jegomez/attendance-flask-mini-app
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changes for use in a proper domain

Browse Source
This commit is contained in:
Jorge Enrique Gómez Gómez 2022-07-28 19:38:44 +00:00
parent d5ca31078b
commit 912f84597d
3 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -1,6 +1,11 @@
# Sqlite database
database.db
# Vim temporary files and swap
*~
*.swp
*.swo
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]

18
main.py
View File

@ -11,7 +11,7 @@ from flask_qrcode import QRcode
# refresh the qr code and update the list of users
# https://flask-socketio.readthedocs.io
app = Flask(__name__, static_folder='html')
app = Flask(__name__)
FlaskUUID(app)
QRcode(app)
@ -34,27 +34,29 @@ def show_qr_and_list():
@app.route('/<uuid:id>')
def catch_uuids(id):
ua = request.headers.get('User-Agent')
# TODO: use the Remote-User header that Authelia should set after authentication
# (check if "Authorization" in request.headers, or request.authorization)
ua = request.headers.get('Remote-User')
# TODO: Check directly with Authelia using https://auth.agofer.net/api/verify
time = datetime.now().strftime("%A %Y-%m-%d %H:%M:%S")
error = None
data = []
conn = get_db_connection()
existing = conn.execute(
'SELECT * FROM hits WHERE uuid = ?', (str(id),)).fetchone()
# TODO: verify that the uuid was generated by us (otherwise any uuid,
# like one generated by the user, would be accepted)
if existing:
if not ua:
error = 'NO_USERNAME'
elif existing:
error = 'ALREADY_USED'
else:
conn.execute("INSERT INTO hits (uuid, user) VALUES (?, ?)", (str(id), ua))
conn.commit()
data = conn.execute(
'SELECT * FROM hits WHERE user = ? ORDER BY id DESC LIMIT 10', (ua,)
).fetchall()
conn.execute("INSERT INTO hits (uuid, user) VALUES (?, ?)", (str(id), ua))
conn.commit()
conn.close()
return render_template('thanks.html', user=ua, time=time, error=error, hits=data)
if __name__ == '__main__':
app.run()
app.run(host='0.0.0.0')

5
templates/thanks.html
View File

@ -4,7 +4,10 @@
<title>Example</title>
</head>
<body>
{% if error %}
{% if error == 'NO_USERNAME' %}
<h1>Error</h1>
<p>No username received. <a href='https://auth.agofer.net/'>Login here</a>.</p>
{% elif error == 'ALREADY_USED' %}
<h1>Error</h1>
<p>Code has been used already.</p>
{% else %}