From 9b9e0f2662a8293f80677e3d3a37568265e0577d Mon Sep 17 00:00:00 2001 From: User Identifier Date: Sat, 24 Feb 2018 19:53:44 +0100 Subject: [PATCH] Add authentication --- setup.py | 2 +- src/ciclostile_web | 19 +++++++++++++++++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/setup.py b/setup.py index 22fb118..e7ba29d 100644 --- a/setup.py +++ b/setup.py @@ -18,5 +18,5 @@ setup( packages=['ciclostile'], scripts=['src/ciclostile_render', 'src/ciclostile_web'], - install_requires=['markdown', 'jinja2'] + install_requires=['markdown', 'jinja2', 'flask', 'flask-httpauth'] ) diff --git a/src/ciclostile_web b/src/ciclostile_web index 710a458..709a550 100755 --- a/src/ciclostile_web +++ b/src/ciclostile_web @@ -1,7 +1,7 @@ #!/usr/bin/env python3 import os -from flask import Flask, send_from_directory, render_template, request,\ - redirect +from flask import Flask, send_from_directory, render_template, request +from flask_httpauth import HTTPDigestAuth import ciclostile working_dir = os.getcwd() @@ -12,6 +12,19 @@ target_path, template_path, markdown_path = [ ] app = Flask(__name__) +app.config['SECRET_KEY'] = 'secret key here' +auth = HTTPDigestAuth() + +users = { + 'admin': 'password', +} + + +@auth.get_password +def get_pw(username): + if username in users: + return users.get(username) + return None @app.route('/assets/') @@ -27,12 +40,14 @@ def page(page_name): @app.route('//edit') +@auth.login_required def edit(page_name): md_text = ciclostile.read_markdown(page_name, markdown_path) return render_template('edit.html', **locals()) @app.route('/edit', methods=['POST']) +@auth.login_required def edit_actions(): page_name = request.form['page_name'] md_text = request.form['md_text']