span>{{ g.user['username'] }}</span>
      <li><a href="{{ url_for('auth.logout') }}">Log Out</a>
    {% else %}
-      <li><a href="{{ url_for('auth.register') }}">Register</a>
      <li><a href="{{ url_for('auth.login') }}">Log In</a>
    {% endif %}
  </ul>
--- a/tests/conftest.py
+++ b/tests/conftest.py
@ -15,6 +15,7 @@ def app():
    app = create_app({
        'TESTING': True,
        'DATABASE': db_path,
+        'ALLOW_REGISTER': True,
    })

    with app.app_context():
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@ -14,6 +14,10 @@ def test_register(client, app):
            "SELECT * FROM user WHERE USERNAME = 'a'",
        ).fetchone() is not None

+    app.config["ALLOW_REGISTER"] = False
+    response = client.get('/auth/register')
+    assert b"Admin only" in response.data
+
@pytest.mark.parametrize(('username', 'password', 'message'), (
    ('', '', b'Username is required.'),
    ('a', '', b'Password is required.'),
--- a/tests/test_blog.py
+++ b/tests/test_blog.py
@ -4,7 +4,7 @@ from flaskr.db import get_db
 def test_index(client, auth):
    response = client.get('/')
    assert b"Log In" in response.data
-    assert b"Register" in response.data
+    assert b"Register" not in response.data

    auth.login()
    response = client.get('/')