photofloat/scanner/floatapp/login.py

48 lines
1.1 KiB
Python

from floatapp import app, login_manager
from flask import request, abort
from flask_login import current_user, UserMixin
from functools import wraps
class User(UserMixin):
def __init__(self, id, admin=False):
self.admin = admin
self.id = id
def __unicode__(self):
return u"{}".format(self.id)
def __str__(self):
return str(self.id)
admin_user = User("admin", True)
@login_manager.user_loader
def load_user(id):
if id == "admin":
return admin_user
return User(id)
@login_manager.unauthorized_handler
def unauthorized():
return abort(403)
def admin_required(fn):
@wraps(fn)
def decorated_view(*args, **kwargs):
if (query_is_admin_user(request.args) or
(current_user.is_authenticated and current_user.admin)):
return fn(*args, **kwargs)
return app.login_manager.unauthorized()
return decorated_view
def query_is_admin_user(query):
username = query.get("username", None)
password = query.get("password", None)
return (username == app.config["ADMIN_USERNAME"] and
password == app.config["ADMIN_PASSWORD"])