rolled back admin changes
This commit is contained in:
@@ -257,18 +257,6 @@ def admin_login():
|
|||||||
if user and check_password(user, password):
|
if user and check_password(user, password):
|
||||||
flask_login.login_user(user)
|
flask_login.login_user(user)
|
||||||
current_app.logger.info(f"Admin login successful: {user_name}")
|
current_app.logger.info(f"Admin login successful: {user_name}")
|
||||||
|
|
||||||
token = retrieve_token(user_name)
|
|
||||||
if not token:
|
|
||||||
token = create_token(user_name)
|
|
||||||
|
|
||||||
next_url = request.args.get("next")
|
|
||||||
if next_url and next_url.startswith("/admin"):
|
|
||||||
session["next_url"] = next_url
|
|
||||||
else:
|
|
||||||
session["next_url"] = url_for("main.index")
|
|
||||||
|
|
||||||
return set_cookie(token)
|
|
||||||
else:
|
else:
|
||||||
current_app.logger.warning(f"Failed admin login attempt: {user_name}")
|
current_app.logger.warning(f"Failed admin login attempt: {user_name}")
|
||||||
flash("Incorrect username or password. Please try again.", "error")
|
flash("Incorrect username or password. Please try again.", "error")
|
||||||
@@ -369,12 +357,15 @@ def serve_deck(course_folder, deck, token, path="index.html"):
|
|||||||
requested_file = os.path.join(deck_path, path)
|
requested_file = os.path.join(deck_path, path)
|
||||||
if os.path.isfile(requested_file):
|
if os.path.isfile(requested_file):
|
||||||
if path == deck_info["index_file"]:
|
if path == deck_info["index_file"]:
|
||||||
current_app.logger.info(f"User {token.name} accessed deck {deck_info['deck_name']}")
|
current_app.logger.info(
|
||||||
|
f"User {token.name} accessed deck {deck_info['deck_name']}"
|
||||||
|
)
|
||||||
return send_from_directory(deck_path, path)
|
return send_from_directory(deck_path, path)
|
||||||
|
|
||||||
log_404("File missing within deck", deck, course_folder, path, token)
|
log_404("File missing within deck", deck, course_folder, path, token)
|
||||||
abort(404)
|
abort(404)
|
||||||
|
|
||||||
|
|
||||||
@main.route("/exports/<course_folder>/<deck>/<path>")
|
@main.route("/exports/<course_folder>/<deck>/<path>")
|
||||||
@token_required
|
@token_required
|
||||||
def serve_export(deck, course_folder, path, token):
|
def serve_export(deck, course_folder, path, token):
|
||||||
|
|||||||
Reference in New Issue
Block a user