Merge branch 'master' of git.elab.kth.se:davide/ELAB-partsearch

# Conflicts:
#	parts/server.py
pull/3/head
Davide Bongiovanni 6 years ago
commit 4429a2a4f6

@ -6,7 +6,7 @@ from functools import wraps
from sqlalchemy.sql import select
from sqlalchemy.sql import text
from flask import Flask
from flask import render_template, send_from_directory, request, Response, send_file
from flask import render_template, send_from_directory, request, Response, send_file, session
from PIL import Image, ImageDraw
from io import BytesIO
from os import listdir
@ -30,12 +30,21 @@ def getContainers():
return containers
def check_auth(username, password):
admin_list = []
with open('edit_admin.json', 'r') as admin:
admin_list = json.load(admin)
for user in admin_list:
if username == user['username']:
return password == user['password']
query = "select id, password from users where username=:usrnm;"
r = db_engine.execute(text(query), usrnm=username)
results = []
for row in r:
results.append(dict(row))
r.close()
if len(results)!=1:
return False;
if results[0]['password']==password:
session['uid'] = results[0]['id']
print (session['uid'])
return True
else:
return False
def authenticate():
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
@ -97,7 +106,7 @@ def alterLocation(locationID):
if locationID < 0:
# New entry
s = 'insert into locations (name, container_id) '
s += 'values (:name, :container);'
s += 'values (:name, :container, :userid);'
s = text(s)
r = db_engine.execute(s,name=request.form['name'],container=request.form['container']);
r.close()
@ -201,8 +210,8 @@ def alter(partID):
r = {}
if partID < 0:
# New entry
s = 'insert into parts (partno, description, datasheet, location_id, notes) '
s += 'values (:partno, :description, :datasheet, :location_id, :notes) returning id;'
s = 'insert into parts (partno, description, datasheet, location_id, whoadded, notes) '
s += 'values (:partno, :description, :datasheet, :location_id, :user_id, :notes) returning id;'
s = text(s)
if len(request.files) != 0:
datasheet_file = request.files['datasheet-file']
@ -225,6 +234,7 @@ def alter(partID):
datasheet=datasheet_filename,
location_id=request.form['location_id'],
notes=request.form['notes'])
user_id=session['uid']
else:
# Modify entry
r = db_engine.execute(text('select * from parts where id=:id;'), id=partID)
@ -318,6 +328,8 @@ def connect(user, password, db, host='localhost', port=5432):
return con, meta
if __name__ == '__main__':
app.secret_key = 'asuiygdiahsdo[ainsfl]asfkjnb;asklnj'
app.config['SESSION_TYPE'] = 'memcached'
with open('admin.json') as f:
postgres_credentials = json.load(f)
db_engine, db_metadata = connect(postgres_credentials['username'], postgres_credentials['password'], 'parts_v2')

@ -267,6 +267,9 @@ div label input {
table#results {
width: 100%;
max-width: 1280px;
margin-left: auto;
margin-right: auto;
border-collapse: collapse;
}
@ -342,7 +345,5 @@ td p {
}
.results-locations{
max-width: 1000px;
margin-left: auto;
margin-right: auto;
}
Loading…
Cancel
Save