diff --git a/library/borrowform.py b/library/borrowform.py new file mode 100644 index 0000000..19aa60a --- /dev/null +++ b/library/borrowform.py @@ -0,0 +1,33 @@ +"""Form object declaration.""" +from flask_wtf import FlaskForm +from wtforms import ( + StringField, + SubmitField, +) +from wtforms import validators +from wtforms.validators import Length + + + +class BorrowForm(FlaskForm): + """Borrow a book form.""" + + borrowed = StringField( + "Fill in your name if you're going to borrow this publication.", + [ + validators.InputRequired(), + Length( + min=3, message="Just so we know who is borrowing this book." + ), + ], + ) + secret = StringField( + "Librarians secret:", + [ + validators.InputRequired(), + Length( + min=2, message="Fill in the secret to unlock to library." + ), + ], + ) + submit = SubmitField("Borrow") diff --git a/library/csvparser/varlib.csv b/library/csvparser/varlib.csv index 8d4c745..a366c72 100644 --- a/library/csvparser/varlib.csv +++ b/library/csvparser/varlib.csv @@ -1,6 +1,6 @@ Id,Publication,Author,Year,Custodian,Fields,Type,Publishers,License,LicenseShort,Highlights,Comments,Currently borrowed by 1,The Economics of Anarchism,Anarcho,2012,Varia,"Economics, Anarchism",Zine,theanarchistlibrary.org,Anti-copyright,Anti-copyright,"The labourer retains, even after he has recieved his wages, a natural right in the thing he has produced",,No one -2,Identity Politics - An Anthology,The Anarchist Library,,Varia,Identity politics,Zine,Paper Jam Collective,No license mentioned,No license mentioned,,me, +2,Identity Politics - An Anthology,The Anarchist Library,,Varia,Identity politics,Zine,Paper Jam Collective,No license mentioned,No license mentioned,,me,Danny 3,The mythology of work,CrimeThinc.com,,Varia,"Work, Anticapitalism",Zine,CrimeThinc.com,No license mentioned,No license mentioned,,"A selection from 'Work', a 376-page analysis of contemporary capitalism", 4,Forget Shorter Showers - Why Personal Change Does Not Equal Political Change,Derrick Jensen,2009,Varia,Environmental justice,Zine,,No license mentioned,No license mentioned,Green consumerism isn't enough.,, 5,Choreo-Graphic-Hypothesis,"",2018,Varia,"Live Coding, Choreography",Paperback,Self published: Joana Chicau,Free Art License 1.3,Free Art License,"Theatrical actions are not necessary to the performance, Avoid if at all possible",, @@ -52,3 +52,4 @@ Id,Publication,Author,Year,Custodian,Fields,Type,Publishers,License,LicenseShort 60,Networks of one's own #1: Etherbox,"Michael Murtaugh, An Mertens, Roel Roscam Abbing, Femke Snelting",2018,Varia,"Networks, Digital Infrastructures, DIY, DIWO, Executable publication, Experimental Publishing, wireless",Paperback,Constant Verlag,Copyleft,Copyleft,,, 61,Mots de la cage aux ours - woorden uit de berenkuil,Constant,2012,Varia,"words, language, Bruxelles",Softcover,Constant,Copyleft,Copyleft,,, 62,Snake rituals and switching circuits,Florian Cramer,2009,Danny,"mass communication, personal communication, new media",paperback,Piet Zwart Institute,Creative Commons Attribution-Share Alike 3.0,Creative Commons,The function of a medium is ultimately decided by its users and not by its creators,, +63,Magium issue 1: On Eating in isolation,Alice Strete,2020,Varia,"food, sharing, personal stories, consumption",zine,Self Published,Free Art License,Free Art License,,,Danny diff --git a/library/page.py b/library/page.py index 72921ae..09c5468 100644 --- a/library/page.py +++ b/library/page.py @@ -5,6 +5,7 @@ import flask from requests import get from icalendar import Calendar import datetime +import bcrypt from flask import ( render_template, redirect, @@ -12,6 +13,7 @@ from flask import ( ) from rnrfeed.rnrfeeder import getevents, getlatestevent from uploadform import PublicationForm +from borrowform import BorrowForm from csvparser.csvparser import ( getlicenses, getpublications, @@ -19,6 +21,7 @@ from csvparser.csvparser import ( getyears, getfullpublication, writepublication, + editborrowedby, ) from flask_wtf.csrf import CSRFProtect @@ -50,7 +53,8 @@ def index(): def upload(): uploadform = PublicationForm() if request.method == 'POST': - if uploadform.validate_on_submit(): + if (uploadform.validate_on_submit() and + checksecret(uploadform.secret.data)): id = writepublication(uploadform) return redirect(str(id), code=303) else: @@ -59,12 +63,29 @@ def upload(): return render_template("upload.html", uploadform=uploadform) -@APP.route("/") +@APP.route("/", methods=["GET", "POST"]) def show_book(publicationID): """route for a publication, still needs to be made""" fullpublication = getfullpublication(publicationID) - # parse csv, render template with full list. - return render_template("publication.html", fullpublication=fullpublication) + borrowform = BorrowForm() + if request.method == 'POST': + if (borrowform.validate_on_submit() and + checksecret(borrowform.secret.data)): + editborrowedby(publicationID, borrowform.borrowed.data) + fullpublication["Borrowed"] = borrowform.borrowed.data + return render_template( + "publication.html", + fullpublication=fullpublication, + publicationID=publicationID, + borrowform=borrowform + ) + # return a full publication with or without form errors + return render_template( + "publication.html", + fullpublication=fullpublication, + publicationID=publicationID, + borrowform=borrowform + ) @APP.route("/pastevents") @@ -100,6 +121,15 @@ def upcoming_or_latest(): return dict(upcoming=upcoming) +def checksecret(secret): + with open("secret") as f: + secrethash = f.readline().rstrip() + if bcrypt.checkpw(secret.encode("utf-8"), secrethash.encode("utf-8")): + return True + else: + return False + + if __name__ == "__main__": APP.debug = True APP.run(port=5000) diff --git a/library/secret b/library/secret new file mode 100644 index 0000000..5658eff --- /dev/null +++ b/library/secret @@ -0,0 +1 @@ +$2b$12$kZC/e1smAiBCntQxLUpsZ.H0Y5VkWG/YLt18wIdGmONtijkXYaVsO diff --git a/library/static/css/style.css b/library/static/css/style.css index a476ddb..903ea51 100644 --- a/library/static/css/style.css +++ b/library/static/css/style.css @@ -69,6 +69,7 @@ body:after { #bookshelf > div > a { color: black; + text-decoration: none; } #publication { @@ -87,7 +88,7 @@ body:after { .event { margin: 0 1em 1em; - max-width: 90%; + max-width: calc(90% - 3em); margin-top: 3em; padding: 6px; display: block; diff --git a/library/static/css/upload.css b/library/static/css/upload.css index 701f4f7..1e271c9 100644 --- a/library/static/css/upload.css +++ b/library/static/css/upload.css @@ -15,7 +15,7 @@ .uploadform-field { margin: 0; - padding: 1em; + padding: 1em 0em 1em 0em; } input[type=text], select { @@ -25,7 +25,6 @@ input[type=text], select { margin: 1em 0; display: inline-block; border: 1px solid #ccc; - border-radius: 4px; box-sizing: border-box; } @@ -34,12 +33,16 @@ input[type=submit] { text-align: right; color: white; padding: 1em 3em; - margin: 1em 1em; border: none; - border-radius: 4px; cursor: pointer; } input[type=submit]:hover { background-color: #404d81; } + +fieldset{ + border:0 none; + padding-top: 0em; + padding-left: 0em; +} diff --git a/library/templates/publication.html b/library/templates/publication.html index be9039c..d8b2857 100644 --- a/library/templates/publication.html +++ b/library/templates/publication.html @@ -47,8 +47,30 @@

{{ fullpublication["Comments"] }}

- Currently borrowed by - No one + Currently borrowed by: +

{{ fullpublication["Borrowed"] }}

+ + + +
+ {{ borrowform.csrf_token }} +
+ {{ borrowform.borrowed.label }} + {{ borrowform.borrowed }} + {% for message in borrowform.borrowed.errors %} +
{{ message }}
+ {% endfor %} +
+
+ {{ borrowform.secret.label }} + {{ borrowform.secret }} + {% for message in borrowform.secret.errors %} +
{{ message }}
+ {% endfor %} +
+ {{ borrowform.submit }} + + diff --git a/library/templates/upload.html b/library/templates/upload.html index bbf2487..4a040f9 100644 --- a/library/templates/upload.html +++ b/library/templates/upload.html @@ -89,6 +89,14 @@ {{ uploadform.borrowed }} +
+ {{ uploadform.secret.label }} + {{ uploadform.secret }} + {% for message in uploadform.secret.errors %} +
{{ message }}
+ {% endfor %} +
+ {{ uploadform.submit }}
diff --git a/library/uploadform.py b/library/uploadform.py index afae259..9397318 100644 --- a/library/uploadform.py +++ b/library/uploadform.py @@ -77,4 +77,13 @@ class PublicationForm(FlaskForm): highlights = TextField("Highlights from the publication:") comments = TextField("Comments on the publication:") borrowed = StringField("Currently borrowed by:") + secret = StringField( + "Librarians secret:", + [ + validators.InputRequired(), + Length( + min=2, message="Fill in the secret to unlock to library." + ), + ], + ) submit = SubmitField("Submit") diff --git a/requirements.txt b/requirements.txt index 85b1704..f144509 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,3 +3,4 @@ feedparser flask flask_wtf requests +bcrypt