gaschz/trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-06-06 18:08:33 +02:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

login is now configured in the ini file instead of being hardcoded

Browse Source
This commit is contained in:
azivner 2017-06-13 22:21:31 -04:00
parent 6efe28c283
commit 820768c572
3 changed files with 39 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app.py
View File

@ -8,6 +8,8 @@ import time
import math import math
import random import random
import string import string
import configparser
import bcrypt
from flask import render_template, redirect from flask import render_template, redirect
@ -45,15 +47,22 @@ def logout():
logout_user() logout_user()
return redirect('login') return redirect('login')
userAdam = User() config = configparser.ConfigParser()
userAdam.id = 'adam' config.read('config.ini')
user = User()
user.id = config['Login']['username']
hashedPassword = config['Login']['password-hash'].encode('utf-8')
@app.route('/login', methods=['POST']) @app.route('/login', methods=['POST'])
def login_post(): def login_post():
if request.form['username'] == 'adam' and request.form['password'] == 'pass': inputPassword = request.form['password'].encode('utf-8')
rememberMe = True if request.form['remember-me'] else False
login_user(userAdam, remember=rememberMe) if request.form['username'] == user.id and bcrypt.hashpw(inputPassword, hashedPassword) == hashedPassword:
rememberMe = True if 'remember-me' in request.form else False
login_user(user, remember=rememberMe)
return redirect('app') return redirect('app')
else: else:
@ -289,8 +298,8 @@ login_manager.login_view = 'login_form'
@login_manager.user_loader @login_manager.user_loader
def load_user(user_id): def load_user(user_id):
if user_id == 'adam': if user_id == user.id:
return userAdam return user
else: else:
return None return None

5
config.ini Normal file
View File

@ -0,0 +1,5 @@
[Login]
# Enter below credentials with with which you want to authenticate to Notecase web app
username=adam
# This is bcrypt password hash. You can use generate-password.py (in this directory) to hash your password
password-hash=$2b$12$jcbhRx6WRbCRogpCckH1hehWrHWgFaFYC3u3ebdVURJX36..fdAca

18
generate-password.py Normal file
View File

@ -0,0 +1,18 @@
#!/usr/bin/python
import bcrypt # pip install bcrypt
import getpass
password1 = getpass.getpass()
print('Repeat the same password:')
password2 = getpass.getpass()
if password1 == password2:
salt = bcrypt.gensalt()
print('Generated hash:')
print(bcrypt.hashpw(password1, salt))
else:
print('Entered passwords are not identical!')