gru/lista_zakupowa_live
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cookie value

Browse Source
This commit is contained in:
Mateusz Gruszczyński
2025-07-03 22:52:09 +02:00
parent b48d702aca
commit 84d902deb1
4 changed files with 19 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app.py
View File

@ -2,9 +2,8 @@ import os
import secrets
import time
from datetime import datetime, timedelta
from flask import Flask, render_template, redirect, url_for, request, flash, Blueprint, send_from_directory
from flask import Flask, render_template, redirect, url_for, request, flash, Blueprint, send_from_directory, request
from markupsafe import Markup
from flask_sqlalchemy import SQLAlchemy
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user
from flask_socketio import SocketIO, emit, join_room
@ -15,7 +14,6 @@ from werkzeug.utils import secure_filename
from werkzeug.middleware.proxy_fix import ProxyFix
from sqlalchemy import func
app = Flask(__name__)
app.config.from_object(Config)
app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1, x_host=1)
@ -24,6 +22,7 @@ DEFAULT_ADMIN_USERNAME = app.config.get('DEFAULT_ADMIN_USERNAME', 'admin')
DEFAULT_ADMIN_PASSWORD = app.config.get('DEFAULT_ADMIN_PASSWORD', 'admin123')
UPLOAD_FOLDER = app.config.get('UPLOAD_FOLDER', 'uploads')
ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif', 'webp'}
AUTHORIZED_COOKIE_VALUE = app.config.get('AUTHORIZED_COOKIE_VALUE', '80d31cdfe63539c9')
os.makedirs(UPLOAD_FOLDER, exist_ok=True)
@ -95,6 +94,11 @@ def load_user(user_id):
def inject_time():
return dict(time=time)
@app.context_processor
def inject_has_authorized_cookie():
return {'has_authorized_cookie': 'authorized' in request.cookies}
@app.before_request
def require_system_password():
if 'authorized' not in request.cookies \
@ -150,7 +154,7 @@ def system_auth():
db.session.commit()
flash(f'Utworzono konto administratora: login={DEFAULT_ADMIN_USERNAME}, hasło={DEFAULT_ADMIN_PASSWORD}')
resp = redirect(next_page)
resp.set_cookie('authorized', 'true')
resp.set_cookie('authorized', AUTHORIZED_COOKIE_VALUE)
return resp
flash('Nieprawidłowe hasło do systemu','danger')
return render_template('system_auth.html')