fixes to authentication system

app/routes.py

@@ -43,6 +43,7 @@ def load_user(userid):
     user = User.get(userid)
     return user
 
+### THIS ENDPOINT CAN ONLY BE USED FOR CLI, ENDPOINT FOR FORM IS BELOW
 @csrf.exempt
 @app.route('/', methods=["GET", "POST"])
 def index():
@@ -63,6 +64,9 @@ def index():
             # If not then return a 0
             ip = 0
 
+        # Now check the userid and idpass against the db
+        if Config.users.find({"userid": request.form["userid"]}) and Config.users.find({"idpass": request.form["idpass"]}):
+
             # Init variables before they're passed
             userid = request.form.get("userid") if request.form.get("userid") else None
             filename = request.form.get("filename") if request.form.get("filename") else None
@@ -190,7 +194,7 @@ def delete(id):
             Config.files.delete_one({"id": id})
             return "URL deleted."
         
-        elif data["userid"] == request.form.get("userid") and bcrypt.check_password_hash(Config.user.find_one({"userid": data["userid"]})["idpass"], request.form.get("idpass")):
+        elif data["userid"] == request.form.get("userid") and bcrypt.check_password_hash(Config.users.find_one({"userid": data["userid"]})["idpass"], request.form.get("idpass")):
             Config.files.delete_one({"id": id})
             return "URL deleted."