From d7b0d5eba202b3519fa399239bffaebce5a8ff53 Mon Sep 17 00:00:00 2001 From: Michel Roux Date: Mon, 27 Apr 2020 14:02:38 +0200 Subject: [PATCH] Update README and Flask-HTTPAuth --- README.md | 6 ++---- pynyaata/__init__.py | 3 ++- pynyaata/config.py | 3 ++- requirements.txt | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 5b85e66..0787748 100644 --- a/README.md +++ b/README.md @@ -20,10 +20,8 @@ After a good rewrite in Python, it's time to show it to the public, and here it - Install Python 3: https://www.python.org/downloads/ - Install Pip: https://pip.pypa.io/en/stable/installing/ -- Clone this repository -- Launch a terminal and move into the root of the cloned repository -- Run `pip install -r requirements.txt` -- Run `python3 run.py` or simply `pynyaata` +- Run `pip install pynyaata` +- Run `pynyaata` - The app is accessible at http://localhost:5000 ## Features diff --git a/pynyaata/__init__.py b/pynyaata/__init__.py index 70e1ce2..e6742da 100644 --- a/pynyaata/__init__.py +++ b/pynyaata/__init__.py @@ -2,6 +2,7 @@ from functools import wraps from operator import attrgetter, itemgetter from flask import redirect, render_template, request, url_for, abort +from werkzeug.security import check_password_hash from .config import app, auth, ADMIN_USERNAME, ADMIN_PASSWORD, MYSQL_ENABLED, APP_PORT, IS_DEBUG from .connectors import * @@ -26,7 +27,7 @@ def mysql_required(f): @auth.verify_password def verify_password(username, password): - return username == ADMIN_USERNAME and password == ADMIN_PASSWORD + return username == ADMIN_USERNAME and check_password_hash(ADMIN_PASSWORD, password) @app.template_filter('boldify') diff --git a/pynyaata/config.py b/pynyaata/config.py index bc75466..eef232d 100644 --- a/pynyaata/config.py +++ b/pynyaata/config.py @@ -4,12 +4,13 @@ from flask import Flask from flask.cli import load_dotenv from flask_httpauth import HTTPBasicAuth from flask_sqlalchemy import SQLAlchemy +from werkzeug.security import generate_password_hash load_dotenv() IS_DEBUG = environ.get('FLASK_ENV', 'production') == 'development' ADMIN_USERNAME = environ.get('ADMIN_USERNAME', 'admin') -ADMIN_PASSWORD = environ.get('ADMIN_PASSWORD', 'secret') +ADMIN_PASSWORD = generate_password_hash(environ.get('ADMIN_PASSWORD', 'secret')) APP_PORT = environ.get('FLASK_PORT', 5000) CACHE_TIMEOUT = environ.get('CACHE_TIMEOUT', 60 * 60) BLACKLIST_WORDS = environ.get('BLACKLIST_WORDS', '').split(',') diff --git a/requirements.txt b/requirements.txt index d4154df..a507529 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ Flask==1.1.2 Flask-SQLAlchemy==2.4.1 -Flask-HTTPAuth==3.3.0 +Flask-HTTPAuth==4.0.0 Flask-WTF==0.14.3 WTForms==2.3.1 PyMySQL==0.9.3