ateijelo/smallnet
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Login required decorator

Browse source
This commit is contained in:
Andy Teijelo Pérez 2015-11-06 14:26:30 -05:00
parent 5fe6c56601
commit 65ed96cc29
2 changed files with 51 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

80
main.py
View file

@ -15,7 +15,6 @@ import sys
import re import re
import os import os
#app = Flask("ISABEL-2 Verifier") # That app name breaks Ubuntu 14.04 :-o #app = Flask("ISABEL-2 Verifier") # That app name breaks Ubuntu 14.04 :-o
app = Flask("main") app = Flask("main")
app.secret_key = "6ab77f3c45447429c2ae163c260a626029519a66450e474c" app.secret_key = "6ab77f3c45447429c2ae163c260a626029519a66450e474c"
@ -74,6 +73,41 @@ def create_user(username, password, creator):
f.close() f.close()
reload_freeradius() reload_freeradius()
def login_required(f):
print(f)
def g(*args, **kwargs):
if not session.get('logged_in', False):
return redirect(url_for('login', redirect_to=request.url))
return f(*args, **kwargs)
g.__name__ = f.__name__
return g
@app.route("/login",methods=['GET','POST'])
def login():
if session.get('logged_in',False):
return redirect(url_for(request.args.get('redirect_to','admin')))
if request.method == 'GET':
return render_template("login.html")
if request.method == 'POST':
username = request.form.get("username",None)
password = request.form.get("password",None)
if username is None or password is None:
return render_template("login.html",error=True,errormsg="invalid username or password")
if username == 'guest':
return render_template("login.html",error=True,errormsg="guest user has no admin privileges")
try:
check_login(username, password)
except Exception as e:
return render_template("login.html",error=True,errormsg=str(e))
session['logged_in'] = True
session['username'] = username
print("Redirecting to", request.args.get('redirect_to'))
return redirect(request.args.get('redirect_to','admin'))
@app.route("/") @app.route("/")
def index(): def index():
f = open(users_file) f = open(users_file)
@ -104,35 +138,9 @@ def check_login(username, password):
return True return True
raise ValueError("Invalid username or password") raise ValueError("Invalid username or password")
@app.route("/login",methods=['GET','POST'])
def login():
if session.get('logged_in',False):
return redirect(url_for('admin'))
if request.method == 'GET':
return render_template("login.html")
if request.method == 'POST':
username = request.form.get("username",None)
password = request.form.get("password",None)
if username is None or password is None:
return render_template("login.html",error=True,errormsg="invalid username or password")
if username == 'guest':
return render_template("login.html",error=True,errormsg="guest user has no admin privileges")
try:
check_login(username, password)
except Exception as e:
return render_template("login.html",error=True,errormsg=str(e))
session['logged_in'] = True
session['username'] = username
return redirect(url_for('admin'))
@app.route("/admin",methods=['GET','POST']) @app.route("/admin",methods=['GET','POST'])
@login_required
def admin(): def admin():
if not session.get('logged_in', False):
return redirect(url_for('login'))
if request.method == 'POST': if request.method == 'POST':
deluser = request.form.get('deluser',None) deluser = request.form.get('deluser',None)
if deluser is not None: if deluser is not None:
@ -171,9 +179,8 @@ def render_users_tree(tree):
return lines return lines
@app.route("/users") @app.route("/users")
@login_required
def list_users(): def list_users():
if not session.get('logged_in', False):
return redirect(url_for('login'))
users = load_users() users = load_users()
users_set = set(x[0] for x in users) users_set = set(x[0] for x in users)
tree = { "": [] } tree = { "": [] }
@ -280,12 +287,25 @@ def load_ips():
return ipmap return ipmap
@app.route("/ips") @app.route("/ips")
@login_required
def ips(): def ips():
ipmap = load_ips() ipmap = load_ips()
return render_template("ips.html", ipmap=ipmap) return render_template("ips.html", ipmap=ipmap)
@app.route("/ip/<int:last_byte>", methods=['GET', 'POST']) @app.route("/ip/<int:last_byte>", methods=['GET', 'POST'])
@login_required
def ip(last_byte): def ip(last_byte):
if request.method == 'POST':
# ImmutableMultiDict([('reserved-by', 'Andy'),
# ('dhcp-client', 'mac'),
# ('reserved', 'on'),
# ('dhcp', 'on'),
# ('dhcp-client-mac', '00:23:54:8c:65:13'),
# ('dhcp-client-mac', '10.6.122.2')])
# ImmutableMultiDict([('dhcp-client', 'any'), ('dhcp', 'on')])
# ImmutableMultiDict([('reserved', 'on'), ('reserved-by', 'Andy')])
print(request.form)
return redirect(url_for('ips'))
ipmap = load_ips() ipmap = load_ips()
addr = "{}.{}".format(ipmap["prefix"], last_byte) addr = "{}.{}".format(ipmap["prefix"], last_byte)
return render_template( return render_template(

4
templates/ip.html
View file

@ -11,8 +11,6 @@
<h3>Asignación de {{ addr }}</h3> <h3>Asignación de {{ addr }}</h3>
</div> </div>
{{ meta }}
{% if meta.locked %} {% if meta.locked %}
<div class="alert alert-warning"><i class="fa fa-lock"></i> Esta dirección está reservada por <i>Ilúvatar</i></div> <div class="alert alert-warning"><i class="fa fa-lock"></i> Esta dirección está reservada por <i>Ilúvatar</i></div>
{% endif %} {% endif %}
@ -74,7 +72,7 @@
Gateway alternativo: Gateway alternativo:
</label> </label>
<div class="col-sm-5"> <div class="col-sm-5">
<input type="text" class="form-control" name="dhcp-client-mac" <input type="text" class="form-control" name="dhcp-gw"
value="{{ meta.gw if meta.gw }}"/> value="{{ meta.gw if meta.gw }}"/>
</div> </div>
</div> </div>