Browse Source

continue

main
crunk 3 months ago
parent
commit
d6b3286bc5
  1. 71
      library/page.py
  2. 1
      library/secret

71
library/page.py

@ -1,15 +1,21 @@
"""This is the main flask library page"""
from datetime import timedelta
import datetime
import json
import os
import bcrypt
from app import create_app
from app import create_app, login_manager
from application.csvparser import CsvParser
from flask import Blueprint, redirect, render_template, request
from flask_wtf.csrf import CSRFProtect
from flask import Blueprint, redirect, render_template, request, session
from flask_wtf.csrf import CSRFProtect, CSRFError
from flask_login import (
logout_user,
login_required,
current_user,
)
from forms.borrowform import BorrowForm
from forms.uploadform import PublicationForm
from icalendar import Calendar
@ -28,6 +34,12 @@ csvparser = CsvParser(
)
@APP.before_request
def session_handler():
session.permanent = True
APP.permanent_session_lifetime = timedelta(minutes=30)
@APP.route("/")
def index():
"""Main route, shows all the books and you can filter them
@ -48,13 +60,12 @@ def index():
@APP.route("/upload", methods=["GET", "POST"])
@login_required
def upload():
"""Upload route, a page to upload a book to the csv"""
uploadform = PublicationForm()
if request.method == "POST":
if uploadform.validate_on_submit() and checksecret(
uploadform.secret.data
):
if uploadform.validate_on_submit():
id = csvparser.writepublication(uploadform)
saveimage(uploadform.image.data, id)
return redirect(str(id), code=303)
@ -112,14 +123,46 @@ def saveimage(image, id):
os.remove(os.path.join(APP.config["UPLOAD_FOLDER"], image.filename))
def checksecret(secret):
"""small simple check to a secret, library group members can upload"""
with open("secret") as f:
secrethash = f.readline().rstrip()
if bcrypt.checkpw(secret.encode("utf-8"), secrethash.encode("utf-8")):
return True
else:
return False
@APP.route("/logout")
@login_required
def logout():
logout_user()
return redirect(url_for("index"))
@APP.route("/login", methods=["GET", "POST"])
def login():
return LoginUser()
@APP.route("/register", methods=["GET", "POST"])
def register():
return RegisterUser()
@APP.route("/forgotpassword", methods=["GET", "POST"])
def forgotpassword():
return ForgotPassword(mail)
@APP.route("/resetpassword/<path>", methods=["GET", "POST"])
def resetpassword(path):
return ResetPassword(path)
@APP.errorhandler(CSRFError)
def handle_csrf_error(e):
return render_template("csrf_error.html", reason=e.description), 400
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
@APP.errorhandler(CSRFError)
def handle_csrf_error(e):
return render_template("csrf_error.html", reason=e.description), 400
if __name__ == "__main__":

1
library/secret

@ -1 +0,0 @@
$2b$12$kZC/e1smAiBCntQxLUpsZ.H0Y5VkWG/YLt18wIdGmONtijkXYaVsO
Loading…
Cancel
Save