def index(): # if it's the first run, we allow in # otherwise we ask for the password if is_first_run(): identity_changed.send(admin, identity=Identity('admin')) try: admin_permission.test() return render_template('admin/index.html', first_run=is_first_run()) except PermissionDenied: return redirect(url_for('login'))
def login(): if is_first_run(): return redirect(url_for('index')) wrong = False if request.method == 'POST': input = sha256(request.form['password']).hexdigest() config = GlobalConfig() if 'password' not in config: wrong = True elif input == config['password']: session['admin'] = True identity_changed.send(admin, identity=Identity('admin')) return redirect(url_for('index')) else: wrong = True return render_template('admin/admin_login.html', wrong=wrong)