Login required decorator
This commit is contained in:
parent
5fe6c56601
commit
65ed96cc29
2 changed files with 51 additions and 33 deletions
80
main.py
80
main.py
|
|
@ -15,7 +15,6 @@ import sys
|
|||
import re
|
||||
import os
|
||||
|
||||
|
||||
#app = Flask("ISABEL-2 Verifier") # That app name breaks Ubuntu 14.04 :-o
|
||||
app = Flask("main")
|
||||
app.secret_key = "6ab77f3c45447429c2ae163c260a626029519a66450e474c"
|
||||
|
|
@ -74,6 +73,41 @@ def create_user(username, password, creator):
|
|||
f.close()
|
||||
reload_freeradius()
|
||||
|
||||
def login_required(f):
|
||||
print(f)
|
||||
def g(*args, **kwargs):
|
||||
if not session.get('logged_in', False):
|
||||
return redirect(url_for('login', redirect_to=request.url))
|
||||
return f(*args, **kwargs)
|
||||
g.__name__ = f.__name__
|
||||
return g
|
||||
|
||||
@app.route("/login",methods=['GET','POST'])
|
||||
def login():
|
||||
if session.get('logged_in',False):
|
||||
return redirect(url_for(request.args.get('redirect_to','admin')))
|
||||
if request.method == 'GET':
|
||||
return render_template("login.html")
|
||||
if request.method == 'POST':
|
||||
username = request.form.get("username",None)
|
||||
password = request.form.get("password",None)
|
||||
|
||||
if username is None or password is None:
|
||||
return render_template("login.html",error=True,errormsg="invalid username or password")
|
||||
|
||||
if username == 'guest':
|
||||
return render_template("login.html",error=True,errormsg="guest user has no admin privileges")
|
||||
|
||||
try:
|
||||
check_login(username, password)
|
||||
except Exception as e:
|
||||
return render_template("login.html",error=True,errormsg=str(e))
|
||||
|
||||
session['logged_in'] = True
|
||||
session['username'] = username
|
||||
print("Redirecting to", request.args.get('redirect_to'))
|
||||
return redirect(request.args.get('redirect_to','admin'))
|
||||
|
||||
@app.route("/")
|
||||
def index():
|
||||
f = open(users_file)
|
||||
|
|
@ -104,35 +138,9 @@ def check_login(username, password):
|
|||
return True
|
||||
raise ValueError("Invalid username or password")
|
||||
|
||||
@app.route("/login",methods=['GET','POST'])
|
||||
def login():
|
||||
if session.get('logged_in',False):
|
||||
return redirect(url_for('admin'))
|
||||
if request.method == 'GET':
|
||||
return render_template("login.html")
|
||||
if request.method == 'POST':
|
||||
username = request.form.get("username",None)
|
||||
password = request.form.get("password",None)
|
||||
|
||||
if username is None or password is None:
|
||||
return render_template("login.html",error=True,errormsg="invalid username or password")
|
||||
|
||||
if username == 'guest':
|
||||
return render_template("login.html",error=True,errormsg="guest user has no admin privileges")
|
||||
|
||||
try:
|
||||
check_login(username, password)
|
||||
except Exception as e:
|
||||
return render_template("login.html",error=True,errormsg=str(e))
|
||||
|
||||
session['logged_in'] = True
|
||||
session['username'] = username
|
||||
return redirect(url_for('admin'))
|
||||
|
||||
@app.route("/admin",methods=['GET','POST'])
|
||||
@login_required
|
||||
def admin():
|
||||
if not session.get('logged_in', False):
|
||||
return redirect(url_for('login'))
|
||||
if request.method == 'POST':
|
||||
deluser = request.form.get('deluser',None)
|
||||
if deluser is not None:
|
||||
|
|
@ -171,9 +179,8 @@ def render_users_tree(tree):
|
|||
return lines
|
||||
|
||||
@app.route("/users")
|
||||
@login_required
|
||||
def list_users():
|
||||
if not session.get('logged_in', False):
|
||||
return redirect(url_for('login'))
|
||||
users = load_users()
|
||||
users_set = set(x[0] for x in users)
|
||||
tree = { "": [] }
|
||||
|
|
@ -280,12 +287,25 @@ def load_ips():
|
|||
return ipmap
|
||||
|
||||
@app.route("/ips")
|
||||
@login_required
|
||||
def ips():
|
||||
ipmap = load_ips()
|
||||
return render_template("ips.html", ipmap=ipmap)
|
||||
|
||||
@app.route("/ip/<int:last_byte>", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def ip(last_byte):
|
||||
if request.method == 'POST':
|
||||
# ImmutableMultiDict([('reserved-by', 'Andy'),
|
||||
# ('dhcp-client', 'mac'),
|
||||
# ('reserved', 'on'),
|
||||
# ('dhcp', 'on'),
|
||||
# ('dhcp-client-mac', '00:23:54:8c:65:13'),
|
||||
# ('dhcp-client-mac', '10.6.122.2')])
|
||||
# ImmutableMultiDict([('dhcp-client', 'any'), ('dhcp', 'on')])
|
||||
# ImmutableMultiDict([('reserved', 'on'), ('reserved-by', 'Andy')])
|
||||
print(request.form)
|
||||
return redirect(url_for('ips'))
|
||||
ipmap = load_ips()
|
||||
addr = "{}.{}".format(ipmap["prefix"], last_byte)
|
||||
return render_template(
|
||||
|
|
|
|||
|
|
@ -11,8 +11,6 @@
|
|||
<h3>Asignación de {{ addr }}</h3>
|
||||
</div>
|
||||
|
||||
{{ meta }}
|
||||
|
||||
{% if meta.locked %}
|
||||
<div class="alert alert-warning"><i class="fa fa-lock"></i> Esta dirección está reservada por <i>Ilúvatar</i></div>
|
||||
{% endif %}
|
||||
|
|
@ -74,7 +72,7 @@
|
|||
Gateway alternativo:
|
||||
</label>
|
||||
<div class="col-sm-5">
|
||||
<input type="text" class="form-control" name="dhcp-client-mac"
|
||||
<input type="text" class="form-control" name="dhcp-gw"
|
||||
value="{{ meta.gw if meta.gw }}"/>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue