|
|
@ -5,7 +5,7 @@ import sqlalchemy
|
|
|
|
from sqlalchemy.sql import select
|
|
|
|
from sqlalchemy.sql import select
|
|
|
|
from sqlalchemy.sql import text
|
|
|
|
from sqlalchemy.sql import text
|
|
|
|
from flask import Flask
|
|
|
|
from flask import Flask
|
|
|
|
from flask import render_template, send_from_directory, request
|
|
|
|
from flask import render_template, send_from_directory, request, Response
|
|
|
|
from werkzeug.utils import secure_filename
|
|
|
|
from werkzeug.utils import secure_filename
|
|
|
|
|
|
|
|
|
|
|
|
app = Flask(__name__)
|
|
|
|
app = Flask(__name__)
|
|
|
@ -14,6 +14,26 @@ db_engine = {}
|
|
|
|
db_metadata = {}
|
|
|
|
db_metadata = {}
|
|
|
|
parts = {}
|
|
|
|
parts = {}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def check_auth(username, password):
|
|
|
|
|
|
|
|
admin_list = []
|
|
|
|
|
|
|
|
with open('edit_admin.json', 'r') as admin:
|
|
|
|
|
|
|
|
admin_list = json.load(admin)
|
|
|
|
|
|
|
|
for user in admin_list:
|
|
|
|
|
|
|
|
if username == user['username']:
|
|
|
|
|
|
|
|
return password == user['password']
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def authenticate():
|
|
|
|
|
|
|
|
return Response('Could not verify access level. Please retry', 401, {'WWW-Authenticate' : 'Basic realm="Login Required"'})
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def requires_auth(f):
|
|
|
|
|
|
|
|
@wraps(f)
|
|
|
|
|
|
|
|
def decorated(*args, **kwargs):
|
|
|
|
|
|
|
|
auth = request.authorization
|
|
|
|
|
|
|
|
if not auth or not check_auth(auth.username, auth.password):
|
|
|
|
|
|
|
|
return authenticate()
|
|
|
|
|
|
|
|
return f(*args, **kwargs)
|
|
|
|
|
|
|
|
return decorated
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/parts')
|
|
|
|
@app.route('/parts')
|
|
|
|
def index():
|
|
|
|
def index():
|
|
|
|
return render_template('partsearch.html')
|
|
|
|
return render_template('partsearch.html')
|
|
|
@ -62,6 +82,7 @@ def getfile(filename):
|
|
|
|
return send_from_directory('/srv/datasheets/', filename + '.pdf')
|
|
|
|
return send_from_directory('/srv/datasheets/', filename + '.pdf')
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/parts/alter/<partID>', methods=['POST'])
|
|
|
|
@app.route('/parts/alter/<partID>', methods=['POST'])
|
|
|
|
|
|
|
|
@requires_auth
|
|
|
|
def alter(partID):
|
|
|
|
def alter(partID):
|
|
|
|
partID = int(partID)
|
|
|
|
partID = int(partID)
|
|
|
|
s = ''
|
|
|
|
s = ''
|
|
|
@ -127,6 +148,7 @@ def alter(partID):
|
|
|
|
return '{"status":"ok"}'
|
|
|
|
return '{"status":"ok"}'
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/parts/delete/<partID>')
|
|
|
|
@app.route('/parts/delete/<partID>')
|
|
|
|
|
|
|
|
@requires_auth
|
|
|
|
def delete(partID):
|
|
|
|
def delete(partID):
|
|
|
|
if partID < 0:
|
|
|
|
if partID < 0:
|
|
|
|
abort(400)
|
|
|
|
abort(400)
|
|
|
|