def config(): # simulate the latency of an external API request import time time.sleep(0.25) # hide the existence of this route if not an admin if not g.user or ROLES[g.user.role] != ROLES[0]: return abort(404) if request.method == 'POST': Config.get_by_name('CSRF_PROTECT').value = request.form.get( 'csrf_protect') == 'on' or False Config.get_by_name('BEARER_AUTH_ENABLE').value = request.form.get( 'bearer_enable') == 'on' or False Config.get_by_name('CORS_RESTRICT').value = request.form.get( 'cors_restrict') == 'on' or False Config.get_by_name('OIDC_ENABLE').value = request.form.get( 'oidc_enable') == 'on' or False db.session.commit() flash('Configuration updated') return render_template('config.html')