Add 400 error page and remember login checkbox

server.py

@@ -19,8 +19,8 @@ class User(db.Model):
     __tablename__ = "website_users"
 
     uid = db.Column(db.Integer, primary_key=True)
-    username = db.Column(db.String, unique=True)
+    username = db.Column(db.String, unique=True, nullable=False)
-    passwd = db.Column(db.LargeBinary)
+    passwd = db.Column(db.LargeBinary, nullable=False)
 
     def __init__(self, username, passwd):
         self.username = username
@@ -73,7 +73,7 @@ class Impiegato(db.Model):
     iid = db.Column(db.Integer, primary_key=True)
     sid = db.Column(db.Integer, db.ForeignKey('servizi.sid'))
     nomeimpiegato = db.Column(db.String)
-    username = db.Column(db.String, unique=True)
+    username = db.Column(db.String)
     passwd = db.Column(db.String)
     dispositivi = db.relationship("Accesso", backref='impiegato', lazy='dynamic', cascade="delete")
 
@@ -218,6 +218,7 @@ def page_login():
     else:
         if login(request.form['username'], request.form['password']):
             session['username'] = request.form['username']
+            session.permanent = request.form['remember']
             return redirect(url_for('page_dashboard'))
         else:
             return render_template('error.htm', error="Username o password non validi.")
@@ -771,6 +772,11 @@ def page_pheesh():
     return render_template("pheesh.htm", user=session.get("username"), pheesh=pesci, footer=False)
 
 
+@app.errorhandler(400)
+def page_400(_):
+    return render_template('400.htm', user=session.get("username"))
+
+
 @app.errorhandler(403)
 def page_403(_):
     return render_template('403.htm', user=session.get("username"))

templates/400.htm

@@ -0,0 +1,20 @@
+{% extends 'base.htm' %}
+{% block title %}Non autorizzato • estus{% endblock %}
+{% block extrahead %}
+    <script>
+        window.onload = function() {
+            setTimeout(function() {
+                window.history.back();
+            }, 4000)
+        }
+    </script>
+{% endblock %}
+{% block content %}
+    <div class="alert alert-danger" role="alert">
+        <b>400 Bad Request:</b> Hai mandato al server una richiesta senza tutti i campi richiesti.<br>
+        Il problema non è un campo rimasto vuoto, ma un campo che per qualche motivo è completamente assente.
+    </div>
+    <div>
+        Sarai reindirizzato alla pagina precedente entro 4 secondi (se hai abilitato il javascript).
+    </div>
+{% endblock %}

templates/login.htm

@@ -7,6 +7,11 @@
     <form class="form-inline" action="/login" method="post">
         <input class="form-control" type="text" placeholder="Username" name="username">
         <input class="form-control" type="password" placeholder="Password" name="password">
-        <input class="btn btn-primary" type="submit">
+        <div class="checkbox">
+            <label>
+                <input type="checkbox" name="remember"> Rimani connesso per 1 mese (o finchè non cancelli i cookie!)
+            </label>
+        </div>
+        <input class="btn btn-primary" type="submit" value="Login">
     </form>
 {% endblock %}