diff --git a/app/app.py b/app/app.py index b1eac97..c6f9e20 100644 --- a/app/app.py +++ b/app/app.py @@ -55,6 +55,13 @@ def access_tinfoil_shop(request): return serve_tinfoil_shop() +def access_shop(): + return render_template('index.html', games=get_all_titles(), admin_account_created=admin_account_created(), valid_keys=app_settings['valid_keys']) + +@access_required('shop') +def access_shop_auth(): + return access_shop() + @app.route('/') def index(): scan_library() @@ -63,9 +70,11 @@ def index(): if all(header in request_headers for header in TINFOIL_HEADERS): # if True: print(f"Tinfoil connection from {request.remote_addr}") - return access_tinfoil_shop(request) - - return render_template('index.html', games=get_all_titles(), valid_keys=app_settings['valid_keys']) + return access_tinfoil_shop(request) + + if not app_settings['shop']['public']: + return access_shop_auth() + return access_shop() @app.route('/settings') @access_required('admin') @@ -73,7 +82,7 @@ def settings_page(): with open(os.path.join(TITLEDB_DIR, 'languages.json')) as f: languages = json.load(f) languages = dict(sorted(languages.items())) - return render_template('settings.html', languages_from_titledb=languages, valid_keys=app_settings['valid_keys']) + return render_template('settings.html', languages_from_titledb=languages, admin_account_created=admin_account_created(), valid_keys=app_settings['valid_keys']) @app.get('/api/settings') def get_settings_api(): diff --git a/app/auth.py b/app/auth.py index 6b2f8cd..3b9a305 100644 --- a/app/auth.py +++ b/app/auth.py @@ -5,12 +5,24 @@ from db import * from flask_login import LoginManager +def admin_account_created(): + return len(User.query.filter_by(admin_access=True).all()) + +def unauthorized_json(): + response = login_manager.unauthorized() + resp = { + 'success': False, + 'status_code': response.status_code, + 'location': response.location + } + return jsonify(resp) + def access_required(access: str): def _access_required(f): @wraps(f) def decorated_view(*args, **kwargs): if not current_user.is_authenticated: - if len(User.query.filter_by(admin_access=True).all()): + if admin_account_created(): return login_manager.unauthorized() else: return f(*args, **kwargs) @@ -141,12 +153,14 @@ def signup_post(): backup_access = data['backup_access'] admin_access = data['admin_access'] - user = User.query.filter_by(user=username).first() # if this returns a user, then the email already exists in database + user = User.query.filter_by(user=username).first() # if this returns a user, then the user already exists in database if user: # if a user is found, we want to redirect back to signup page so user can try again print('user already exists') # Todo redirect to incoming page or return success: false return redirect(url_for('auth.signup')) + + existing_admin = admin_account_created() # create a new user with the form data. Hash the password so the plaintext version isn't saved. new_user = User(user=username, password=generate_password_hash(password, method='scrypt'), admin_access=admin_access, shop_access=shop_access, backup_access=backup_access) @@ -158,6 +172,12 @@ def signup_post(): resp = { 'success': signup_success } + + if not existing_admin and admin_access: + # First admin account created + resp['status_code'] = 302, + resp['location'] = '/settings' + return jsonify(resp) diff --git a/app/templates/index.html b/app/templates/index.html index 4d3849b..ab279cc 100644 --- a/app/templates/index.html +++ b/app/templates/index.html @@ -146,6 +146,19 @@ {% block content %}
+ {% if admin_account_created == false %} + + {% endif %} + {% if valid_keys == false %}