Updated login
This commit is contained in:
@@ -11,8 +11,6 @@ import csv
|
||||
from .warehouse import add_location
|
||||
from .settings import settings_handler, edit_access_roles_handler
|
||||
|
||||
bp = Blueprint('main', __name__)
|
||||
warehouse_bp = Blueprint('warehouse', __name__)
|
||||
bp = Blueprint('main', __name__)
|
||||
warehouse_bp = Blueprint('warehouse', __name__)
|
||||
|
||||
@@ -53,25 +51,70 @@ def get_db_connection():
|
||||
|
||||
@bp.route('/login', methods=['GET', 'POST'])
|
||||
def login():
|
||||
import sqlite3
|
||||
if request.method == 'POST':
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
user = None
|
||||
print("Raw form input:", repr(username), repr(password))
|
||||
# Only check external MariaDB for user authentication
|
||||
try:
|
||||
conn = get_db_connection()
|
||||
cursor = conn.cursor()
|
||||
cursor.execute("SHOW TABLES LIKE 'users'")
|
||||
if cursor.fetchone():
|
||||
cursor.execute("SELECT username, password, role FROM users WHERE username=%s AND password=%s", (username.strip(), password.strip()))
|
||||
row = cursor.fetchone()
|
||||
print("External DB query result:", row)
|
||||
if row:
|
||||
user = {'username': row[0], 'password': row[1], 'role': row[2]}
|
||||
conn.close()
|
||||
except Exception as e:
|
||||
print("External DB error:", e)
|
||||
|
||||
# Logic: If username starts with #, check internal SQLite database
|
||||
if username.startswith('#'):
|
||||
username_clean = username[1:].strip()
|
||||
password_clean = password.strip()
|
||||
print(f"Checking internal database for: {username_clean}")
|
||||
|
||||
# Check internal SQLite database (py_app/instance/users.db)
|
||||
internal_db_path = os.path.join(os.path.dirname(__file__), '../instance/users.db')
|
||||
try:
|
||||
conn = sqlite3.connect(internal_db_path)
|
||||
cursor = conn.cursor()
|
||||
cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='users'")
|
||||
if cursor.fetchone():
|
||||
cursor.execute("SELECT username, password, role FROM users WHERE username=? AND password=?", (username_clean, password_clean))
|
||||
row = cursor.fetchone()
|
||||
print("Internal DB query result:", row)
|
||||
if row:
|
||||
user = {'username': row[0], 'password': row[1], 'role': row[2]}
|
||||
else:
|
||||
print("No users table in internal database")
|
||||
conn.close()
|
||||
except Exception as e:
|
||||
print("Internal DB error:", e)
|
||||
|
||||
else:
|
||||
# Check external MariaDB database first
|
||||
try:
|
||||
conn = get_db_connection()
|
||||
cursor = conn.cursor()
|
||||
cursor.execute("SHOW TABLES LIKE 'users'")
|
||||
if cursor.fetchone():
|
||||
cursor.execute("SELECT username, password, role FROM users WHERE username=%s AND password=%s", (username.strip(), password.strip()))
|
||||
row = cursor.fetchone()
|
||||
print("External DB query result:", row)
|
||||
if row:
|
||||
user = {'username': row[0], 'password': row[1], 'role': row[2]}
|
||||
conn.close()
|
||||
except Exception as e:
|
||||
print("External DB error:", e)
|
||||
|
||||
# Fallback to internal database if external fails
|
||||
print("Falling back to internal database")
|
||||
internal_db_path = os.path.join(os.path.dirname(__file__), '../instance/users.db')
|
||||
try:
|
||||
conn = sqlite3.connect(internal_db_path)
|
||||
cursor = conn.cursor()
|
||||
cursor.execute("SELECT name FROM sqlite_master WHERE type='table' AND name='users'")
|
||||
if cursor.fetchone():
|
||||
cursor.execute("SELECT username, password, role FROM users WHERE username=? AND password=?", (username.strip(), password.strip()))
|
||||
row = cursor.fetchone()
|
||||
print("Internal DB fallback query result:", row)
|
||||
if row:
|
||||
user = {'username': row[0], 'password': row[1], 'role': row[2]}
|
||||
conn.close()
|
||||
except Exception as e2:
|
||||
print("Internal DB fallback error:", e2)
|
||||
|
||||
if user:
|
||||
session['user'] = user['username']
|
||||
session['role'] = user['role']
|
||||
|
||||
Reference in New Issue
Block a user