Me gustaría implementar una autenticación de contraseña básica simple sin nombre de usuario en el matraz. Las diferentes rutas deben tener diferentes contraseñas: en @app.route("/project/<string:project_name>", methods=["GET"])
me gustaría asignar a cada proyecto una contraseña diferente. La aplicación es muy pequeña y la seguridad no es una gran preocupación, por lo que la solución también debería ser lo más simple posible.
Creo que esto debería servir como una solución para usted:
pwd = '' def password_form(project_name): # The HTML form asking for password return '''<form method="post"> <label for="pass">Please enter project's password:</label> <input type="pwd" id="pwd" name="pwd" required> <input type="submit" value="Sign in"> </form>''' def check_password(pwd, project_name): # I set the password to be the reversed name of the project, you can change it return pwd == project_name[::-1] @app.route("/project/<string:project_name>", methods=["GET", "POST"]) def project(project_name): if request.method == "POST": pwd = request.form['pwd'] # pass the form field name as key if check_password(pwd, project_name): return 'success!' # Return the project's HTML page. If it has a template matching the project's name: #return render_template(f'{project_name}.html') else: # Wrong password, the form will reload return password_form(project_name) if request.method == "GET": return password_form(project_name)
Una solución potencial.
from flask_wtf import FlaskForm from wtforms import PasswordField, StringField from wtforms.validators import DataRequired class LoginForm(FlaskForm): project_name = StringField('Project_name', id='project_name') password = PasswordField('Password',id='password', validators[DataRequired()])
from flask_login import UserMixin from sqlalchemy import Binary from app import db class Project(db.Model, UserMixin): __tablename__ = 'Project' project_name = Column(String, unique=True) password = Column(Binary)
from flask import render_template, redirect, request, url_for from flask_login import login_user from app.models import Project ## this could be a simple string comparison **not suggested. from app.base.util import verify_pass @app.route('/login', methods=['GET', 'POST']) def login(): """ """ login_form = LoginForm(request.form) if request.method == 'POST': # read form data password = request.form['password'] # project's password given its name. project = Project.query.filter_by(project_name=project_name).first() # Verify password. if project and verify_pass(password, project.password): # Success. login_user(user) return redirect(url_for('app.index')) # Something (user or pass) is not ok return render_template( 'login.html', msg='Wrong password.', form=login_form )