Commit 7ac2cdff authored by okhin's avatar okhin
Browse files

Using the JWT token to auth against the form for admin

parent 3509361d
Pipeline #788 passed with stage
in 2 seconds
...@@ -509,13 +509,13 @@ def little_admin(db): ...@@ -509,13 +509,13 @@ def little_admin(db):
if admin[0] != 1: if admin[0] != 1:
abort(403, "You need to have an admin access") abort(403, "You need to have an admin access")
users = db.execute('SELECT api, token, admin FROM users').fetchall() users = db.execute('SELECT api, token, admin FROM users').fetchall()
return template('index', users=users) return template('index', users=users, token=request.params['token'])
@app.post('/admin') @app.post('/admin')
@authenticated @authenticated
def medium_admin(db): def medium_admin(db):
api = request.forms.get('api') api = request.forms.get('api')
token = request.forms.get('token') token = request.forms.get('api_token')
admin = request.forms.get('admin') admin = request.forms.get('admin')
action = request.forms.get('action') action = request.forms.get('action')
......
...@@ -62,6 +62,7 @@ ...@@ -62,6 +62,7 @@
</div> </div>
<div class="panel-body"> <div class="panel-body">
<form name="action2" class="form form-vertical" action="admin" method="post"> <form name="action2" class="form form-vertical" action="admin" method="post">
<input type="hidden" name="token" value="{{token}}"></input>
<div class="control-group"> <div class="control-group">
<label>API</label> <label>API</label>
<div class="controls"> <div class="controls">
...@@ -71,7 +72,7 @@ ...@@ -71,7 +72,7 @@
<div class="control-group"> <div class="control-group">
<label>Token</label> <label>Token</label>
<div class="controls"> <div class="controls">
<input name="token" type="text" class="form-control" placeholder="Token"> <input name="api_token" type="text" class="form-control" placeholder="Token">
</div> </div>
</div> </div>
<div class="control-group"> <div class="control-group">
...@@ -98,4 +99,4 @@ ...@@ -98,4 +99,4 @@
<script src="static/js/jquery.min.js"></script> <script src="static/js/jquery.min.js"></script>
<script src="static/js/bootstrap.min.js"></script> <script src="static/js/bootstrap.min.js"></script>
</body> </body>
</html> </html>
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment