From 6dfa2c530a9769dab320fd83b882e51013bc4f0f Mon Sep 17 00:00:00 2001 From: wes Date: Sat, 17 Jun 2017 18:13:21 -0400 Subject: [PATCH] add authentication plugin --- build/requirements.txt | 1 + build/website.py | 32 ++++++++++++++++++++++---------- requirements.txt | 1 + src/website.py | 34 ++++++++++++++++++++++++---------- 4 files changed, 48 insertions(+), 20 deletions(-) diff --git a/build/requirements.txt b/build/requirements.txt index 453eb76..19881b4 100644 --- a/build/requirements.txt +++ b/build/requirements.txt @@ -10,6 +10,7 @@ Fabric==1.13.1 Flask==0.12 flask-appconfig==0.11.1 Flask-Bootstrap==3.3.7.1 +Flask-Login==0.4.0 flask-marshmallow==0.7.0 greenlet==0.4.12 idna==2.2 diff --git a/build/website.py b/build/website.py index 594ef82..14d6178 100755 --- a/build/website.py +++ b/build/website.py @@ -4,6 +4,7 @@ from functools import partial from flask import abort, Flask, render_template, flash, request, send_from_directory, jsonify from werkzeug.local import Local, LocalProxy, LocalManager from flask_appconfig import AppConfig +from flask_login import LoginManager, login_required from urllib.parse import unquote from urllib.parse import quote, unquote @@ -18,6 +19,7 @@ from posts import Posts from projects import getProjects posts = Posts() +login_manager = LoginManager() def cacheit(key, thunk): """ @@ -55,10 +57,6 @@ def NeverWhere(configfile=None): print("matched index") return render_template("index.html") - @app.route("/blog/editor/", methods=("GET", "POST")) - def editor(): - return render_template("write.html") - @app.route("/blog/scripts/", methods=("GET", "POST")) def send_script(filename): print("matched scripts route") @@ -68,12 +66,6 @@ def NeverWhere(configfile=None): def send_style(filename): return send_from_directory("/srv/http/riotblog/styles", filename) - @app.route("/blog/insert/", methods=("POST",)) - def insert(): - print("XXX") - print(request.form) - return posts.savepost(**request.form) - @app.route("/blog/switchpost/") def getposts(pid): try: @@ -82,6 +74,24 @@ def NeverWhere(configfile=None): index = 0 return posts.getposts(index+1, index) + # editor routes + + @app.route("/blog/editor/", methods=("GET", "POST")) + @login_required + def editor(): + """ + View the post editor, requires auth + """ + return render_template("write.html") + + @app.route("/blog/insert/", methods=("POST",)) + @login_required + def insert(): + """ + Insert a post, requires auth + """ + return posts.savepost(**request.form) + @app.route("/") def page_not_found(path): return "Oops, couldn't find that :/" @@ -90,5 +100,7 @@ def NeverWhere(configfile=None): app = NeverWhere() +login_manager.init_app(app) + if __name__ == "__main__": NeverWhere("./appconfig").run(host="localhost", port=8001, debug=True) diff --git a/requirements.txt b/requirements.txt index 453eb76..19881b4 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,6 +10,7 @@ Fabric==1.13.1 Flask==0.12 flask-appconfig==0.11.1 Flask-Bootstrap==3.3.7.1 +Flask-Login==0.4.0 flask-marshmallow==0.7.0 greenlet==0.4.12 idna==2.2 diff --git a/src/website.py b/src/website.py index 594ef82..f3dc9e8 100755 --- a/src/website.py +++ b/src/website.py @@ -4,6 +4,7 @@ from functools import partial from flask import abort, Flask, render_template, flash, request, send_from_directory, jsonify from werkzeug.local import Local, LocalProxy, LocalManager from flask_appconfig import AppConfig +from flask_login import LoginManager, login_required from urllib.parse import unquote from urllib.parse import quote, unquote @@ -18,6 +19,7 @@ from posts import Posts from projects import getProjects posts = Posts() +login_manager = LoginManager() def cacheit(key, thunk): """ @@ -55,10 +57,6 @@ def NeverWhere(configfile=None): print("matched index") return render_template("index.html") - @app.route("/blog/editor/", methods=("GET", "POST")) - def editor(): - return render_template("write.html") - @app.route("/blog/scripts/", methods=("GET", "POST")) def send_script(filename): print("matched scripts route") @@ -68,12 +66,6 @@ def NeverWhere(configfile=None): def send_style(filename): return send_from_directory("/srv/http/riotblog/styles", filename) - @app.route("/blog/insert/", methods=("POST",)) - def insert(): - print("XXX") - print(request.form) - return posts.savepost(**request.form) - @app.route("/blog/switchpost/") def getposts(pid): try: @@ -82,6 +74,26 @@ def NeverWhere(configfile=None): index = 0 return posts.getposts(index+1, index) + # editor routes + + @app.route("/blog/editor/", methods=("GET", "POST")) + @login_required + def editor(): + """ + View the post editor, requires auth + """ + return render_template("write.html") + + @app.route("/blog/insert/", methods=("POST",)) + @login_required + def insert(): + """ + Insert a post, requires auth + """ + return posts.savepost(**request.form) + + # default, not found error + @app.route("/") def page_not_found(path): return "Oops, couldn't find that :/" @@ -90,5 +102,7 @@ def NeverWhere(configfile=None): app = NeverWhere() +login_manager.init_app(app) + if __name__ == "__main__": NeverWhere("./appconfig").run(host="localhost", port=8001, debug=True)