continue
This commit is contained in:
parent
7db20b290e
commit
d6b3286bc5
@ -1,15 +1,21 @@
|
||||
"""This is the main flask library page"""
|
||||
|
||||
|
||||
from datetime import timedelta
|
||||
import datetime
|
||||
import json
|
||||
import os
|
||||
|
||||
import bcrypt
|
||||
from app import create_app
|
||||
from app import create_app, login_manager
|
||||
from application.csvparser import CsvParser
|
||||
from flask import Blueprint, redirect, render_template, request
|
||||
from flask_wtf.csrf import CSRFProtect
|
||||
from flask import Blueprint, redirect, render_template, request, session
|
||||
from flask_wtf.csrf import CSRFProtect, CSRFError
|
||||
from flask_login import (
|
||||
logout_user,
|
||||
login_required,
|
||||
current_user,
|
||||
)
|
||||
from forms.borrowform import BorrowForm
|
||||
from forms.uploadform import PublicationForm
|
||||
from icalendar import Calendar
|
||||
@ -28,6 +34,12 @@ csvparser = CsvParser(
|
||||
)
|
||||
|
||||
|
||||
@APP.before_request
|
||||
def session_handler():
|
||||
session.permanent = True
|
||||
APP.permanent_session_lifetime = timedelta(minutes=30)
|
||||
|
||||
|
||||
@APP.route("/")
|
||||
def index():
|
||||
"""Main route, shows all the books and you can filter them
|
||||
@ -48,13 +60,12 @@ def index():
|
||||
|
||||
|
||||
@APP.route("/upload", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def upload():
|
||||
"""Upload route, a page to upload a book to the csv"""
|
||||
uploadform = PublicationForm()
|
||||
if request.method == "POST":
|
||||
if uploadform.validate_on_submit() and checksecret(
|
||||
uploadform.secret.data
|
||||
):
|
||||
if uploadform.validate_on_submit():
|
||||
id = csvparser.writepublication(uploadform)
|
||||
saveimage(uploadform.image.data, id)
|
||||
return redirect(str(id), code=303)
|
||||
@ -112,14 +123,46 @@ def saveimage(image, id):
|
||||
os.remove(os.path.join(APP.config["UPLOAD_FOLDER"], image.filename))
|
||||
|
||||
|
||||
def checksecret(secret):
|
||||
"""small simple check to a secret, library group members can upload"""
|
||||
with open("secret") as f:
|
||||
secrethash = f.readline().rstrip()
|
||||
if bcrypt.checkpw(secret.encode("utf-8"), secrethash.encode("utf-8")):
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
@APP.route("/logout")
|
||||
@login_required
|
||||
def logout():
|
||||
logout_user()
|
||||
return redirect(url_for("index"))
|
||||
|
||||
|
||||
@APP.route("/login", methods=["GET", "POST"])
|
||||
def login():
|
||||
return LoginUser()
|
||||
|
||||
|
||||
@APP.route("/register", methods=["GET", "POST"])
|
||||
def register():
|
||||
return RegisterUser()
|
||||
|
||||
|
||||
@APP.route("/forgotpassword", methods=["GET", "POST"])
|
||||
def forgotpassword():
|
||||
return ForgotPassword(mail)
|
||||
|
||||
|
||||
@APP.route("/resetpassword/<path>", methods=["GET", "POST"])
|
||||
def resetpassword(path):
|
||||
return ResetPassword(path)
|
||||
|
||||
|
||||
@APP.errorhandler(CSRFError)
|
||||
def handle_csrf_error(e):
|
||||
return render_template("csrf_error.html", reason=e.description), 400
|
||||
|
||||
|
||||
@login_manager.user_loader
|
||||
def load_user(user_id):
|
||||
return User.query.get(int(user_id))
|
||||
|
||||
|
||||
@APP.errorhandler(CSRFError)
|
||||
def handle_csrf_error(e):
|
||||
return render_template("csrf_error.html", reason=e.description), 400
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
||||
@ -1 +0,0 @@
|
||||
$2b$12$kZC/e1smAiBCntQxLUpsZ.H0Y5VkWG/YLt18wIdGmONtijkXYaVsO
|
||||
Loading…
Reference in New Issue
Block a user