Skip to content

GitLab

Commit 907ac1f3 authored by Vladislav Rykov's avatar Vladislav Rykov
Browse files

user roles + dafault user admin

parent 398a74a4
Hide whitespace changes
Inline Side-by-side
app/app/dao/user/user.py
View file @ 907ac1f3
...@@ -3,14 +3,14 @@ import bcrypt ...@@ -3,14 +3,14 @@ import bcrypt
@with_psql @with_psql
def create(cur, name, password): def create(cur, name, password, role):
query = """ query = """
INSERT INTO INSERT INTO
users users
VALUES VALUES
(%s, %s) (%s, %s, %s)
""" """
cur.execute(query, (name, bcrypt.hashpw(password, bcrypt.gensalt()))) cur.execute(query, (name, bcrypt.hashpw(password, bcrypt.gensalt()).decode('utf-8'), role))
return (True,) return (True,)
@with_psql @with_psql
......
app/app/templates/layout.html
View file @ 907ac1f3
...@@ -40,6 +40,7 @@ ...@@ -40,6 +40,7 @@
<div class="container"> <div class="container">
{% block content %} {% endblock %} {% block content %} {% endblock %}
<br><br>
<div class="col-md-6 col-md-offset-3"> <div class="col-md-6 col-md-offset-3">
{% with messages = get_flashed_messages(with_categories=true) %} {% with messages = get_flashed_messages(with_categories=true) %}
{% if messages %} {% if messages %}
......
app/app/views.py
View file @ 907ac1f3
...@@ -42,11 +42,11 @@ def signup(): ...@@ -42,11 +42,11 @@ def signup():
if (username == '' or password == ''): if (username == '' or password == ''):
feedback = 'Username or password fields cannot be empty' feedback = 'Username or password fields cannot be empty'
return render_template('public/signup.html', feedback=feedback) return render_template('public/signup.html', feedback=feedback)
elif (len(password) < 8): #elif (len(password) < 8):
flash('Password length must be at least 8 characters.', 'danger') # flash('Password length must be at least 8 characters.', 'danger')
return redirect(request.url) # return redirect(request.url)
else: else:
res = ud.create(username, password) res = ud.create(username, password, 'user')
if (not res[0]): if (not res[0]):
flash('Error: {}'.format(res[1]), 'danger') flash('Error: {}'.format(res[1]), 'danger')
return redirect(request.url) return redirect(request.url)
......
db.sql
View file @ 907ac1f3
...@@ -68,7 +68,8 @@ CREATE TABLE public.pend_msgs ( ...@@ -68,7 +68,8 @@ CREATE TABLE public.pend_msgs (
CREATE TABLE public.users ( CREATE TABLE public.users (
name character varying(30) NOT NULL, name character varying(30) NOT NULL,
password character varying(100) NOT NULL password character varying(100) NOT NULL,
role character varying(10) NOT NULL
); );
...@@ -105,6 +106,7 @@ ALTER TABLE ONLY public.applications ...@@ -105,6 +106,7 @@ ALTER TABLE ONLY public.applications
ADD CONSTRAINT applications_username_fkey FOREIGN KEY (username) REFERENCES public.users(name); ADD CONSTRAINT applications_username_fkey FOREIGN KEY (username) REFERENCES public.users(name);
INSERT INTO public.users VALUES('admin', '$2b$12$chdF4ji1maIRLd4ms4s4yugFv.2BTvOAwiaWi6iRlTJzlGKjpTcA.', 'admin')
-- --
-- PostgreSQL database dump complete -- PostgreSQL database dump complete
-- --
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment