Added logic that allows non logged in users to use qr codes

This commit is contained in:
2025-10-20 21:47:51 +02:00
parent e27fe4470e
commit b13314037f
3 changed files with 18 additions and 9 deletions

View File

@@ -5,6 +5,7 @@ from typing import List, Optional
import pytz import pytz
from flask_sqlalchemy import SQLAlchemy from flask_sqlalchemy import SQLAlchemy
from flask import current_app
from sqlalchemy import Boolean, Column, DateTime, String, TypeDecorator, ForeignKey, UniqueConstraint from sqlalchemy import Boolean, Column, DateTime, String, TypeDecorator, ForeignKey, UniqueConstraint
from sqlalchemy.orm import Mapped, mapped_column, relationship from sqlalchemy.orm import Mapped, mapped_column, relationship
db : SQLAlchemy = SQLAlchemy() db : SQLAlchemy = SQLAlchemy()
@@ -97,9 +98,10 @@ class Token(db.Model):
def __init__(self, name: str) -> None: def __init__(self, name: str) -> None:
self.name = name self.name = name
self.active_course_id = current_app.config["DEFAULT_COURSE"]
def __repr__(self) -> str: def __repr__(self) -> str:
return f"<Token(id={self.id})>" return f"<Token(id={self.id}, name={self.name}, active_course_id={self.active_course_id})>"
def is_unlocked(self, deck: str) -> bool : def is_unlocked(self, deck: str) -> bool :
return deck in [deck.deck for deck in self.decks] return deck in [deck.deck for deck in self.decks]

View File

@@ -110,7 +110,13 @@ def set_cookie(token):
next_url = url_for("main.index") next_url = url_for("main.index")
resp = make_response(redirect(next_url)) resp = make_response(redirect(next_url))
resp.set_cookie('access_token', serialize_token(token), httponly=True) resp.set_cookie(
'access_token',
serialize_token(token),
httponly=True,
samesite='Lax',
path='/'
)
return resp return resp
@main.route('/set_token', methods=['POST', 'GET']) @main.route('/set_token', methods=['POST', 'GET'])
@@ -135,11 +141,9 @@ def set_token():
flash(f'The username "{user_name}" does not exist.', 'error') flash(f'The username "{user_name}" does not exist.', 'error')
return render_template('set_token.html') return render_template('set_token.html')
next_url = session.pop('next_url', None) print(f"Set token {session}")
if not next_url:
next_url = url_for("main.index")
set_cookie(token) return set_cookie(token)
return render_template('set_token.html') return render_template('set_token.html')
@@ -173,7 +177,7 @@ def register():
token = create_token(user_name) token = create_token(user_name)
print(f"User registered: {user_name}") print(f"User registered: {user_name}")
set_cookie(token) return set_cookie(token)
# If GET request, render the form # If GET request, render the form
return render_template('register.html') return render_template('register.html')
@@ -226,11 +230,12 @@ def admin_login():
def process_access_code(access_code: str): def process_access_code(access_code: str):
token = get_token() token = get_token()
print(f"Process {token}")
if not token: if not token:
# remember where the user wanted to go # remember where the user wanted to go
session['next_url'] = url_for('main.access', access_code=access_code, method="GET") session['next_url'] = url_for('main.access_get', access_code=access_code)
print(session) print(f"Process {session}")
return redirect(url_for('main.set_token')) return redirect(url_for('main.set_token'))
password = db.session.execute( password = db.session.execute(

2
package-lock.json generated
View File

@@ -385,6 +385,7 @@
} }
], ],
"license": "MIT", "license": "MIT",
"peer": true,
"dependencies": { "dependencies": {
"baseline-browser-mapping": "^2.8.9", "baseline-browser-mapping": "^2.8.9",
"caniuse-lite": "^1.0.30001746", "caniuse-lite": "^1.0.30001746",
@@ -1171,6 +1172,7 @@
} }
], ],
"license": "MIT", "license": "MIT",
"peer": true,
"dependencies": { "dependencies": {
"nanoid": "^3.3.11", "nanoid": "^3.3.11",
"picocolors": "^1.1.1", "picocolors": "^1.1.1",