From 6c56b17dfc1da66bc5694202d49c4c9b55df5ad6 Mon Sep 17 00:00:00 2001 From: Sage Vaillancourt Date: Fri, 23 Sep 2022 13:59:43 -0400 Subject: [PATCH] Start toying with logins. Use SECRET_KEY from environment. Remove (I believe) unnecessary config information. --- undercover/__init__.py | 12 ++++++------ undercover/routes.py | 11 ++++++++++- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/undercover/__init__.py b/undercover/__init__.py index 9e24620..8f93f33 100644 --- a/undercover/__init__.py +++ b/undercover/__init__.py @@ -13,14 +13,14 @@ def create_app(test_config=None): app = Flask(__name__, instance_relative_config=True) app.config.from_mapping( - SECRET_KEY='dev', - DATABASE=os.path.join(app.instance_path, 'undercover.sqlite'), + SECRET_KEY=os.environ['UNDERCOVER_SECRET_KEY'], + # DATABASE=os.path.join(app.instance_path, 'undercover.sqlite'), ) - if test_config is None: - app.config.from_pyfile('config.py', silent=True) - else: - app.config.from_mapping(test_config) + # if test_config is None: + # app.config.from_pyfile('config.py', silent=True) + # else: + # app.config.from_mapping(test_config) os.makedirs(app.instance_path, exist_ok=True) diff --git a/undercover/routes.py b/undercover/routes.py index d36ce79..7b40925 100644 --- a/undercover/routes.py +++ b/undercover/routes.py @@ -5,7 +5,7 @@ import subprocess import threading import urllib.parse -from flask import (Blueprint, render_template, request, make_response) +from flask import (Blueprint, render_template, request, make_response, session, redirect) from wtforms import Form, StringField, TextAreaField, validators import undercover.db as db @@ -63,6 +63,15 @@ class CLForm(Form): ) +@writing_blueprint.route('/login', methods=['POST']) +def login_post(): + username = request.form['username'] + if db.login(username, request.form['password']): + session['username'] = username + return redirect('/') + return make_response("", 401) + + @writing_blueprint.route('/', methods=['GET']) def index_get(): global index_cache