From 8399a0df7f7c0e095184e99fb3b16ab39fc310de Mon Sep 17 00:00:00 2001 From: Tim Neumann <neumantm@fius.informatik.uni-stuttgart.de> Date: Thu, 19 Dec 2019 23:31:09 +0100 Subject: [PATCH] Add the ability to configure accounts with password. This can be used for helpdesk laptops, for which there is no e-mail address. These accounts must be added to the config with a mail and a password. To login the url /login/password/<password> is used. Solves: 21 --- transporte/config.cfg.example | 6 ++++++ transporte/views.py | 38 ++++++++++++++++++++++++++++------- 2 files changed, 37 insertions(+), 7 deletions(-) diff --git a/transporte/config.cfg.example b/transporte/config.cfg.example index 8dea914..b8623e5 100644 --- a/transporte/config.cfg.example +++ b/transporte/config.cfg.example @@ -7,6 +7,12 @@ UPLOAD_DIR = 'uploads' SQLALCHEMY_DATABASE_URI = 'sqlite:///app.db' SQLALCHEMY_TRACK_MODIFICATIONS = False +#The passwords in this list need to be unique. +#Login via /login/password/<password> +SPECIAL_HELPDESK_ACCOUNTS = [{ + 'email': 'mail@exmaple.com', + 'password': 'secret' +}] # mail server config MAIL_SERVER = 'SMTP_HOST' diff --git a/transporte/views.py b/transporte/views.py index dd3fa0f..c30f5ce 100644 --- a/transporte/views.py +++ b/transporte/views.py @@ -50,6 +50,17 @@ def index(): return render_template('layout.html', todo=todo) +def get_user(email): + user = User.query.filter(User.login == email).first() + + if user is None: + # create user + user = User(login=email) + db.session.add(user) + db.session.commit() + + return user + @app.route('/login', methods=['GET', 'POST']) # @limiter.limit('10/hour') def login(): @@ -68,13 +79,7 @@ def login(): return render_template('login.html', loginform=loginform) - user = User.query.filter(User.login == email).first() - - if user is None: - # create user - user = User(login=email) - db.session.add(user) - db.session.commit() + user = get_user(email) # create token user.mail_token() @@ -96,6 +101,25 @@ def login_with_token(token): flash('Invalid or expired token!') return redirect(url_for('login')) +@app.route('/login/password/<password>') +def login_with_password(password): + accounts_with_this_pw = [ account['email'] for account in app.config['SPECIAL_HELPDESK_ACCOUNTS'] if account['password'] == password ] + + if len(accounts_with_this_pw) == 0: + return redirect(url_for('login')) + elif len(accounts_with_this_pw) > 1: + app.logger.warn("Multiple sepcial helpdesk accounts with the same password are not supported!") + return redirect(url_for('login')) + + user = get_user(accounts_with_this_pw[0]) + + if user: + login_user(user) + + return redirect(url_for('index')) + else: + flash('Invalid or expired token!') + return redirect(url_for('login')) @app.route('/logout') @login_required -- GitLab