Add login_required decorator
This commit is contained in:
parent
57c2fb4ce9
commit
4288eca551
@ -1,4 +1,5 @@
|
||||
from flask import Flask
|
||||
from flask import Flask, url_for, session, redirect, request
|
||||
from functools import wraps
|
||||
import sqlite3
|
||||
import os
|
||||
import string
|
||||
@ -14,6 +15,17 @@ DATABASE = app.config['DATABASE']
|
||||
DOSSIER_PERSO = app.config['DOSSIER_APP']
|
||||
DATABASE = app.config['DATABASE']
|
||||
|
||||
|
||||
def login_required(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
if 'username' not in session:
|
||||
return redirect(url_for('loginlogout.login', next=request.url))
|
||||
return f(*args, **kwargs)
|
||||
return decorated_function
|
||||
|
||||
|
||||
|
||||
def append_to_log(log_line, user):
|
||||
log_file=os.path.join(DOSSIER_PERSO, user, "log.txt")
|
||||
logs=open(log_file, "r")
|
||||
|
||||
@ -7,6 +7,7 @@ import sqlite3
|
||||
from markdown import markdown
|
||||
from tools.filesutils import getFileSizeKo
|
||||
import string
|
||||
from tools.utils import login_required
|
||||
|
||||
blog = Blueprint('blog', __name__, template_folder='templates')
|
||||
|
||||
@ -24,8 +25,8 @@ DOSSIER_PUBLIC= app.config['DOSSIER_PUBLIC']+'/'
|
||||
################################################################################
|
||||
|
||||
@blog.route('/myblog/new-article/', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def new_article():
|
||||
if 'username' in session:
|
||||
user = '%s'% escape(session['username'])
|
||||
folder_blog = DOSSIER_PERSO + user + "/blog/articles/"
|
||||
if request.method == 'POST':
|
||||
@ -47,12 +48,10 @@ def new_article():
|
||||
return redirect(url_for('blog.list_articles_blog'))
|
||||
else:
|
||||
return render_template('new_article_blog.html')
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@blog.route('/myblog/list-articles/', methods=['GET'])
|
||||
@login_required
|
||||
def list_articles_blog():
|
||||
if 'username' in session:
|
||||
user = '%s'% escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -73,13 +72,10 @@ def list_articles_blog():
|
||||
list_posts=posts,
|
||||
nb_articles=nb_articles
|
||||
)
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@blog.route('/myblog/delete/<title>')
|
||||
@login_required
|
||||
def delete(title):
|
||||
if 'username' in session :
|
||||
user='%s'% escape(session['username'])
|
||||
folder_blog = DOSSIER_PERSO + user + "/blog/articles/"
|
||||
folder_blog_public = DOSSIER_PUBLIC + user + "/blog/articles/"
|
||||
@ -92,12 +88,10 @@ def delete(title):
|
||||
os.remove(folder_blog+filename+".md")
|
||||
os.remove(folder_blog_public+filename+".html")
|
||||
return redirect(url_for('blog.list_articles_blog'))
|
||||
else:
|
||||
return redirect(BASE_URL, code=401) # sinon on redirige vers login
|
||||
|
||||
@blog.route('/myblog/edit/<title>', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def edit(title):
|
||||
if 'username' in session :
|
||||
user='%s'% escape(session['username'])
|
||||
filename = title.replace(" ", "_") + ".md"
|
||||
folder_blog = DOSSIER_PERSO + user + "/blog/articles/"
|
||||
@ -132,8 +126,6 @@ def edit(title):
|
||||
section='Post-it',
|
||||
oldpost=oldpost,
|
||||
content=content)
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@blog.route('/blog/<username>/', methods=['GET'])
|
||||
def view(username):
|
||||
|
||||
@ -9,6 +9,7 @@ import sqlite3
|
||||
import os
|
||||
from shutil import move
|
||||
from tools.filesutils import getFileSizeMo, getFileSizeKo, check_and_create
|
||||
from tools.utils import login_required
|
||||
|
||||
filesupload = Blueprint('filesupload', __name__, template_folder='templates')
|
||||
|
||||
@ -28,10 +29,22 @@ BASE_URL= app.config['BASE_URL']
|
||||
|
||||
|
||||
@filesupload.route( '/filesupload/', methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def uploadfiles():
|
||||
if 'username' in session :
|
||||
user = '%s'% escape(session['username'])
|
||||
if request.method == 'POST' :
|
||||
|
||||
if 'fic' not in request.files:
|
||||
flash(u'Mauvais format de ficher', 'error')
|
||||
return redirect(request.url)
|
||||
file = request.files['fic']
|
||||
|
||||
# If the user does not select a file, the browser submits an
|
||||
# empty file without a filename.
|
||||
if file.filename == '':
|
||||
flash(u'Vous avez oubliez de selectionner un fichier', 'error' )
|
||||
return redirect(request.url)
|
||||
|
||||
files = request.files.getlist('fic')
|
||||
for f in files :
|
||||
nom = secure_filename(f.filename)
|
||||
@ -65,19 +78,15 @@ def uploadfiles():
|
||||
LOG.close() # Ferme log.txt
|
||||
flash(u'Fichier envoyé avec succés', 'succes')
|
||||
|
||||
else:
|
||||
flash(u'Error : Vous avez oublié le fichier !', 'error')
|
||||
return redirect(url_for('filesupload.uploadfiles'))
|
||||
|
||||
resp = make_response(render_template('up_up.html', section="Upload"))
|
||||
resp.set_cookie('username', session['username'])
|
||||
return resp
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@filesupload.route('/view/')
|
||||
@login_required
|
||||
def list():
|
||||
if 'username' in session :
|
||||
|
||||
user = '%s'% escape(session['username'])
|
||||
|
||||
@ -111,22 +120,17 @@ def list():
|
||||
listFilesPrivate=listFilesPrivate,
|
||||
listFilesPublic=listFilesPublic)
|
||||
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@filesupload.route('/myfiles/<username>/<filename>')
|
||||
@login_required
|
||||
def myfiles(username, filename):
|
||||
if 'username' in session :
|
||||
user = '%s' % escape(session['username'])
|
||||
return send_from_directory(
|
||||
os.path.join(DOSSIER_PERSO, username, 'files'), filename )
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@filesupload.route('/make_public/<filename>')
|
||||
@login_required
|
||||
def move_public(filename):
|
||||
if 'username' in session:
|
||||
|
||||
user = '%s' % escape(session['username'])
|
||||
check_and_create(DOSSIER_PUBLIC + user + '/files/')
|
||||
check_and_create(DOSSIER_PERSO + user + '/files/')
|
||||
@ -135,12 +139,10 @@ def move_public(filename):
|
||||
dst = os.path.join(DOSSIER_PUBLIC, user, 'files/')
|
||||
move (src, dst)
|
||||
return redirect(url_for('filesupload.list', _external=True))
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@filesupload.route('/make_private/<filename>')
|
||||
@login_required
|
||||
def move_private(filename):
|
||||
if 'username' in session:
|
||||
user = '%s' % escape(session['username'])
|
||||
check_and_create(DOSSIER_PUBLIC + user + '/files/')
|
||||
check_and_create(DOSSIER_PERSO + user + '/files/')
|
||||
@ -148,19 +150,13 @@ def move_private(filename):
|
||||
dst = os.path.join(DOSSIER_PERSO, user, 'files/')
|
||||
move (src, dst)
|
||||
return redirect(url_for('filesupload.list', _external=True))
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@filesupload.route('/public/<username>/<filename>')
|
||||
def publicfiles(username, filename):
|
||||
return send_from_directory(
|
||||
os.path.join(DOSSIER_PUBLIC, username, 'files'), filename )
|
||||
|
||||
|
||||
@filesupload.route('/remove_privateFile/<filename>')
|
||||
@login_required
|
||||
def remove_privateFile(filename):
|
||||
if 'username' in session :
|
||||
user = '%s' % escape(session['username'])
|
||||
filename = secure_filename(filename)
|
||||
try:
|
||||
@ -168,13 +164,11 @@ def remove_privateFile(filename):
|
||||
except FileNotFoundError:
|
||||
flash(u'Fichier {filename} inexistant.'.format(filename=filename), 'error')
|
||||
return redirect(url_for('filesupload.list', _external=True))
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@filesupload.route('/remove_publicFile/<filename>')
|
||||
@login_required
|
||||
def remove_publicFile(filename):
|
||||
if 'username' in session :
|
||||
user = '%s' % escape(session['username'])
|
||||
filename = secure_filename(filename)
|
||||
try:
|
||||
@ -182,8 +176,6 @@ def remove_publicFile(filename):
|
||||
except FileNotFoundError:
|
||||
flash(u'Fichier {filename} inexistant.'.format(filename=filename), 'error')
|
||||
return redirect(url_for('filesupload.list', _external=True))
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@filesupload.route('/theme.min.css')
|
||||
def theme():
|
||||
@ -193,3 +185,8 @@ def theme():
|
||||
return send_file(DOSSIER_PERSO+ user +'/theme.min.css', mimetype='text/css')
|
||||
else:
|
||||
return send_file("static/default.min.css", mimetype='text/css')
|
||||
|
||||
@filesupload.route('/public/<username>/<filename>')
|
||||
def publicfiles(username, filename):
|
||||
return send_from_directory(
|
||||
os.path.join(DOSSIER_PUBLIC, username, 'files'), filename )
|
||||
|
||||
@ -8,6 +8,7 @@ import time
|
||||
import sqlite3
|
||||
import os
|
||||
from tools.filesutils import check_and_create
|
||||
from tools.utils import login_required
|
||||
|
||||
mygallery = Blueprint('mygallery', __name__, template_folder='templates')
|
||||
|
||||
@ -25,8 +26,8 @@ DATABASE = app.config['DATABASE']
|
||||
#################################################################################################
|
||||
|
||||
@mygallery.route( '/gallery/')
|
||||
@login_required
|
||||
def gallery():
|
||||
if 'username' in session :
|
||||
user ='%s' % escape(session['username'])
|
||||
check_and_create(DOSSIER_PUBLIC + user + '/images/')
|
||||
check_and_create(DOSSIER_PUBLIC + user + '/images/thumbnails/')
|
||||
@ -38,30 +39,25 @@ def gallery():
|
||||
section='Gallery',
|
||||
THUMBNAILS=THUMBNAILS,
|
||||
fichiers=fichiers)
|
||||
else :
|
||||
return redirect(url_for('loginlogout.login'), code=401)
|
||||
|
||||
|
||||
@mygallery.route('/myfiles/images/<filename>')
|
||||
@login_required
|
||||
def myimg(filename):
|
||||
if 'username' in session :
|
||||
UTILISATEUR='%s' % escape(session['username'])
|
||||
return send_from_directory(
|
||||
os.path.join(DOSSIER_PERSO, UTILISATEUR, 'images'), filename )
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@mygallery.route('/myfiles/images/thumbnails/<filename>')
|
||||
@login_required
|
||||
def mythumbnails(filename):
|
||||
if 'username' in session :
|
||||
UTILISATEUR='%s' % escape(session['username'])
|
||||
return send_from_directory(
|
||||
os.path.join(DOSSIER_PERSO, UTILISATEUR, 'images/thumbnails'), filename )
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@mygallery.route('/remove_privateImage/<filename>')
|
||||
@login_required
|
||||
def remove_privateImage(filename):
|
||||
if 'username' in session :
|
||||
user = '%s' % escape(session['username'])
|
||||
filename = secure_filename(filename)
|
||||
try:
|
||||
@ -73,8 +69,8 @@ def remove_privateImage(filename):
|
||||
|
||||
|
||||
@mygallery.route('/remove_publicImage/<filename>')
|
||||
@login_required
|
||||
def remove_publicImage(filename):
|
||||
if 'username' in session :
|
||||
user = '%s' % escape(session['username'])
|
||||
filename = secure_filename(filename)
|
||||
try:
|
||||
|
||||
@ -6,6 +6,7 @@ from socket import gethostname
|
||||
from os import remove, system
|
||||
from tools.utils import email_disp, valid_token_register, valid_passwd, valid_username, gen_token, totp_is_valid
|
||||
from tools.mailer import Mailer
|
||||
from tools.utils import login_required
|
||||
|
||||
app = Flask( 'pywallter' )
|
||||
app.config.from_pyfile('config.py')
|
||||
@ -29,6 +30,32 @@ BACKUP_TIME = app.config['BACKUP_TIME']
|
||||
|
||||
loginlogout = Blueprint('loginlogout', __name__, template_folder='templates')
|
||||
|
||||
|
||||
@loginlogout.route( '/' )
|
||||
def index():
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
cursor.execute("""SELECT token passwd FROM users where name=? """, ("pywallter", ))
|
||||
tmp = cursor.fetchone()
|
||||
conn.close
|
||||
if tmp:
|
||||
token = tmp[0]
|
||||
else:
|
||||
token = None
|
||||
|
||||
if 'username' in session :
|
||||
return redirect(url_for('profil.profile'))
|
||||
else :
|
||||
if token:
|
||||
hostname = gethostname()
|
||||
url_inscription = BASE_URL+'inscription/'+token
|
||||
return render_template('inscription.html', signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
else:
|
||||
return redirect(url_for('loginlogout.login', _external=True))
|
||||
|
||||
@loginlogout.route( '/login/', methods=['GET','POST'] )
|
||||
def login():
|
||||
if 'username' in session :
|
||||
@ -63,14 +90,15 @@ def login() :
|
||||
|
||||
|
||||
@loginlogout.route( '/logout/' )
|
||||
@login_required
|
||||
def logout():
|
||||
session.pop('username', None) # Supprimer username de la session s'il s'y trouve
|
||||
return redirect(url_for('loginlogout.index'))
|
||||
|
||||
|
||||
@loginlogout.route( '/delete_me/', methods=['GET','POST'])
|
||||
@login_required
|
||||
def delete_account():
|
||||
if 'username' in session :
|
||||
user='%s'% escape(session['username'])
|
||||
resp = render_template('delete_account.html', time_backup=BACKUP_TIME)
|
||||
if request.method == 'POST' :
|
||||
@ -160,27 +188,3 @@ def lost_password():
|
||||
|
||||
return render_template('lost_password.html')
|
||||
|
||||
@loginlogout.route( '/' )
|
||||
def index():
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
cursor.execute("""SELECT token passwd FROM users where name=? """, ("pywallter", ))
|
||||
tmp = cursor.fetchone()
|
||||
conn.close
|
||||
if tmp:
|
||||
token = tmp[0]
|
||||
else:
|
||||
token = None
|
||||
|
||||
if 'username' in session :
|
||||
return redirect(url_for('profil.profile'))
|
||||
else :
|
||||
if token:
|
||||
hostname = gethostname()
|
||||
url_inscription = BASE_URL+'inscription/'+token
|
||||
return render_template('inscription.html', signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
else:
|
||||
return redirect(url_for('loginlogout.login', _external=True))
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
from flask import Blueprint, Flask, request, flash, render_template, url_for, session, redirect, abort, make_response, send_file
|
||||
import glob, os, sys
|
||||
from markupsafe import escape
|
||||
from tools.utils import login_required
|
||||
|
||||
logs = Blueprint('logs', __name__, template_folder='templates')
|
||||
|
||||
@ -19,13 +20,11 @@ DATABASE = app.config['DATABASE']
|
||||
|
||||
|
||||
@logs.route('/logs/')
|
||||
@login_required
|
||||
def logfile():
|
||||
if 'username' in session:
|
||||
UTILISATEUR='%s'% escape(session['username'])
|
||||
log_file=os.path.join(DOSSIER_PERSO, UTILISATEUR, "log.txt")
|
||||
with open(log_file, 'r') as log:
|
||||
logs=log.readlines()
|
||||
log.close()
|
||||
return render_template('logs.html', section="Logs", logs=logs)
|
||||
else :
|
||||
return redirect(url_for('loginlogout.login', _external=True), code=401)
|
||||
|
||||
@ -7,7 +7,7 @@ import sqlite3
|
||||
import os
|
||||
from shutil import copy
|
||||
from socket import gethostname
|
||||
from tools.utils import email_disp, append_to_log, gen_token, valid_passwd
|
||||
from tools.utils import email_disp, append_to_log, gen_token, valid_passwd, login_required
|
||||
|
||||
|
||||
|
||||
@ -35,6 +35,7 @@ BACKUP_TIME = app.config['BACKUP_TIME']
|
||||
|
||||
|
||||
@mymailbox.route('/mymailbox/alias', methods=['GET', 'POST'] )
|
||||
@login_required
|
||||
def myalias():
|
||||
hostname=gethostname()
|
||||
UTILISATEUR='%s' % escape(session['username'])
|
||||
@ -94,6 +95,7 @@ def myalias():
|
||||
|
||||
|
||||
@mymailbox.route('/mymailbox/rmalias/<aliasrm>')
|
||||
@login_required
|
||||
def remove_alias(aliasrm):
|
||||
if MAIL_SERVER:
|
||||
UTILISATEUR='%s' % escape(session['username'])
|
||||
|
||||
@ -8,7 +8,7 @@ import os
|
||||
from shutil import copy
|
||||
from socket import gethostname
|
||||
from flask_bcrypt import Bcrypt
|
||||
from tools.utils import email_disp, append_to_log, gen_token, valid_passwd, valid_token_register, get_user_by_token, totp_is_valid
|
||||
from tools.utils import email_disp, append_to_log, gen_token, valid_passwd, valid_token_register, get_user_by_token, totp_is_valid, login_required
|
||||
from pyotp import random_base32
|
||||
import qrcode
|
||||
|
||||
@ -38,18 +38,15 @@ BACKUP_TIME = app.config['BACKUP_TIME']
|
||||
|
||||
|
||||
@profil.route( '/profil/<user>/<img>', methods=['GET'] )
|
||||
@login_required
|
||||
def profil_img(user, img) :
|
||||
if 'username' in session :
|
||||
|
||||
return send_from_directory( os.path.join(DOSSIER_PERSO, user, 'profile'), img )
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
|
||||
@profil.route('/profil/', methods=['GET','POST'])
|
||||
@login_required
|
||||
def profile() :
|
||||
if 'username' in session :
|
||||
user='%s' % escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -119,14 +116,11 @@ def profile() :
|
||||
profil=profil_user,
|
||||
username=user)
|
||||
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
|
||||
@profil.route('/profil/homepage', methods=['GET'] )
|
||||
@login_required
|
||||
def homepage():
|
||||
if 'username' in session :
|
||||
username='%s' % escape(session['username'])
|
||||
|
||||
return render_template('homepage.html',
|
||||
@ -136,8 +130,8 @@ def homepage():
|
||||
|
||||
|
||||
@profil.route('/profil/change-password/', methods=['GET','POST'] )
|
||||
@login_required
|
||||
def change_passwd() :
|
||||
if 'username' in session:
|
||||
user='%s' % escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -210,8 +204,6 @@ def change_passwd() :
|
||||
username=user,
|
||||
base_url=BASE_URL)
|
||||
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@profil.route('/change-password-lost/<token>', methods=['GET','POST'] )
|
||||
@ -292,8 +284,8 @@ def change_passwd_lost(token) :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@profil.route('/set_totp/', methods=['POST'])
|
||||
@login_required
|
||||
def set_totp():
|
||||
if 'username' in session:
|
||||
user='%s' % escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -314,12 +306,10 @@ def set_totp():
|
||||
|
||||
conn.close()
|
||||
return redirect(url_for('profil.change_passwd', _external=True))
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
@profil.route('/del_totp/', methods=['GET'])
|
||||
@login_required
|
||||
def del_totp():
|
||||
if 'username' in session:
|
||||
user='%s' % escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -330,18 +320,15 @@ def del_totp():
|
||||
|
||||
|
||||
@profil.route('/totp.png', methods=['GET'])
|
||||
@login_required
|
||||
def totp_qrcode():
|
||||
if 'username' in session :
|
||||
user='%s' % escape(session['username'])
|
||||
return send_file(
|
||||
os.path.join(DOSSIER_PERSO, user, "totp.png"), "totp.png")
|
||||
else :
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@profil.route('/deltoken-password-lost/<token>', methods=['GET','POST'] )
|
||||
def deltoken_passwd_lost(token) :
|
||||
|
||||
if valid_token_register(token, "Lost password"):
|
||||
user = get_user_by_token(token, "Lost password")
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
@ -358,8 +345,8 @@ def deltoken_passwd_lost(token) :
|
||||
|
||||
|
||||
@profil.route('/invitation/', methods=['GET'])
|
||||
@login_required
|
||||
def invitation():
|
||||
if 'username' in session:
|
||||
UTILISATEUR='%s' % escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -378,14 +365,12 @@ def invitation():
|
||||
nb_invitation=invitations_count,
|
||||
token=token,
|
||||
url_invitation=url_invitation)
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
|
||||
@profil.route('/gen_token/', methods=['GET'])
|
||||
@login_required
|
||||
def generate_token():
|
||||
if 'username' in session:
|
||||
UTILISATEUR='%s' % escape(session['username'])
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
@ -395,13 +380,11 @@ def generate_token():
|
||||
conn.commit()
|
||||
conn.close()
|
||||
return redirect(BASE_URL+'invitation/')
|
||||
else:
|
||||
return redirect(BASE_URL, code=401)
|
||||
|
||||
|
||||
@profil.route( '/delete_me/', methods=['GET','POST'])
|
||||
@login_required
|
||||
def delete_account():
|
||||
if 'username' in session :
|
||||
UTILISATEUR='%s'% escape(session['username'])
|
||||
resp = render_template('delete_account.html', time_backup=BACKUP_TIME)
|
||||
if request.method == 'POST' :
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user