230b542015
- Rename package fablednetmon → fabledscryer throughout - Multi-dashboard: ownership, per-user defaults, HTMX edit (add/remove/reorder) - Read-only share tokens scoped to individual dashboards - Dashboard edit is HTMX-driven (no page reloads) - Plugin management system: remote catalog, download/install, hot-reload, in-app restart - plugin_index.py: fetch/cache remote index.yaml; default URL → bvandeusen/fabledscryer-plugins - plugin_manager.py: download_and_install_plugin, hot_reload_plugin, restart_app - ZIP extraction handles GitHub archive formats (name-v1.0.0/, name-main/) - Settings split into tabbed sections: General, Notifications, Ansible, Plugins - Plugins tab: catalog browser (HTMX), install/activate/update/restart actions - UI/branding: dark palette (#07071a), crystal ball SVG logo, animated star field, Libertinus Serif applied to headings, nav, labels, and section titles - Widget registry (core/widgets.py) for dashboard plugin integration - UPS widget.html (dashboard card) and settings/_tabs.html include - Migrations 0005–0008: dashboards, is_default, ownership, share tokens - docs/plugins/: writing-a-plugin.md updated with publishing guide, index.yaml.example template for fabledscryer-plugins repo Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
78 lines
2.7 KiB
Python
78 lines
2.7 KiB
Python
from __future__ import annotations
|
|
import bcrypt
|
|
from quart import Blueprint, render_template, request, redirect, url_for, session
|
|
from sqlalchemy import select, func
|
|
from fabledscryer.auth.middleware import login_user, logout_user
|
|
from fabledscryer.models.users import User, UserRole
|
|
|
|
auth_bp = Blueprint("auth", __name__)
|
|
|
|
|
|
async def get_user_count(app) -> int:
|
|
async with app.db_sessionmaker() as db:
|
|
result = await db.execute(select(func.count()).select_from(User))
|
|
return result.scalar_one()
|
|
|
|
|
|
async def get_user_by_username(app, username: str) -> User | None:
|
|
async with app.db_sessionmaker() as db:
|
|
result = await db.execute(select(User).where(User.username == username))
|
|
return result.scalar_one_or_none()
|
|
|
|
|
|
@auth_bp.get("/login")
|
|
async def login():
|
|
from quart import current_app
|
|
if await get_user_count(current_app) == 0:
|
|
return redirect(url_for("auth.setup"))
|
|
return await render_template("auth/login.html")
|
|
|
|
|
|
@auth_bp.post("/login")
|
|
async def login_post():
|
|
from quart import current_app
|
|
form = await request.form
|
|
username = form.get("username", "").strip()
|
|
password = form.get("password", "").encode()
|
|
user = await get_user_by_username(current_app, username)
|
|
if not user or not user.is_active:
|
|
return await render_template("auth/login.html", error="Invalid credentials"), 400
|
|
if not bcrypt.checkpw(password, user.password_hash.encode()):
|
|
return await render_template("auth/login.html", error="Invalid credentials"), 400
|
|
login_user(user)
|
|
return redirect(url_for("dashboard.index"))
|
|
|
|
|
|
@auth_bp.get("/logout")
|
|
async def logout():
|
|
logout_user()
|
|
return redirect(url_for("auth.login"))
|
|
|
|
|
|
@auth_bp.get("/setup")
|
|
async def setup():
|
|
from quart import current_app
|
|
if await get_user_count(current_app) > 0:
|
|
return redirect(url_for("auth.login"))
|
|
return await render_template("auth/setup.html")
|
|
|
|
|
|
@auth_bp.post("/setup")
|
|
async def setup_post():
|
|
from quart import current_app
|
|
if await get_user_count(current_app) > 0:
|
|
return redirect(url_for("auth.login"))
|
|
form = await request.form
|
|
username = form.get("username", "").strip()
|
|
email = form.get("email", "").strip()
|
|
password = form.get("password", "").encode()
|
|
if not username or not email or not password:
|
|
return await render_template("auth/setup.html", error="All fields required"), 400
|
|
pw_hash = bcrypt.hashpw(password, bcrypt.gensalt()).decode()
|
|
user = User(username=username, email=email, password_hash=pw_hash, role=UserRole.admin)
|
|
async with current_app.db_sessionmaker() as db:
|
|
async with db.begin():
|
|
db.add(user)
|
|
login_user(user)
|
|
return redirect(url_for("dashboard.index"))
|