aboutsummaryrefslogtreecommitdiffstats
path: root/scanner/floatapp/login.py
blob: d68132b8470b74e344f82686bcec60a088b086d8 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

from floatapp import app, login_manager
from flask import request, abort
from flask_login import current_user, UserMixin
from functools import wraps

class User(UserMixin):
	def __init__(self, id, admin=False):
		self.admin = admin
		self.id = id

photo_user = User("user")
admin_user = User("admin", True)

@login_manager.user_loader
def load_user(id):
	if id == "user":
		return photo_user
	elif id == "admin":
		return admin_user
	return None

@login_manager.unauthorized_handler
def unauthorized():
	return abort(403)

def login_required(fn):
	@wraps(fn)
	def decorated_view(*args, **kwargs):
		if query_is_admin_user(request.args) or query_is_photo_user(request.args) or current_user.is_authenticated():
			return fn(*args, **kwargs)
		return app.login_manager.unauthorized()
	return decorated_view

def admin_required(fn):
	@wraps(fn)
	def decorated_view(*args, **kwargs):
		if query_is_admin_user(request.args) or (current_user.is_authenticated() and current_user.admin):
			return fn(*args, **kwargs)
		return app.login_manager.unauthorized()
	return decorated_view

def query_is_photo_user(query):
	username = query.get("username", None)
	password = query.get("password", None)
	return username == app.config["PHOTO_USERNAME"] and password == app.config["PHOTO_PASSWORD"]

def query_is_admin_user(query):
	username = query.get("username", None)
	password = query.get("password", None)
	return username == app.config["ADMIN_USERNAME"] and password == app.config["ADMIN_PASSWORD"]

def is_authenticated():
	return query_is_admin_user(request.args) or query_is_photo_user(request.args) or current_user.is_authenticated()
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.