Commit 7ac2cdff authored by okhin's avatar okhin 🚴

Using the JWT token to auth against the form for admin

parent 3509361d
Pipeline #788 passed with stage
in 2 seconds
......@@ -509,13 +509,13 @@ def little_admin(db):
if admin[0] != 1:
abort(403, "You need to have an admin access")
users = db.execute('SELECT api, token, admin FROM users').fetchall()
return template('index', users=users)
return template('index', users=users, token=request.params['token'])
@app.post('/admin')
@authenticated
def medium_admin(db):
api = request.forms.get('api')
token = request.forms.get('token')
token = request.forms.get('api_token')
admin = request.forms.get('admin')
action = request.forms.get('action')
......
......@@ -62,6 +62,7 @@
</div>
<div class="panel-body">
<form name="action2" class="form form-vertical" action="admin" method="post">
<input type="hidden" name="token" value="{{token}}"></input>
<div class="control-group">
<label>API</label>
<div class="controls">
......@@ -71,7 +72,7 @@
<div class="control-group">
<label>Token</label>
<div class="controls">
<input name="token" type="text" class="form-control" placeholder="Token">
<input name="api_token" type="text" class="form-control" placeholder="Token">
</div>
</div>
<div class="control-group">
......@@ -98,4 +99,4 @@
<script src="static/js/jquery.min.js"></script>
<script src="static/js/bootstrap.min.js"></script>
</body>
</html>
\ No newline at end of file
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment