simon987/od-database
1
0
Fork 0
mirror of https://github.com/simon987/od-database.git synced 2025-10-25 19:56:51 +00:00
Code Issues Projects Releases Wiki Activity

Basic admin page

Browse Source
This commit is contained in:
Simon 2018-06-08 11:40:54 -04:00
parent 537228444b
commit dc0cde61a0
6 changed files with 110 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
app.py
View File

@ -1,4 +1,4 @@
from flask import Flask, render_template, redirect, request, flash, abort, Response, send_from_directory
from flask import Flask, render_template, redirect, request, flash, abort, Response, send_from_directory, session
import os
import json
import time
@ -192,6 +192,42 @@ def enqueue():
return redirect("/submit")
@app.route("/admin")
def admin_login_form():
if "username" in session:
return redirect("/dashboard")
return render_template("admin.html", recaptcha=recaptcha)
@app.route("/login", methods=["POST"])
def admin_login():
if recaptcha.verify():
username = request.form.get("username")
password = request.form.get("password")
if db.check_login(username, password):
session["username"] = username
flash("Logged in", "success")
return redirect("/dashboard")
flash("Invalid username/password combo", "danger")
return redirect("/admin")
else:
flash("Invalid captcha", "danger")
return redirect("/admin")
@app.route("/dashboard")
def admin_dashboard():
if "username" in session:
return render_template("dashboard.html")
else:
return abort(403)
if __name__ == '__main__':
if config.USE_SSL:
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)

27
database.py
View File

@ -2,6 +2,7 @@ import sqlite3
import datetime
import json
import os
import bcrypt
class InvalidQueryException(Exception):
@ -367,3 +368,29 @@ class Database:
cursor.execute("DELETE FROM Website WHERE id=?", (website_id, ))
conn.commit()
def check_login(self, username, password) -> bool:
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
cursor.execute("SELECT password FROM Admin WHERE username=?", (username, ))
db_user = cursor.fetchone()
if db_user:
return bcrypt.checkpw(password.encode(), db_user[0])
return False
def generate_login(self, username, password) -> None:
with sqlite3.connect(self.db_path) as conn:
cursor = conn.cursor()
hashed_pw = bcrypt.hashpw(password.encode(), bcrypt.gensalt(14))
cursor.execute("INSERT INTO Admin (username, password) VALUES (?,?)", (username, hashed_pw))
conn.commit()

5
init_script.sql
View File

@ -42,6 +42,11 @@ CREATE TABLE Queue (
priority INTEGER
);
CREATE TABLE Admin (
username TEXT PRIMARY KEY NOT NULL,
password TEXT
)
-- Full Text Index
CREATE VIRTUAL TABLE File_index USING fts5 (

1
requirements.txt
View File

@ -8,3 +8,4 @@ Flask-Caching
praw
humanfriendly
apscheduler
bcrypt

26
templates/admin.html Normal file
View File

@ -0,0 +1,26 @@
{% extends "layout.html" %}
{% set title = "Admin login - OD-Database" %}
{% block body %}
<div class="container">
<div class="card">
<div class="card-header">Admin login</div>
<div class="card-body">
<form action="/login" method="post">
<div class="form-group">
<input class="form-control" name="username" placeholder="Username">
</div>
<div class="form-group">
<input class="form-control" name="password" placeholder="Password" type="password">
</div>
{{ recaptcha.get_code()|safe }}
<input type="submit" value="Login">
</form>
</div>
</div>
</div>
{% endblock body %}

13
templates/dashboard.html Normal file
View File

@ -0,0 +1,13 @@
{% extends "layout.html" %}
{% set title = "Dashboard - OD-Database" %}
{% block body %}
<div class="container">
<div class="card">
<div class="card-header">Dashboard</div>
<div class="card-body">
todo
</div>
</div>
</div>
{% endblock body %}