Permalink
Browse files

added login and access control

  • Loading branch information...
rochacbruno committed Oct 16, 2015
1 parent 189f4d4 commit 3766bfabb6d9c359731ff3a143101209af0d207f
Showing with 87 additions and 3 deletions.
  1. +2 −0 requirements.txt
  2. +2 −0 wtf/blueprints/noticias.py
  3. +10 −0 wtf/development_instance/config.cfg
  4. +6 −2 wtf/news_app.py
  5. +51 −0 wtf/security_models.py
  6. +16 −1 wtf/templates/base.html
View
@@ -2,3 +2,5 @@ https://github.com/mitsuhiko/flask/tarball/master
flask-mongoengine
nose
Flask-Bootstrap
Flask-Security
Flask-Login==0.2.11
@@ -5,11 +5,13 @@
Blueprint, request, current_app, send_from_directory, render_template
)
from ..models import Noticia
from flask_security import login_required
noticias_blueprint = Blueprint('noticias', __name__)
@noticias_blueprint.route("/noticias/cadastro", methods=["GET", "POST"])
@login_required
def cadastro():
if request.method == "POST":
dados_do_formulario = request.form.to_dict()
@@ -8,3 +8,13 @@ MEDIA_FOLDER = 'media_files'
MONGODB_DB = "noticias"
MONGODB_HOST = "localhost" # substitua se utilizar um server remoto
MONGODB_PORT = 27017
SECRET_KEY = 'super-secret'
SECURITY_REGISTERABLE = True
# as opções abaixo devem ser removidas em ambiente de produção
SECURITY_SEND_REGISTER_EMAIL = False
SECURITY_LOGIN_WITHOUT_CONFIRMATION = True
SECURITY_CHANGEABLE = True
View
@@ -1,9 +1,12 @@
# coding: utf-8
from os import path
from flask import Flask
from .blueprints.noticias import noticias_blueprint
from flask_bootstrap import Bootstrap
from db import db
from flask_security import Security, MongoEngineUserDatastore
from .blueprints.noticias import noticias_blueprint
from .db import db
from .security_models import User, Role
def create_app(mode):
@@ -28,4 +31,5 @@ def create_app(mode):
Bootstrap(app)
db.init_app(app)
Security(app=app, datastore=MongoEngineUserDatastore(db, User, Role))
return app
View
@@ -0,0 +1,51 @@
# coding: utf-8
from .db import db
from flask_security import UserMixin, RoleMixin
from flask_security.utils import encrypt_password
class Role(db.Document, RoleMixin):
name = db.StringField(max_length=80, unique=True)
description = db.StringField(max_length=255)
@classmethod
def createrole(cls, name, description=None):
return cls.objects.create(
name=name,
description=description
)
class User(db.Document, UserMixin):
name = db.StringField(max_length=255)
email = db.EmailField(max_length=255, unique=True)
password = db.StringField(max_length=255)
active = db.BooleanField(default=True)
confirmed_at = db.DateTimeField()
roles = db.ListField(
db.ReferenceField(Role, reverse_delete_rule=db.DENY), default=[]
)
last_login_at = db.DateTimeField()
current_login_at = db.DateTimeField()
last_login_ip = db.StringField(max_length=255)
current_login_ip = db.StringField(max_length=255)
login_count = db.IntField()
username = db.StringField(max_length=50, required=False, unique=True)
remember_token = db.StringField(max_length=255)
authentication_token = db.StringField(max_length=255)
@classmethod
def createuser(cls, name, email, password,
active=True, roles=None, username=None,
*args, **kwargs):
return cls.objects.create(
name=name,
email=email,
password=encrypt_password(password),
active=active,
roles=roles,
username=username,
*args,
**kwargs
)
View
@@ -7,10 +7,25 @@
<ul class="nav navbar-nav">
<li><a href="{{url_for('noticias.index')}}">HOME</a> </li>
<li><a href="{{url_for('noticias.cadastro')}}">CADASTRO</a></li>
{% block access_control %}
<li class="divider-vertical"></li>
{% if current_user.is_authenticated() %}
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
{{current_user.email}} <b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="{{url_for_security('change_password')}}"><i class="icon-user"></i> Change password</a></li>
<li><a href="{{url_for_security('logout')}}"><i class="icon-off"></i> Logout</a></li>
</ul>
</li>
{% else %}
<li><a href="{{url_for_security('login')}}"><i class="icon-off"></i> Login</a></li>
{% endif %}
{% endblock %}
</ul>
</nav>
{%- endblock navbar %}
{% block content %}
<div class="container">
{%- with messages = get_flashed_messages(with_categories=True) %}

0 comments on commit 3766bfa

Please sign in to comment.