def initialize(self):
conf = WechatConf(
token = config.cfg_get("token"),
appid=config.cfg_get("appid"),
appsecret = config.cfg_get("appsecret"),
encrypt_mode = config.cfg_get("encrypt_mode"),
encoding_aes_key = config.cfg_get("encoding_aes_key")
)
self._wechat = WechatBasic(conf=conf)
config.init_logger()
def render_page(htmlfile):
log(4, "template page: %s" % htmlfile)
page = get_page(htmlfile)
if page == None:
return ("NOT FOUND", 404, {})
else:
if current_user.has_groups(page.ACL):
return render_template(htmlfile, title=cfg_get("AppTitle"))
else:
return ("FORBIDDEN", 403, {})
def handle_users():
is_admin = current_user.has_group("admins")
if request.method == "POST":
action = get_dict_default(request.form, "action", "")
name = get_dict_default(request.form, "user", "")
pwd1 = get_dict_default(request.form, "password1", "")
pwd2 = get_dict_default(request.form, "password2", "")
groups = get_dict_default(request.form, "groups", "")
if action == "create" or action == "update":
if name != "" and pwd1 != "" and pwd2 != "":
if (not is_admin) and (name != current_user.name):
flash("Operation permitted only to Administrators", "error")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
else:
if pwd1 != pwd2:
flash("Passwords are different!", "error")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
else:
user = create_user(name, pwd1)
if is_admin:
grps = groups.split(',')
grps = map(stripstr, grps)
else:
grps = current_user.groups
for grp in grps:
user.add_group(grp)
add_or_modify_user(user)
if action == "create":
flash("User '%s' created" % name, "info")
else:
flash("User '%s' modified" % name, "info")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
else:
flash("All fields must be compiled!", "error")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
elif action == "delete":
if name != "":
if (not is_admin) and (name != current_user.name):
flash("Operation permitted only to Administrators", "error")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
else:
del_user(name)
flash("User '%s' deleted" % name, "info")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
else:
flash("User name missing!" % name, "error")
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
else:
return ("Internal Server Error", 500, {})
else:
return render_template("users.html", title=cfg_get("AppTitle"), users=get_users(is_admin))
def home():
title = cfg_get("AppTitle")
pages = []
is_admin = current_user.has_group("admins")
if is_admin:
pages.append((url_for('handle_users'), "Manage Users"))
pg = get_pages()
for p in pg:
page = get_page(p)
if current_user.has_groups(page.ACL):
pages.append((url_for('render_page', htmlfile=page.template), page.description))
return render_template('home.html', title=title, pages=pages)
def init_websrv(base_path):
global web_app
global login_manager
global dir_scripts
dir_scripts = os.path.join(base_path, "scripts")
app_name = cfg_get("AppName")
#web_app = Flask(appname)
web_app.secret_key = os.urandom(16)
#login_manager = LoginManager()
login_manager.init_app(web_app)
login_manager.login_view = "/login"
#set static directory
web_app.static_folder = os.path.join(base_path, "static")
#set template directory
dir_tmpl = os.path.join(base_path, "templates")
tmpl_loader = jinja2.ChoiceLoader([ jinja2.FileSystemLoader([dir_tmpl]) ])
web_app.jinja_loader = tmpl_loader
def login():
if request.method == "POST":
name = request.form['username']
passw = request.form['password']
user = get_user(name)
if user == None:
flash('Wrong User!', 'error')
return redirect("/login")
else:
user.verify_password(passw)
if user.is_authenticated:
login_user(user)
return redirect("/")
else:
flash('Wrong Password!', 'error')
return redirect("/login")
else:
return render_template("login.html", title=cfg_get("AppTitle"))