Browse Source

dashboard ui's changed

master
Juni Kim 2 years ago
parent
commit
fe6f5eccac
  1. 15
      app.py
  2. 19
      templates/admin.html
  3. 4
      templates/login.html
  4. 2
      templates/register.html
  5. 3
      templates/user.html

15
app.py

@ -142,10 +142,11 @@ def handler_403(msg):
# Admin routes
@app.route('/dashboard')
def admin_root():
user = User.query.filter_by(username=session.get('user')).one_or_404()
if 'admin' in session:
return render_template("admin.html", user=session.get("admin"))
return render_template("admin.html", user=user)
if 'user' in session:
return render_template("user.html", user=session.get("user"))
return render_template("user.html", user=user)
return User.authorize_or_redirect(admin=False) or ""
@ -192,6 +193,16 @@ def accounts_edit():
return render_template("account_edit.html", user=object_as_dict(user), success=True)
@app.route('/accounts/view')
def accounts_all():
if "admin" not in session:
abort(403)
users = [object_as_dict(u) for u in User.query.all()]
for u in users:
u.pop("password")
return jsonify(users)
@app.route('/accounts/view/<int:id>')
def accounts_view(id):
user = User.query.filter_by(id=id).one_or_404()

19
templates/admin.html

@ -4,9 +4,8 @@
href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/styles/default.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/11.7.0/highlight.min.js"></script>
<script>hljs.highlightAll();</script>
<h1>Admin Dashboard</h1>
<h1>Welcome, {{user.name | safe}} (Admin)</h1>
<article>
<p>Logged in as {{user}}</p>
<a href="{{url_for('accounts_edit')}}">
<button>
Edit your profile
@ -27,10 +26,20 @@
Batch Search Chemicals
</button>
</a>
<h2>Admin Authentication</h2>
<h2>Authentication-Related</h2>
<p>
Since there is now an admin, only admins can create new admin accounts. You can do so through the <code>/admin/create</code>
route.
Only Admins are capable of creating new admins.
<br>
<a href="{{url_for('accounts_create')}}">
<button>
Add a new user
</button>
</a>
<a href="{{url_for('accounts_all')}}">
<button>
JSON of all users
</button>
</a>
</p>
<h2>API Routes</h2>
<ul>

4
templates/login.html

@ -1,6 +1,6 @@
{% extends "base.html" %}
{% block content %}
<h1>Admin Login</h1>
<h1>Login</h1>
<form method="post">
<label for="username">Username:</label>
<input id="username" name="username" type="text" required="required">
@ -15,4 +15,4 @@
{% elif fail %}
<p style="color:darkred">Login Failed. Please try again.</p>
{% endif %}
{% endblock %}
{% endblock %}

2
templates/register.html

@ -1,6 +1,6 @@
{% extends "base.html" %}
{% block content %}
<h1>Admin Login</h1>
<h1>Add New User</h1>
<script defer>
window.onload = () => {
const uname_el = document.getElementById("username")

3
templates/user.html

@ -1,8 +1,7 @@
{% extends "base.html" %}
{% block content %}
<h1>Regular User Dashboard</h1>
<h1>Welcome, {{user.name | safe}}</h1>
<article>
<p>Logged in as {{user}}</p>
<a href="{{url_for('batch_query_request')}}">
<button>
Batch Search Chemicals

Loading…
Cancel
Save