Add authentication and the basis of the browser module.

A user authentication module based on flask-security is added, which allows users to login and change/recover passwords etc. Custom templates are included for the user/password UIs. A new setup script will initialise the user (and later settings) DB, adding the first user and granting them an Administrator role. A redirects blueprint module is added to handle simple URL redirects. A browser module is added and currently renders a skeleton page with a menu bar, gravatar and jumbotron. NOTE FOR LATER: Currently this code might make the nice basis for any web app that needs user management and plugins. Hmmm....
2025-02-25 18:55:31 -06:00 · 2015-01-22 15:56:23 +00:00
parent 7fa40d7671
commit 10515431c7
40 changed files with 408 additions and 7 deletions
--- a/web/config.py
+++ b/web/config.py
@@ -10,6 +10,7 @@
 ##########################################################################

 from logging import *
+import os

 ##########################################################################
 # Application settings
@@ -73,11 +74,48 @@ CSRF_ENABLED = True

 # Secret key for signing CSRF data. Override this in config_local.py if 
 # running on a web server
-CSRF_SESSION_KEY = 'SuperSecret'
+CSRF_SESSION_KEY = 'SuperSecret1'

 # Secret key for signing cookies. Override this in config_local.py if 
 # running on a web server
-SECRET_KEY = 'SuperSecret'
+SECRET_KEY = 'SuperSecret2'
+
+# Salt used when hashing passwords. Override this in config_local.py if
+# running on a web server
+SECURITY_PASSWORD_SALT = 'SuperSecret3'
+
+# Hashing algorithm used for password storage
+SECURITY_PASSWORD_HASH = 'pbkdf2_sha512'
+
+##########################################################################
+# User account and settings storage
+##########################################################################
+
+# The default path to the SQLite database used to store user accounts and
+# settings. This default places the file in the same directory as this
+# config file, but generates an absolute path for use througout the app.
+SQLITE_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'pgadmin4.db')
+
+##########################################################################
+# Mail server settings
+##########################################################################
+
+# These settings are used when running in web server mode for confirming
+# and resetting passwords etc.
+MAIL_SERVER = 'smtp.gmail.com'
+MAIL_PORT = 465
+MAIL_USE_SSL = True
+MAIL_USERNAME = 'username'
+MAIL_PASSWORD = 'SuperSecret'
+
+##########################################################################
+# Mail content settings
+##########################################################################
+
+# These settings define the content of password reset emails
+SECURITY_EMAIL_SUBJECT_PASSWORD_RESET = "Password reset instructions for %s" % APP_NAME
+SECURITY_EMAIL_SUBJECT_PASSWORD_NOTICE = "Your %s password has been reset" % APP_NAME
+SECURITY_EMAIL_SUBJECT_PASSWORD_CHANGE_NOTICE = "Your password for %s has been changed" % APP_NAME

 ##########################################################################
 # Local config settings