Updated readme, changes to sample to match, some smaller fixes

scanner/floatapp/app.cfg.sample

@@ -1,8 +1,9 @@
 ADMIN_USERNAME = "misterscanner"
 ADMIN_PASSWORD = "ilovescanning"
 
-PHOTO_USERNAME = "photos" # The GUI currently hardcodes 'photos', so don't change this
-PHOTO_PASSWORD = "myphotopassword"
+PERMISSION_MAP = {
+    'album/or/image/path': ['token']
+}
 
 ALBUM_PATH = "/var/www/uwsgi/photofloat/albums"
 ALBUM_ACCEL = "/internal-albums"

scanner/floatapp/auth.txt

@@ -1 +0,0 @@
-path/to/some/place

scanner/floatapp/endpoints.py

@@ -39,8 +39,9 @@ def login():
         logout_user()
 
     if current_user.is_authenticated:
-        return 'Already logged in.'
-    elif (query_is_admin_user(request.form) or
+        logout_user()
+
+    if (query_is_admin_user(request.form) or
             query_is_admin_user(request.args)):
         login_user(admin_user, remember=True)
     else:
@@ -48,7 +49,6 @@ def login():
                    request.args.get('username', None))
         if user_id:
             login_user(load_user(user_id), remember=True)
-            print "logged in {}".format(user_id)
             return 'You are now logged in.'
 
     return ""
@@ -137,6 +137,9 @@ def cache_base(path):
 
 
 def has_permission(path):
+    if not current_user.is_anonymous and current_user.is_admin:
+        return True
+
     for auth_path in permission_map.keys():
         # this is a protected object
         if (path.startswith(auth_path) or

scanner/floatapp/login.py

@@ -15,6 +15,10 @@ class User(UserMixin):
     def __str__(self):
         return str(self.id)
 
+    @property
+    def is_admin(self):
+        return self.admin
+
 admin_user = User("admin", True)