Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
La Quadrature du Net
piphone
piphone-sip
Commits
7ac2cdff
Commit
7ac2cdff
authored
Jan 24, 2017
by
okhin
Browse files
Using the JWT token to auth against the form for admin
parent
3509361d
Pipeline
#788
passed with stage
in 2 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
piphone.py
View file @
7ac2cdff
...
...
@@ -509,13 +509,13 @@ def little_admin(db):
if
admin
[
0
]
!=
1
:
abort
(
403
,
"You need to have an admin access"
)
users
=
db
.
execute
(
'SELECT api, token, admin FROM users'
).
fetchall
()
return
template
(
'index'
,
users
=
users
)
return
template
(
'index'
,
users
=
users
,
token
=
request
.
params
[
'token'
]
)
@
app
.
post
(
'/admin'
)
@
authenticated
def
medium_admin
(
db
):
api
=
request
.
forms
.
get
(
'api'
)
token
=
request
.
forms
.
get
(
'token'
)
token
=
request
.
forms
.
get
(
'
api_
token'
)
admin
=
request
.
forms
.
get
(
'admin'
)
action
=
request
.
forms
.
get
(
'action'
)
...
...
views/index.tpl
View file @
7ac2cdff
...
...
@@ -62,6 +62,7 @@
</div>
<div
class=
"panel-body"
>
<form
name=
"action2"
class=
"form form-vertical"
action=
"admin"
method=
"post"
>
<input
type=
"hidden"
name=
"token"
value=
"{
{
token
}
}"
></input>
<div
class=
"control-group"
>
<label>
API
</label>
<div
class=
"controls"
>
...
...
@@ -71,7 +72,7 @@
<div
class=
"control-group"
>
<label>
Token
</label>
<div
class=
"controls"
>
<input
name=
"token"
type=
"text"
class=
"form-control"
placeholder=
"Token"
>
<input
name=
"
api_
token"
type=
"text"
class=
"form-control"
placeholder=
"Token"
>
</div>
</div>
<div
class=
"control-group"
>
...
...
@@ -98,4 +99,4 @@
<script
src=
"static/js/jquery.min.js"
></script>
<script
src=
"static/js/bootstrap.min.js"
></script>
</body>
</html>
\ No newline at end of file
</html>
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment