Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
piphone-sip
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
4
Issues
4
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
La Quadrature du Net
piphone
piphone-sip
Commits
6618750c
Commit
6618750c
authored
Apr 19, 2017
by
okhin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Extremely basic uth for admin
parent
868d8f6e
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
17 additions
and
7 deletions
+17
-7
.gitlab-ci.yml
.gitlab-ci.yml
+1
-1
piphone.py
piphone.py
+16
-6
No files found.
.gitlab-ci.yml
View file @
6618750c
...
...
@@ -3,7 +3,7 @@ before_script:
job install
:
variables
:
BASE_PATH
:
/srv/piphone/sip-backend/
VIRTUALENV
:
$
/srv/piphone/sip-backend/.sip-backend_env
VIRTUALENV
:
/srv/piphone/sip-backend/.sip-backend_env
script
:
-
rsync -ruC ./ ${BASE_PATH}
-
source ${VIRTUALENV}/bin/activate
...
...
piphone.py
View file @
6618750c
...
...
@@ -463,19 +463,29 @@ def static_files(filepath):
"""
return
static_file
(
filepath
,
root
=
'./views'
)
def
login_admin
(
user
,
password
):
user
=
db
.
execute
(
'SELECT api, token, admin FROM users where api = ?'
,
user
).
fetchone
()
if
user
is
None
:
# user does not exist
return
False
if
password
!=
user
[
1
]:
# password does not match
return
False
if
user
[
2
]
==
0
:
# User is not admin
return
False
return
True
@
app
.
get
(
'/admin'
)
@
auth
enticated
@
auth
_basic
(
login_admin
)
def
little_admin
(
db
):
# We need to check if we're admin
admin
=
db
.
execute
(
'SELECT admin FROM users WHERE api = ?'
,
(
request
.
params
[
'api'
],));
admin
=
admin
.
fetchone
()
if
admin
[
0
]
!=
1
:
abort
(
403
,
"You need to have an admin access"
)
users
=
db
.
execute
(
'SELECT api, token, admin FROM users'
).
fetchall
()
return
template
(
'index'
,
users
=
users
,
token
=
request
.
params
[
'token'
])
@
app
.
post
(
'/admin'
)
@
auth
enticated
@
auth
_basic
(
login_admin
)
def
medium_admin
(
db
):
api
=
request
.
forms
.
get
(
'api'
)
token
=
request
.
forms
.
get
(
'api_token'
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment