extremally basic login system

admins.json

@@ -0,0 +1 @@
+{"secret_key":"aihsasodhngfkuabsfh", "marek":{"password":"marek"},"notmarek":{"password":"notmarek"}}

links.json

@@ -1,5 +1 @@
-{
-	"aaaaa":{"url":"https://www.youtube.com/watch?v=CZlfbep2LdU"},
-	"dfghj":{"url":"https://www.youtube.com/watch?v=pF80Y28zhqg"},
-	"cvbnm":{"url":""}
-}
+{"aaaaa": {"url": "https://www.youtube.com/watch?v=CZlfbep2LdU"}, "dfghj": {"url": "https://www.youtube.com/watch?v=pF80Y28zhqg"}, "cvbnm": {"url": ""}, "A9P5ZT": {"url": ""}, "BCRLF3": {"url": ""}, "NLPBC3": {"url": ""}, "NSC4VV": {"url": ""}, "TQ83OO": {"url": ""}, "1EVA47": {"url": ""}, "Q1YPAQ": {"url": ""}, "I4BTAO": {"url": ""}, "M7UH9F": {"url": ""}, "2485LC": {"url": ""}, "MLC5RZ": {"url": ""}, "JFNCJJ": {"url": ""}, "JL8MED": {"url": ""}, "IBTM9R": {"url": ""}, "PGO33N": {"url": ""}, "8LHONR": {"url": ""}}

qr-labels.py

@@ -10,9 +10,30 @@ systemURL = 'http://192.168.0.11:5000/' #FULL URL with a '/' at the end
 systemURL = 'http://10.0.1.115:5000/'
 randomchars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789' #note the lack of zero
 
+# flask-login
+login_manager = LoginManager()
+login_manager.init_app(app)
+login_manager.login_view = "login"
+
+admins={}
+class Admin(UserMixin):
+	def __init__(self, name, password):
+		self.id = name
+		self.password = password
+		admins[name] = self
+
 with open('links.json', 'r') as infile:
 	links = json.load(infile)
 
+with open('admins.json', 'r') as infile:
+	adminfile = json.load(infile)
+	for key, value in adminfile.items():
+		if key=='secret_key':
+			app.secret_key = value
+		else:
+			a = Admin(key, value['password'])
+
+
 def saveFile():
 	with open('links.json', 'w') as outfile:
 		json.dump(links, outfile)
@@ -88,9 +109,28 @@ def edit():
 	return render_template('success.html')
 
 @app.route("/admin")
+@login_required
 def admin():
 	return render_template('admin.html')
 
+# somewhere to login
+@app.route("/login", methods=["GET", "POST"])
+def login():
+	if request.method == 'POST':
+		username = request.form['username']
+		password = request.form['password']
+		if admins[username].password == password:
+			login_user(admins[username])
+			return redirect(request.args.get("next"))
+		return abort(401)
+	else:
+		return render_template('login.html')
+
+# callback to reload the user object        
+@login_manager.user_loader
+def load_user(userid):
+    return admins[userid]
+
 @app.route("/generate", methods=['GET', 'POST'])
 def generate():
 	howmany = request.form.get("howmany")
@@ -106,6 +146,7 @@ def generate():
 	return render_template("printlabels.html", codes=codesarray, systemURL=humanSystemURL, codegenURL=systemURL+'code/', format='.png')
 
 @app.route("/list")
+@login_required
 def list():
 	linklist = []
 	for key, value in links.items():
@@ -114,6 +155,7 @@ def list():
 	return render_template('list.html', linklist=linklist, count=len(linklist))
 
 @app.route("/empty")
+@login_required
 def showEmptyCodes():
 	linklist = []
 	for key, value in links.items():

templates/login.html

@@ -0,0 +1,9 @@
+{% extends 'base.html' %}
+
+{% block content %}
+<form action="" method="post">
+<p><input type="text" name="username" /></p>
+<p><input type="password" name="password" /></p>
+<p><input type="submit" class="graybar" value="Login" /></p>
+</form>
+{% endblock %}