yax
/
stacosys
mirror of https://github.com/kianby/stacosys
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add config for web login

Browse Source
pull/6/head
Yax 3 years ago
parent 67262ec785
commit 2e74425108
4 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File

5
config.ini
Unescape Escape View File

@ -34,3 +34,8 @@ ssl = false
port = 587 port = 587
login = blog@mydomain.com login = blog@mydomain.com
password = MYPASSWORD password = MYPASSWORD
[web]
username = admin
; SHA-256 hashed password (https://coding.tools/sha256)
password = 8C6976E5B5410415BDE908BD4DEE15DFB167A9C873FC4BB8A81F6F2AB448A918

2
run.py
Unescape Escape View File

@ -108,6 +108,8 @@ def stacosys_server(config_pathname):
app.config.update(SITE_REDIRECT=conf.get(ConfigParameter.SITE_REDIRECT)) app.config.update(SITE_REDIRECT=conf.get(ConfigParameter.SITE_REDIRECT))
app.config.update(SITE_URL=conf.get(ConfigParameter.SITE_URL)) app.config.update(SITE_URL=conf.get(ConfigParameter.SITE_URL))
app.config.update(LANG=conf.get(ConfigParameter.LANG)) app.config.update(LANG=conf.get(ConfigParameter.LANG))
app.config.update(WEB_USERNAME=conf.get(ConfigParameter.WEB_USERNAME))
app.config.update(WEB_PASSWORD=conf.get(ConfigParameter.WEB_PASSWORD))
logger.info(f"start interfaces {api} {form} {admin}") logger.info(f"start interfaces {api} {form} {admin}")
# start Flask # start Flask

3
stacosys/conf/config.py
Unescape Escape View File

@ -37,6 +37,9 @@ class ConfigParameter(Enum):
SITE_ADMIN_EMAIL = "site.admin_email" SITE_ADMIN_EMAIL = "site.admin_email"
SITE_REDIRECT = "site.redirect" SITE_REDIRECT = "site.redirect"
WEB_USERNAME = "web.username"
WEB_PASSWORD = "web.password"
class Config: class Config:
def __init__(self): def __init__(self):

10
stacosys/interface/web/admin.py
Unescape Escape View File

@ -1,6 +1,7 @@
#!/usr/bin/env python #!/usr/bin/env python
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
import hashlib
import logging import logging
from flask import request, redirect, flash, render_template, session from flask import request, redirect, flash, render_template, session
@ -10,7 +11,10 @@ from stacosys.interface import app
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
user = {"username": "admin", "password": "toto"}
def is_login_ok(username, password):
hashed = hashlib.sha256(password.encode()).hexdigest().upper()
return app.config.get("WEB_USERNAME") == username and app.config.get("WEB_PASSWORD") == hashed
@app.route('/web/login', methods=['POST', 'GET']) @app.route('/web/login', methods=['POST', 'GET'])
@ -18,7 +22,7 @@ def login():
if request.method == 'POST': if request.method == 'POST':
username = request.form.get('username') username = request.form.get('username')
password = request.form.get('password') password = request.form.get('password')
if username == user['username'] and password == user['password']: if is_login_ok(username, password):
session['user'] = username session['user'] = username
return redirect('/web/admin') return redirect('/web/admin')
@ -36,7 +40,7 @@ def logout():
@app.route("/web/admin", methods=["GET"]) @app.route("/web/admin", methods=["GET"])
def admin_homepage(): def admin_homepage():
if not ('user' in session and session['user'] == user['username']): if not ('user' in session and session['user'] == app.config.get("WEB_USERNAME")):
flash("Vous avez été déconnecté.") flash("Vous avez été déconnecté.")
return redirect('/web/login') return redirect('/web/login')

Write Preview
Loading…
Cancel
Save