Add multi user support

It is inspired by the following example: c760c0ef7c/README.md (usage)
2021-12-01 09:15:51 +01:00 · 2021-12-01 09:15:51 +01:00 · a5681a4b85
parent f70d90ba32
commit a5681a4b85
3 changed files with 38 additions and 14 deletions
--- a/ogcp/cfg/ogcp.json
+++ b/ogcp/cfg/ogcp.json
@ -2,6 +2,14 @@
 	"IP": "127.0.0.1",
 	"PORT": 8888,
 	"API_TOKEN": "c3fe7bb0395747ec42a25df027585871",
-	"USER": "user",
-	"PASS": "pass"
+	"USERS": [
+		{
+			"USER": "admin",
+			"PASS": "pass"
+		},
+		{
+			"USER": "user",
+			"PASS": "pass"
+		}
+	]
 }
--- a/ogcp/models.py
+++ b/ogcp/models.py
@ -8,5 +8,5 @@
 from flask_login import UserMixin

 class User(UserMixin):
-    def get_id(self):
-        return 1
+    def __init__(self, username):
+        self.id = username
--- a/ogcp/views.py
+++ b/ogcp/views.py
@ -154,12 +154,31 @@ def get_scopes(ips=set()):

    return scopes, clients

-@login_manager.user_loader
-def load_user(user_id):
-    if user_id == 1:
-        return User()
+def authenticate_user(username, pwd):
+    for user in app.config['USERS']:
+        if user.get("USER") == username:
+            if user.get("PASS") == pwd:
+                return user
+            else:
+                flash(_('Incorrect password'))
+                return None
+    flash(_('Incorrect user name'))
    return None

+def get_user(username):
+    for user in app.config['USERS']:
+        if user.get("USER") == username:
+            return user
+    return None
+
+@login_manager.user_loader
+def load_user(username):
+    if not get_user(username):
+        return None
+
+    user = User(username)
+    return user
+
@app.before_request
 def load_config():
    g.server = OGServer()
@ -194,15 +213,12 @@ def index():
 def login():
    form = LoginForm(request.form)
    if request.method == 'POST' and form.validate():
-        user = User()
        form_user = request.form['user']
        pwd = request.form['pwd']
-        if form_user != app.config['USER']:
-            flash(_('Incorrect user name'))
-            return render_template('auth/login.html', form=form)
-        if pwd != app.config['PASS']:
-            flash(_('Incorrect password'))
+        user_dict = authenticate_user(form_user, pwd)
+        if not user_dict:
            return render_template('auth/login.html', form=form)
+        user = User(form_user)
        login_user(user)
        return redirect(url_for('index'))
    return render_template('auth/login.html', form=LoginForm())