def settings():
s = Settings.query.one()
saved = False
blog_form = BlogSettingsForm(prefix='blog')
user_form = UserSettingsForm(prefix='user')
if 'blog-submit' in request.form and blog_form.validate_on_submit():
s.blog_name = blog_form.blog_name.data
s.blog_description = blog_form.blog_description.data
s.blog_author = blog_form.blog_author.data
s.custom_html = blog_form.custom_html.data
db.session.commit()
saved = True
if 'user-submit' in request.form and user_form.validate_on_submit():
salt = crypt.generate_salt()
s.username = user_form.username.data
s.password = crypt.hash_password(user_form.password.data, salt)
s.salt = salt
db.session.commit()
saved = True
blog_form.blog_name.data = s.blog_name
blog_form.blog_description.data = s.blog_description
blog_form.blog_author.data = s.blog_author
blog_form.custom_html.data = s.custom_html
user_form.username.data = s.username
return render_template(
'admin/settings.jinja2',
blog_form=blog_form,
user_form=user_form,
saved=saved
)
def install():
if db.engine.dialect.has_table(db.engine.connect(), 'settings'):
return redirect(url_for('regular.index'))
g.settings = {
'blog_name': 'Installation',
'blog_description': ''
}
form = InstallForm()
error = None
if form.validate_on_submit():
try:
db.create_all()
salt = crypt.generate_salt()
db.session.add(Settings(
username=form.username.data,
password=crypt.hash_password(form.password.data, salt),
salt=salt,
blog_name=form.blog_name.data,
blog_description=form.blog_description.data,
blog_author=form.blog_author.data
))
db.session.commit()
return redirect(url_for('regular.index'))
except SQLAlchemyError as exc:
db.session.rollback()
error = str(exc)
return render_template('admin/install.jinja2', form=form, error=error)
def login():
if 'logged_in' in session:
return redirect(url_for('regular.index'))
login_failed = False
form = LoginForm()
if form.validate_on_submit():
login_failed = True
s = Settings.query.one()
if s.username == form.username.data:
password_hash = crypt.hash_password(form.password.data, s.salt)
if s.password == password_hash:
session['logged_in'] = True
return redirect(url_for('regular.index'))
return render_template(
'admin/login.jinja2',
form=form,
login_failed=login_failed
)
def test_hash_password(self):
hashed_password = hash_password('password', bytes([0] * 16))
self.assertEquals(
b'cae6c57cbde71ad375b2539f7ca174ba9b140f47d1c975dda1c9c955b9a7a0b2',
hexlify(hashed_password)
)