mirror of
https://github.com/spl0k/supysonic.git
synced 2024-12-23 01:16:18 +00:00
User management got its own module, along with initial configuration
This commit is contained in:
parent
3e89c102e9
commit
e44f7dc2bf
2
db.py
2
db.py
@ -53,7 +53,7 @@ class User(Base):
|
|||||||
mail = Column(String)
|
mail = Column(String)
|
||||||
password = Column(String(40))
|
password = Column(String(40))
|
||||||
salt = Column(String(6))
|
salt = Column(String(6))
|
||||||
admin = Column(Boolean)
|
admin = Column(Boolean, default = False)
|
||||||
|
|
||||||
class Folder(Base):
|
class Folder(Base):
|
||||||
__tablename__ = 'folder'
|
__tablename__ = 'folder'
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
<label for="passwd">Password</label><input type="password" id="passwd" name="passwd" /><br />
|
<label for="passwd">Password</label><input type="password" id="passwd" name="passwd" /><br />
|
||||||
<label for="passwd_confirm">Confirm</label><input type="password" id="passwd_confirm" name="passwd_confirm" /><br />
|
<label for="passwd_confirm">Confirm</label><input type="password" id="passwd_confirm" name="passwd_confirm" /><br />
|
||||||
<label for="mail">EMail</label><input type="text" id="mail" name="mail" value="{{ request.form.mail }}" /><br />
|
<label for="mail">EMail</label><input type="text" id="mail" name="mail" value="{{ request.form.mail }}" /><br />
|
||||||
|
<label for="admin">Admin</label><input type="checkbox" id="admin" name="admin" {{ 'checked="checked"' if 'admin' in request.form }} /><br />
|
||||||
<input type="submit" />
|
<input type="submit" />
|
||||||
</form>
|
</form>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
@ -1,13 +1,6 @@
|
|||||||
{% extends "layout.html" %}
|
{% extends "layout.html" %}
|
||||||
{% block body %}
|
{% block body %}
|
||||||
<h2>Users</h2>
|
<p><a href="{{ url_for('user_index') }}">Users</a></p>
|
||||||
<table>
|
|
||||||
<tr><th>Name</th><th>EMail</th><th></th></tr>
|
|
||||||
{% for user in users %}
|
|
||||||
<tr><td>{{ user.name }}</td><td>{{ user.mail }}</td><td><a href="{{ url_for('del_user', id = user.id) }}">X</a></td></tr>
|
|
||||||
{% endfor %}
|
|
||||||
</table>
|
|
||||||
<a href="{{ url_for('add_user') }}">Add</a>
|
|
||||||
|
|
||||||
<h2>Music folders</h2>
|
<h2>Music folders</h2>
|
||||||
<table>
|
<table>
|
||||||
|
12
templates/users.html
Executable file
12
templates/users.html
Executable file
@ -0,0 +1,12 @@
|
|||||||
|
{% extends "layout.html" %}
|
||||||
|
{% block body %}
|
||||||
|
<h2>Users</h2>
|
||||||
|
<table>
|
||||||
|
<tr><th>Name</th><th>EMail</th><th>Admin</th><th></th></tr>
|
||||||
|
{% for user in users %}
|
||||||
|
<tr><td>{{ user.name }}</td><td>{{ user.mail }}</td><td>{{ user.admin }}</td><td><a href="{{ url_for('del_user', id = user.id) }}">X</a></td></tr>
|
||||||
|
{% endfor %}
|
||||||
|
</table>
|
||||||
|
<a href="{{ url_for('add_user') }}">Add</a>
|
||||||
|
|
||||||
|
{% endblock %}
|
67
user.py
Executable file
67
user.py
Executable file
@ -0,0 +1,67 @@
|
|||||||
|
# coding: utf-8
|
||||||
|
|
||||||
|
from flask import Flask, request, flash, render_template, redirect, url_for
|
||||||
|
import string, random, hashlib
|
||||||
|
import uuid
|
||||||
|
|
||||||
|
from web import app
|
||||||
|
import db
|
||||||
|
|
||||||
|
@app.route('/user')
|
||||||
|
def user_index():
|
||||||
|
return render_template('users.html', users = db.User.query.all())
|
||||||
|
|
||||||
|
@app.route('/user/add', methods = [ 'GET', 'POST' ])
|
||||||
|
def add_user():
|
||||||
|
if request.method == 'GET':
|
||||||
|
return render_template('adduser.html')
|
||||||
|
|
||||||
|
error = False
|
||||||
|
(name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'name', 'passwd', 'passwd_confirm', 'mail', 'admin' ])
|
||||||
|
if name in (None, ''):
|
||||||
|
flash('The name is required.')
|
||||||
|
error = True
|
||||||
|
elif db.User.query.filter(db.User.name == name).first():
|
||||||
|
flash('There is already a user with that name. Please pick another one.')
|
||||||
|
error = True
|
||||||
|
if passwd in (None, ''):
|
||||||
|
flash('Please provide a password.')
|
||||||
|
error = True
|
||||||
|
elif passwd != passwd_confirm:
|
||||||
|
flash("The passwords don't match.")
|
||||||
|
error = True
|
||||||
|
if admin is None:
|
||||||
|
admin = True if db.User.query.filter(db.User.admin == True).count() == 0 else False
|
||||||
|
else:
|
||||||
|
admin = True
|
||||||
|
if error:
|
||||||
|
return render_template('adduser.html')
|
||||||
|
|
||||||
|
salt = ''.join(random.choice(string.printable.strip()) for i in xrange(6))
|
||||||
|
crypt = hashlib.sha1(salt + passwd).hexdigest()
|
||||||
|
user = db.User(name = name, mail = mail, password = crypt, salt = salt, admin = admin)
|
||||||
|
db.session.add(user)
|
||||||
|
db.session.commit()
|
||||||
|
flash("User '%s' successfully added" % name)
|
||||||
|
|
||||||
|
return redirect(url_for('index'))
|
||||||
|
|
||||||
|
@app.route('/user/del/<id>')
|
||||||
|
def del_user(id):
|
||||||
|
try:
|
||||||
|
idid = uuid.UUID(id)
|
||||||
|
except ValueError:
|
||||||
|
flash('Invalid user id')
|
||||||
|
return redirect(url_for('index'))
|
||||||
|
|
||||||
|
user = db.User.query.get(idid)
|
||||||
|
if user is None:
|
||||||
|
flash('No such user')
|
||||||
|
return redirect(url_for('index'))
|
||||||
|
|
||||||
|
db.session.delete(user)
|
||||||
|
db.session.commit()
|
||||||
|
flash("Deleted user '%s'" % user.name)
|
||||||
|
|
||||||
|
return redirect(url_for('index'))
|
||||||
|
|
69
web.py
69
web.py
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
from flask import Flask, request, flash, render_template, redirect, url_for
|
from flask import Flask, request, flash, render_template, redirect, url_for
|
||||||
from sqlalchemy.orm.exc import NoResultFound
|
from sqlalchemy.orm.exc import NoResultFound
|
||||||
import string, random, hashlib
|
|
||||||
import os.path
|
import os.path
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
@ -12,18 +11,22 @@ app.secret_key = '?9huDM\\H'
|
|||||||
import db
|
import db
|
||||||
from scanner import Scanner
|
from scanner import Scanner
|
||||||
|
|
||||||
|
@app.before_request
|
||||||
|
def init_check():
|
||||||
|
if request.path.startswith('/rest/'):
|
||||||
|
return
|
||||||
|
|
||||||
|
if db.User.query.filter(db.User.admin == True).count() == 0 and request.endpoint != 'add_user':
|
||||||
|
flash('Not configured. Please create the first admin user')
|
||||||
|
return redirect(url_for('add_user'))
|
||||||
|
|
||||||
@app.teardown_request
|
@app.teardown_request
|
||||||
def teardown(exception):
|
def teardown(exception):
|
||||||
db.session.remove()
|
db.session.remove()
|
||||||
|
|
||||||
@app.route('/')
|
@app.route('/')
|
||||||
def index():
|
def index():
|
||||||
"""
|
return render_template('home.html', folders = db.Folder.query.filter(db.Folder.root == True).all(),
|
||||||
if User.query.count() == 0:
|
|
||||||
flash('Not configured. Please create the first admin user')
|
|
||||||
return redirect(url_for('add_user'))
|
|
||||||
"""
|
|
||||||
return render_template('home.html', users = db.User.query.all(), folders = db.Folder.query.filter(db.Folder.root == True).all(),
|
|
||||||
artists = db.Artist.query.order_by(db.Artist.name).all(),
|
artists = db.Artist.query.order_by(db.Artist.name).all(),
|
||||||
albums = db.Album.query.join(db.Album.artist).order_by(db.Artist.name, db.Album.name).all())
|
albums = db.Album.query.join(db.Album.artist).order_by(db.Artist.name, db.Album.name).all())
|
||||||
|
|
||||||
@ -32,56 +35,6 @@ def reset_db():
|
|||||||
db.recreate_db()
|
db.recreate_db()
|
||||||
return redirect(url_for('index'))
|
return redirect(url_for('index'))
|
||||||
|
|
||||||
@app.route('/adduser', methods = [ 'GET', 'POST' ])
|
|
||||||
def add_user():
|
|
||||||
if request.method == 'GET':
|
|
||||||
return render_template('adduser.html')
|
|
||||||
|
|
||||||
error = False
|
|
||||||
(name, passwd, passwd_confirm, mail) = map(request.form.get, [ 'name', 'passwd', 'passwd_confirm', 'mail' ])
|
|
||||||
if name in (None, ''):
|
|
||||||
flash('The name is required.')
|
|
||||||
error = True
|
|
||||||
elif db.User.query.filter(db.User.name == name).first():
|
|
||||||
flash('There is already a user with that name. Please pick another one.')
|
|
||||||
error = True
|
|
||||||
if passwd in (None, ''):
|
|
||||||
flash('Please provide a password.')
|
|
||||||
error = True
|
|
||||||
elif passwd != passwd_confirm:
|
|
||||||
flash("The passwords don't match.")
|
|
||||||
error = True
|
|
||||||
if error:
|
|
||||||
return render_template('adduser.html')
|
|
||||||
|
|
||||||
salt = ''.join(random.choice(string.printable.strip()) for i in xrange(6))
|
|
||||||
crypt = hashlib.sha1(salt + passwd).hexdigest()
|
|
||||||
user = db.User(name = name, mail = mail, password = crypt, salt = salt)
|
|
||||||
db.session.add(user)
|
|
||||||
db.session.commit()
|
|
||||||
flash("User '%s' successfully added" % name)
|
|
||||||
|
|
||||||
return redirect(url_for('index'))
|
|
||||||
|
|
||||||
@app.route('/deluser/<id>')
|
|
||||||
def del_user(id):
|
|
||||||
try:
|
|
||||||
idid = uuid.UUID(id)
|
|
||||||
except ValueError:
|
|
||||||
flash('Invalid user id')
|
|
||||||
return redirect(url_for('index'))
|
|
||||||
|
|
||||||
user = db.User.query.get(idid)
|
|
||||||
if user is None:
|
|
||||||
flash('No such user')
|
|
||||||
return redirect(url_for('index'))
|
|
||||||
|
|
||||||
db.session.delete(user)
|
|
||||||
db.session.commit()
|
|
||||||
flash("Deleted user '%s'" % user.name)
|
|
||||||
|
|
||||||
return redirect(url_for('index'))
|
|
||||||
|
|
||||||
@app.route('/addfolder', methods = [ 'GET', 'POST' ])
|
@app.route('/addfolder', methods = [ 'GET', 'POST' ])
|
||||||
def add_folder():
|
def add_folder():
|
||||||
if request.method == 'GET':
|
if request.method == 'GET':
|
||||||
@ -186,6 +139,8 @@ def scan_folder(id = None):
|
|||||||
flash('Deleted: %i artists, %i albums, %i tracks' % (deleted[0], deleted[1], deleted[2]))
|
flash('Deleted: %i artists, %i albums, %i tracks' % (deleted[0], deleted[1], deleted[2]))
|
||||||
return redirect(url_for('index'))
|
return redirect(url_for('index'))
|
||||||
|
|
||||||
|
import user
|
||||||
|
|
||||||
import api.system
|
import api.system
|
||||||
import api.browse
|
import api.browse
|
||||||
import api.user
|
import api.user
|
||||||
|
Loading…
Reference in New Issue
Block a user