add config for web login
This commit is contained in:
Yax
parent
67262ec785
commit
2e74425108
4 changed files with 17 additions and 3 deletions
|
|
@ -34,3 +34,8 @@ ssl = false
|
||||||
port = 587
|
port = 587
|
||||||
login = blog@mydomain.com
|
login = blog@mydomain.com
|
||||||
password = MYPASSWORD
|
password = MYPASSWORD
|
||||||
|
|
||||||
|
[web]
|
||||||
|
username = admin
|
||||||
|
; SHA-256 hashed password (https://coding.tools/sha256)
|
||||||
|
password = 8C6976E5B5410415BDE908BD4DEE15DFB167A9C873FC4BB8A81F6F2AB448A918
|
||||||
|
|
|
||||||
2
run.py
2
run.py
|
|
@ -108,6 +108,8 @@ def stacosys_server(config_pathname):
|
||||||
app.config.update(SITE_REDIRECT=conf.get(ConfigParameter.SITE_REDIRECT))
|
app.config.update(SITE_REDIRECT=conf.get(ConfigParameter.SITE_REDIRECT))
|
||||||
app.config.update(SITE_URL=conf.get(ConfigParameter.SITE_URL))
|
app.config.update(SITE_URL=conf.get(ConfigParameter.SITE_URL))
|
||||||
app.config.update(LANG=conf.get(ConfigParameter.LANG))
|
app.config.update(LANG=conf.get(ConfigParameter.LANG))
|
||||||
|
app.config.update(WEB_USERNAME=conf.get(ConfigParameter.WEB_USERNAME))
|
||||||
|
app.config.update(WEB_PASSWORD=conf.get(ConfigParameter.WEB_PASSWORD))
|
||||||
logger.info(f"start interfaces {api} {form} {admin}")
|
logger.info(f"start interfaces {api} {form} {admin}")
|
||||||
|
|
||||||
# start Flask
|
# start Flask
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,9 @@ class ConfigParameter(Enum):
|
||||||
SITE_ADMIN_EMAIL = "site.admin_email"
|
SITE_ADMIN_EMAIL = "site.admin_email"
|
||||||
SITE_REDIRECT = "site.redirect"
|
SITE_REDIRECT = "site.redirect"
|
||||||
|
|
||||||
|
WEB_USERNAME = "web.username"
|
||||||
|
WEB_PASSWORD = "web.password"
|
||||||
|
|
||||||
|
|
||||||
class Config:
|
class Config:
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
import hashlib
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from flask import request, redirect, flash, render_template, session
|
from flask import request, redirect, flash, render_template, session
|
||||||
|
|
@ -10,7 +11,10 @@ from stacosys.interface import app
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
user = {"username": "admin", "password": "toto"}
|
|
||||||
|
def is_login_ok(username, password):
|
||||||
|
hashed = hashlib.sha256(password.encode()).hexdigest().upper()
|
||||||
|
return app.config.get("WEB_USERNAME") == username and app.config.get("WEB_PASSWORD") == hashed
|
||||||
|
|
||||||
|
|
||||||
@app.route('/web/login', methods=['POST', 'GET'])
|
@app.route('/web/login', methods=['POST', 'GET'])
|
||||||
|
|
@ -18,7 +22,7 @@ def login():
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
username = request.form.get('username')
|
username = request.form.get('username')
|
||||||
password = request.form.get('password')
|
password = request.form.get('password')
|
||||||
if username == user['username'] and password == user['password']:
|
if is_login_ok(username, password):
|
||||||
session['user'] = username
|
session['user'] = username
|
||||||
return redirect('/web/admin')
|
return redirect('/web/admin')
|
||||||
|
|
||||||
|
|
@ -36,7 +40,7 @@ def logout():
|
||||||
|
|
||||||
@app.route("/web/admin", methods=["GET"])
|
@app.route("/web/admin", methods=["GET"])
|
||||||
def admin_homepage():
|
def admin_homepage():
|
||||||
if not ('user' in session and session['user'] == user['username']):
|
if not ('user' in session and session['user'] == app.config.get("WEB_USERNAME")):
|
||||||
flash("Vous avez été déconnecté.")
|
flash("Vous avez été déconnecté.")
|
||||||
return redirect('/web/login')
|
return redirect('/web/login')
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue