Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
La Quadrature du Net
piphone
piphone-sip
Commits
0935ed4b
Commit
0935ed4b
authored
Apr 19, 2017
by
okhin
🚴
Browse files
Merge branch '6-fix-auth-for-admin' into 'master'
Extremely basic auth for admin Closes #6 See merge request
!4
parents
868d8f6e
6618750c
Pipeline
#922
passed with stage
in 3 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
.gitlab-ci.yml
View file @
0935ed4b
...
...
@@ -3,7 +3,7 @@ before_script:
job install
:
variables
:
BASE_PATH
:
/srv/piphone/sip-backend/
VIRTUALENV
:
$
/srv/piphone/sip-backend/.sip-backend_env
VIRTUALENV
:
/srv/piphone/sip-backend/.sip-backend_env
script
:
-
rsync -ruC ./ ${BASE_PATH}
-
source ${VIRTUALENV}/bin/activate
...
...
piphone.py
View file @
0935ed4b
...
...
@@ -463,19 +463,29 @@ def static_files(filepath):
"""
return
static_file
(
filepath
,
root
=
'./views'
)
def
login_admin
(
user
,
password
):
user
=
db
.
execute
(
'SELECT api, token, admin FROM users where api = ?'
,
user
).
fetchone
()
if
user
is
None
:
# user does not exist
return
False
if
password
!=
user
[
1
]:
# password does not match
return
False
if
user
[
2
]
==
0
:
# User is not admin
return
False
return
True
@
app
.
get
(
'/admin'
)
@
auth
enticated
@
auth
_basic
(
login_admin
)
def
little_admin
(
db
):
# We need to check if we're admin
admin
=
db
.
execute
(
'SELECT admin FROM users WHERE api = ?'
,
(
request
.
params
[
'api'
],));
admin
=
admin
.
fetchone
()
if
admin
[
0
]
!=
1
:
abort
(
403
,
"You need to have an admin access"
)
users
=
db
.
execute
(
'SELECT api, token, admin FROM users'
).
fetchall
()
return
template
(
'index'
,
users
=
users
,
token
=
request
.
params
[
'token'
])
@
app
.
post
(
'/admin'
)
@
auth
enticated
@
auth
_basic
(
login_admin
)
def
medium_admin
(
db
):
api
=
request
.
forms
.
get
(
'api'
)
token
=
request
.
forms
.
get
(
'api_token'
)
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment