1
0
mirror of https://github.com/spl0k/supysonic.git synced 2024-11-13 21:52:18 +00:00
supysonic/user.py

103 lines
2.7 KiB
Python
Raw Normal View History

2012-11-17 01:09:20 +00:00
# coding: utf-8
2012-11-17 17:30:30 +00:00
from flask import request, session, flash, render_template, redirect, url_for
2012-11-17 01:09:20 +00:00
from web import app
from user_manager import UserManager
2012-11-17 17:30:30 +00:00
from db import User
2012-11-17 01:09:20 +00:00
2012-12-09 20:30:37 +00:00
@app.before_request
def check_admin():
if not request.path.startswith('/user') or request.endpoint in ('login', 'logout'):
return
if request.endpoint == 'add_user' and User.query.filter(User.admin == True).count() == 0:
return
if request.endpoint in ('user_index', 'add_user', 'del_user') and not UserManager.get(session.get('userid'))[1].admin:
return redirect(url_for('index'))
2012-11-17 01:09:20 +00:00
@app.route('/user')
def user_index():
2012-11-17 17:30:30 +00:00
return render_template('users.html', users = User.query.all())
2012-11-17 01:09:20 +00:00
@app.route('/user/add', methods = [ 'GET', 'POST' ])
def add_user():
if request.method == 'GET':
return render_template('adduser.html')
error = False
(name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'name', 'passwd', 'passwd_confirm', 'mail', 'admin' ])
if name in (None, ''):
flash('The name is required.')
error = True
if passwd in (None, ''):
flash('Please provide a password.')
error = True
elif passwd != passwd_confirm:
flash("The passwords don't match.")
error = True
2012-11-17 01:09:20 +00:00
if admin is None:
2012-11-17 17:30:30 +00:00
admin = True if User.query.filter(User.admin == True).count() == 0 else False
2012-11-17 01:09:20 +00:00
else:
admin = True
if not error:
status = UserManager.add(name, passwd, mail, admin)
if status == UserManager.SUCCESS:
flash("User '%s' successfully added" % name)
return redirect(url_for('user_index'))
else:
flash(UserManager.error_str(status))
return render_template('adduser.html')
@app.route('/user/del/<uid>')
def del_user(uid):
status = UserManager.delete(uid)
if status == UserManager.SUCCESS:
flash('Deleted user')
else:
flash(UserManager.error_str(status))
2012-11-17 01:09:20 +00:00
return redirect(url_for('user_index'))
@app.route('/user/login', methods = [ 'GET', 'POST'])
def login():
return_url = request.args.get('returnUrl') or url_for('index')
if session.get('userid'):
flash('Already logged in')
return redirect(return_url)
if request.method == 'GET':
return render_template('login.html')
name, password = map(request.form.get, [ 'user', 'password' ])
2012-11-17 01:09:20 +00:00
error = False
if name in ('', None):
2012-11-17 01:09:20 +00:00
flash('Missing user name')
error = True
if password in ('', None):
flash('Missing password')
error = True
2012-11-17 01:09:20 +00:00
if not error:
status, user = UserManager.try_auth(name, password)
if status == UserManager.SUCCESS:
session['userid'] = str(user.id)
flash('Logged in!')
return redirect(return_url)
2012-11-17 01:09:20 +00:00
else:
flash(UserManager.error_str(status))
2012-11-17 01:09:20 +00:00
return render_template('login.html')
@app.route('/user/logout')
def logout():
session.clear()
flash('Logged out!')
return redirect(url_for('login'))