added user registration and login
This commit is contained in:
130
app.py
130
app.py
@@ -1,14 +1,22 @@
|
||||
import os
|
||||
from werkzeug.utils import secure_filename
|
||||
from flask import Flask, render_template, request, redirect, url_for
|
||||
from flask_sqlalchemy import SQLAlchemy
|
||||
from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user
|
||||
from flask_bcrypt import Bcrypt
|
||||
from werkzeug.utils import secure_filename
|
||||
from functools import wraps
|
||||
from flask_migrate import Migrate
|
||||
|
||||
app = Flask(__name__)
|
||||
|
||||
# Set the secret key to a fixed value
|
||||
app.config['SECRET_KEY'] = 'Ana_Are_Multe_Mere-Si_Nu_Are_Pere'
|
||||
|
||||
# Configurare baza de date SQLite
|
||||
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///dashboard.db'
|
||||
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
|
||||
db = SQLAlchemy(app)
|
||||
bcrypt = Bcrypt(app)
|
||||
|
||||
UPLOAD_FOLDER = 'static/uploads'
|
||||
app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
|
||||
@@ -17,13 +25,30 @@ app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
|
||||
if not os.path.exists(UPLOAD_FOLDER):
|
||||
os.makedirs(UPLOAD_FOLDER)
|
||||
|
||||
login_manager = LoginManager(app)
|
||||
login_manager.login_view = 'login'
|
||||
|
||||
migrate = Migrate(app, db)
|
||||
|
||||
|
||||
@login_manager.user_loader
|
||||
def load_user(user_id):
|
||||
return User.query.get(int(user_id))
|
||||
|
||||
# Modele pentru baza de date
|
||||
class User(db.Model, UserMixin):
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
username = db.Column(db.String(80), unique=True, nullable=False)
|
||||
password = db.Column(db.String(120), nullable=False)
|
||||
role = db.Column(db.String(20), nullable=False, default='user')
|
||||
|
||||
class Player(db.Model):
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
username = db.Column(db.String(80), nullable=False)
|
||||
hostname = db.Column(db.String(120), nullable=False)
|
||||
ip = db.Column(db.String(15), nullable=False)
|
||||
password = db.Column(db.String(120), nullable=False)
|
||||
user_id = db.Column(db.Integer, db.ForeignKey('user.id', name='fk_user_id'), nullable=True)
|
||||
|
||||
class Group(db.Model):
|
||||
id = db.Column(db.Integer, primary_key=True)
|
||||
@@ -42,13 +67,52 @@ class Content(db.Model):
|
||||
player_id = db.Column(db.Integer, db.ForeignKey('player.id'), nullable=True)
|
||||
group_id = db.Column(db.Integer, db.ForeignKey('group.id'), nullable=True)
|
||||
|
||||
def admin_required(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
if current_user.role != 'admin':
|
||||
return redirect(url_for('dashboard'))
|
||||
return f(*args, **kwargs)
|
||||
return decorated_function
|
||||
|
||||
@app.route('/')
|
||||
@login_required
|
||||
def dashboard():
|
||||
players = Player.query.all()
|
||||
groups = Group.query.all()
|
||||
return render_template('dashboard.html', players=players, groups=groups)
|
||||
|
||||
@app.route('/register', methods=['GET', 'POST'])
|
||||
def register():
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
hashed_password = bcrypt.generate_password_hash(password).decode('utf-8')
|
||||
new_user = User(username=username, password=hashed_password, role='user')
|
||||
db.session.add(new_user)
|
||||
db.session.commit()
|
||||
return redirect(url_for('login'))
|
||||
return render_template('register.html')
|
||||
|
||||
@app.route('/login', methods=['GET', 'POST'])
|
||||
def login():
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
user = User.query.filter_by(username=username).first()
|
||||
if user and bcrypt.check_password_hash(user.password, password):
|
||||
login_user(user)
|
||||
return redirect(url_for('dashboard'))
|
||||
return render_template('login.html')
|
||||
|
||||
@app.route('/logout')
|
||||
@login_required
|
||||
def logout():
|
||||
logout_user()
|
||||
return redirect(url_for('login'))
|
||||
|
||||
@app.route('/add_player', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def add_player():
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
@@ -65,6 +129,7 @@ def add_player():
|
||||
return render_template('add_player.html')
|
||||
|
||||
@app.route('/add_group', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def add_group():
|
||||
if request.method == 'POST':
|
||||
group_name = request.form['group_name']
|
||||
@@ -84,6 +149,7 @@ def add_group():
|
||||
return render_template('add_group.html', players=players)
|
||||
|
||||
@app.route('/upload_content', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def upload_content():
|
||||
if request.method == 'POST':
|
||||
target_type = request.form['target_type']
|
||||
@@ -92,22 +158,18 @@ def upload_content():
|
||||
duration = int(request.form['duration'])
|
||||
|
||||
for file in files:
|
||||
if target_type == 'player':
|
||||
new_content = Content(file_name=file.filename, duration=duration, player_id=int(target_id))
|
||||
elif target_type == 'group':
|
||||
new_content = Content(file_name=file.filename, duration=duration, group_id=int(target_id))
|
||||
filename = secure_filename(file.filename)
|
||||
file_path = os.path.join(app.config['UPLOAD_FOLDER'], filename)
|
||||
file.save(file_path)
|
||||
new_content = Content(file_name=filename, duration=duration, player_id=target_id if target_type == 'player' else None, group_id=target_id if target_type == 'group' else None)
|
||||
db.session.add(new_content)
|
||||
|
||||
db.session.commit()
|
||||
return redirect(url_for('dashboard'))
|
||||
|
||||
players = Player.query.all()
|
||||
groups = Group.query.all()
|
||||
return render_template('upload_content.html', players=players, groups=groups)
|
||||
|
||||
# ...existing code...
|
||||
return render_template('upload_content.html')
|
||||
|
||||
@app.route('/content/<int:content_id>/edit', methods=['POST'])
|
||||
@login_required
|
||||
def edit_content(content_id):
|
||||
content = Content.query.get_or_404(content_id)
|
||||
new_duration = int(request.form['duration'])
|
||||
@@ -116,6 +178,7 @@ def edit_content(content_id):
|
||||
return redirect(url_for('player_page', player_id=content.player_id))
|
||||
|
||||
@app.route('/content/<int:content_id>/delete', methods=['POST'])
|
||||
@login_required
|
||||
def delete_content(content_id):
|
||||
content = Content.query.get_or_404(content_id)
|
||||
player_id = content.player_id
|
||||
@@ -123,21 +186,22 @@ def delete_content(content_id):
|
||||
db.session.commit()
|
||||
return redirect(url_for('player_page', player_id=player_id))
|
||||
|
||||
# ...existing code...
|
||||
|
||||
@app.route('/player/<int:player_id>/fullscreen')
|
||||
@login_required
|
||||
def player_fullscreen(player_id):
|
||||
player = Player.query.get_or_404(player_id)
|
||||
content = Content.query.filter_by(player_id=player_id).all()
|
||||
return render_template('player_fullscreen.html', player=player, content=content)
|
||||
|
||||
@app.route('/player/<int:player_id>')
|
||||
@login_required
|
||||
def player_page(player_id):
|
||||
player = Player.query.get_or_404(player_id)
|
||||
content = Content.query.filter_by(player_id=player_id).all()
|
||||
return render_template('player_page.html', player=player, content=content)
|
||||
|
||||
@app.route('/player/<int:player_id>/upload', methods=['POST'])
|
||||
@login_required
|
||||
def upload_content_to_player(player_id):
|
||||
player = Player.query.get_or_404(player_id)
|
||||
files = request.files.getlist('files')
|
||||
@@ -154,12 +218,52 @@ def upload_content_to_player(player_id):
|
||||
return redirect(url_for('player_page', player_id=player_id))
|
||||
|
||||
@app.route('/player/<int:player_id>/delete', methods=['POST'])
|
||||
@login_required
|
||||
def delete_player(player_id):
|
||||
player = Player.query.get_or_404(player_id)
|
||||
db.session.delete(player)
|
||||
db.session.commit()
|
||||
return redirect(url_for('dashboard'))
|
||||
|
||||
@app.route('/admin')
|
||||
@login_required
|
||||
@admin_required
|
||||
def admin():
|
||||
users = User.query.all()
|
||||
return render_template('admin.html', users=users)
|
||||
|
||||
@app.route('/admin/change_role/<int:user_id>', methods=['POST'])
|
||||
@login_required
|
||||
@admin_required
|
||||
def change_role(user_id):
|
||||
user = User.query.get_or_404(user_id)
|
||||
new_role = request.form['role']
|
||||
user.role = new_role
|
||||
db.session.commit()
|
||||
return redirect(url_for('admin'))
|
||||
|
||||
@app.route('/admin/delete_user/<int:user_id>', methods=['POST'])
|
||||
@login_required
|
||||
@admin_required
|
||||
def delete_user(user_id):
|
||||
user = User.query.get_or_404(user_id)
|
||||
db.session.delete(user)
|
||||
db.session.commit()
|
||||
return redirect(url_for('admin'))
|
||||
|
||||
@app.route('/admin/create_user', methods=['POST'])
|
||||
@login_required
|
||||
@admin_required
|
||||
def create_user():
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
role = request.form['role']
|
||||
hashed_password = bcrypt.generate_password_hash(password).decode('utf-8')
|
||||
new_user = User(username=username, password=hashed_password, role=role)
|
||||
db.session.add(new_user)
|
||||
db.session.commit()
|
||||
return redirect(url_for('admin'))
|
||||
|
||||
if __name__ == '__main__':
|
||||
with app.app_context():
|
||||
db.create_all() # Creează toate tabelele
|
||||
|
||||
Reference in New Issue
Block a user