1
Fork 0
mirror of https://github.com/Steffo99/estus.git synced 2024-11-25 00:54:18 +00:00

Add 400 error page and remember login checkbox

This commit is contained in:
Steffo 2017-09-14 14:55:39 +02:00
parent afb4dc2e0a
commit ddb2c4cd0a
3 changed files with 35 additions and 4 deletions

View file

@ -19,8 +19,8 @@ class User(db.Model):
__tablename__ = "website_users" __tablename__ = "website_users"
uid = db.Column(db.Integer, primary_key=True) uid = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String, unique=True) username = db.Column(db.String, unique=True, nullable=False)
passwd = db.Column(db.LargeBinary) passwd = db.Column(db.LargeBinary, nullable=False)
def __init__(self, username, passwd): def __init__(self, username, passwd):
self.username = username self.username = username
@ -73,7 +73,7 @@ class Impiegato(db.Model):
iid = db.Column(db.Integer, primary_key=True) iid = db.Column(db.Integer, primary_key=True)
sid = db.Column(db.Integer, db.ForeignKey('servizi.sid')) sid = db.Column(db.Integer, db.ForeignKey('servizi.sid'))
nomeimpiegato = db.Column(db.String) nomeimpiegato = db.Column(db.String)
username = db.Column(db.String, unique=True) username = db.Column(db.String)
passwd = db.Column(db.String) passwd = db.Column(db.String)
dispositivi = db.relationship("Accesso", backref='impiegato', lazy='dynamic', cascade="delete") dispositivi = db.relationship("Accesso", backref='impiegato', lazy='dynamic', cascade="delete")
@ -218,6 +218,7 @@ def page_login():
else: else:
if login(request.form['username'], request.form['password']): if login(request.form['username'], request.form['password']):
session['username'] = request.form['username'] session['username'] = request.form['username']
session.permanent = request.form['remember']
return redirect(url_for('page_dashboard')) return redirect(url_for('page_dashboard'))
else: else:
return render_template('error.htm', error="Username o password non validi.") return render_template('error.htm', error="Username o password non validi.")
@ -771,6 +772,11 @@ def page_pheesh():
return render_template("pheesh.htm", user=session.get("username"), pheesh=pesci, footer=False) return render_template("pheesh.htm", user=session.get("username"), pheesh=pesci, footer=False)
@app.errorhandler(400)
def page_400(_):
return render_template('400.htm', user=session.get("username"))
@app.errorhandler(403) @app.errorhandler(403)
def page_403(_): def page_403(_):
return render_template('403.htm', user=session.get("username")) return render_template('403.htm', user=session.get("username"))

20
templates/400.htm Normal file
View file

@ -0,0 +1,20 @@
{% extends 'base.htm' %}
{% block title %}Non autorizzato • estus{% endblock %}
{% block extrahead %}
<script>
window.onload = function() {
setTimeout(function() {
window.history.back();
}, 4000)
}
</script>
{% endblock %}
{% block content %}
<div class="alert alert-danger" role="alert">
<b>400 Bad Request:</b> Hai mandato al server una richiesta senza tutti i campi richiesti.<br>
Il problema non è un campo rimasto vuoto, ma un campo che per qualche motivo è completamente assente.
</div>
<div>
Sarai reindirizzato alla pagina precedente entro 4 secondi (se hai abilitato il javascript).
</div>
{% endblock %}

View file

@ -7,6 +7,11 @@
<form class="form-inline" action="/login" method="post"> <form class="form-inline" action="/login" method="post">
<input class="form-control" type="text" placeholder="Username" name="username"> <input class="form-control" type="text" placeholder="Username" name="username">
<input class="form-control" type="password" placeholder="Password" name="password"> <input class="form-control" type="password" placeholder="Password" name="password">
<input class="btn btn-primary" type="submit"> <div class="checkbox">
<label>
<input type="checkbox" name="remember"> Rimani connesso per 1 mese (o finchè non cancelli i cookie!)
</label>
</div>
<input class="btn btn-primary" type="submit" value="Login">
</form> </form>
{% endblock %} {% endblock %}