def getPw(theUsername): try: user = modLib.Users.query.filter_by(username = theUsername).all() if len(user) > 0: return user[0].pwdhash.decode('utf-8') if modLib.isInitialSetup(): if theUsername in defaultCreds: return defaultCreds.get(theUsername) else: if theUsername in getUsernames(): return userCreds.get(theUsername) except: None return None
def wrapped(*args, **kwargs): if modLib.isInitialSetup(): return redirect("/admin/initialUserSetup") if 'username' not in session: session['username'] = auth.username() session['role'] = modLib.getRole(session['username']) if type(roles) is list: if session['role'] not in roles: return notAuthorized() elif type(roles) is str: if modLib.getRoleValue(session['role']) > modLib.getRoleValue(roles): return notAuthorized() else: print("#### ERROR: 'roles' NOT A VALID TYPE ####") return secureError() return f(*args, **kwargs)
def initialUserSetup(): if not modLib.isInitialSetup(): return redirect(url_for("welcome")) if request.method == 'POST': email = request.form.get('email', None) password = request.form.get('password', None) cPassword = request.form.get('confirm_password', None) md5_Digest = request.form.get('md5_Digest', None) role = request.form.get('role') if email not in modLib.getUsernames(): newuser = modLib.Users(email, md5_Digest.encode('utf-8'), role) modLib.db.session.add(newuser) modLib.db.session.commit() return redirect(url_for("signout")) return render_template("addUser.html", common = sysLib.getCommonInfo({"username": "******"}, "initialUserSetup"), roles = [{"value": "admin", "name":"Admin"}], isInitial = True )