main: Added admin page
This commit is contained in:
parent
52fca38af9
commit
83bde4b218
@ -47,7 +47,7 @@ General commands (as anyone)
|
||||
Docker is the easiest way to install the master server.
|
||||
|
||||
```sh
|
||||
docker run -d -p 5000:5000 -e LICENCE-API=your-api-key -e WORKER_KEY=your-api-key --name hnshosting-master git.woodburn.au/nathanwoodburn/hnshosting-master:latest -v ./data:/data
|
||||
docker run -d -p 5000:5000 -e LICENCE_KEY=your-api-key -e WORKER_KEY=your-api-key -e ADMIN_KEY=admin-key --name hnshosting-master git.woodburn.au/nathanwoodburn/hnshosting-master:latest -v ./data:/data
|
||||
```
|
||||
You can also mount a docker volume to /data to store the files instead of mounting a host directory.
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
from flask import Flask, request, jsonify
|
||||
from flask import Flask, make_response, redirect, request, jsonify
|
||||
import dotenv
|
||||
import os
|
||||
import requests
|
||||
@ -10,12 +10,14 @@ dotenv.load_dotenv()
|
||||
|
||||
app = Flask(__name__)
|
||||
|
||||
loggins = []
|
||||
|
||||
# API add license key (requires API key in header)
|
||||
@app.route('/add-licence', methods=['POST'])
|
||||
def add_license():
|
||||
# Get API header
|
||||
api_key = request.headers.get('key')
|
||||
if api_key != os.getenv('LICENCE-API'):
|
||||
if api_key != os.getenv('LICENCE_KEY'):
|
||||
return jsonify({'error': 'Invalid API key', 'success': 'false'})
|
||||
|
||||
# Generate licence key
|
||||
@ -441,8 +443,36 @@ def home():
|
||||
html += "<h2>Licences</h2>"
|
||||
html += "<p>Number of licences: " + str(len(licences)) + "</p>"
|
||||
|
||||
html += "<h2>API</h2>"
|
||||
return html
|
||||
|
||||
# Admin page
|
||||
@app.route('/admin',)
|
||||
def admin():
|
||||
# Check if logged in
|
||||
loggin_key = request.cookies.get('login_key')
|
||||
|
||||
if request.method == 'POST':
|
||||
# Handle login
|
||||
password = request.form['password']
|
||||
if os.getenv(ADMIN_KEY) == password:
|
||||
# Generate login key
|
||||
login_key = os.urandom(32).hex()
|
||||
loggins.append(login_key)
|
||||
# Set cookie
|
||||
resp = make_response(redirect('/admin'))
|
||||
resp.set_cookie('login_key', login_key)
|
||||
return resp
|
||||
|
||||
|
||||
if loggin_key == None:
|
||||
return "<h1>Admin</h1><br><form action='/admin' method='POST'><input type='password' name='Master API'><input type='submit' value='Login'></form>"
|
||||
if loggin_key not in loggins:
|
||||
return "<h1>Admin</h1><br><form action='/admin' method='POST'><input type='password' name='Master API'><input type='submit' value='Login'></form>"
|
||||
|
||||
return "<h1>Admin</h1><br>Logged in"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user