def auth_login(request): ''' Base Login Function. This function is what will handle all of the authentication for the API and the UI. While both behave differently as they are different interfaces into the data, they both handle authentication the same way. :prarm request: The request object for the given page. :prarm db: The SQLAlchemy session object from the page. :type request: request object :type db: Session object :return: bool ''' s = SettingSession() loggedin = False if not auth(request): username = request.forms.get('username') password = request.forms.get('password') #try: user = s.query(User).filter_by(name=username).one() #except: # pass #else: if user.check(password): loggedin = True s.close() return loggedin
def setting(name): ''' Retreives the specified setting object from the database. By abstracting this out, we can save a lot of menotinous code. :param name: Setting name :param s: Session object :type name: str :type s: Session Object :return: Setting Object ''' s = SettingSession() item = s.query(Setting).filter_by(name=name).one() s.close() return item
def update_settings(settings): ''' Settings Updater ''' s = SettingSession() for item in settings: if item == 'database': config.update(settings[item]) else: settingobj = setting(item) if item == 'server_password': if settings[item] != '1234567890': settingobj.value = settings[item] else: settingobj.value = settings[item] s.merge(settingobj) s.commit() s.close() common.log_to_console() common.log_to_file() monitor.autostart()
def auth(request): ''' Authentication Check. Returns True or False based on if the account cookie is set. :prarm request: The request object for the given page. :prarm db: The SQLAlchemy session object from the page. :type request: request object :type db: Session object :return: bool ''' s = SettingSession() name = request.get_cookie('user', secret=setting('cookie_key').value) try: sensor = s.query(User).filter_by(name=name).one() value = True except: value = False s.close() return value
def user_settings(db): ''' User Management Page ''' s = SettingSession() if auth(request) and request.method == 'POST': username = request.forms.get('username') password = request.forms.get('password') action = request.forms.get('action') if action == 'Create': s.add(User(username, password)) if action == 'Update': user = s.query(User).filter_by(name=username).one() user.update(password) s.merge(user) if action == 'Remove' and username != 'admin': user = s.query(User).filter_by(name=username).one() s.delete(user) s.commit() users = s.query(User).all() s.close() return env.get_template('settings_users.html').render(auth=auth(request), users=users)