summaryrefslogtreecommitdiffstats
path: root/ogcp/templates/auth
Commit message (Collapse)AuthorAgeFilesLines
* views: make password optional in user/editAlejandro Sirgo Rica2024-06-191-2/+2
| | | | | | | | | Add the option to leave the password fields empty in the form. When the passwords are not set the user keeps the old password configuration. Define a EditUserForm based on UserForm in forms/auth.py to remove the InputRequired validator in the password fields. Update the html template to make the password fields optional.
* forms: use checkboxes for scope selection in UserFormAlejandro Sirgo Rica2024-06-142-9/+80
| | | | | | | Enable selection of multiple scopes in user/add and user/edit for restricted users. Replace quick form creation with an inline form definition in add_user.html and edit_user.html
* templates: remove dead code from edit_user.htmlAlejandro Sirgo Rica2024-06-141-8/+0
| | | | | Remove the <script> block as the function digestUserFormPassword no longer exists.
* Move password hashing to the backendJavier Sánchez Parra2022-06-302-20/+2
| | | | | | | | | | | This patch moves login password hashing from the frontend/javascript to the backend/flask. This patch moves password hashing of login and user management forms. Related commits: * c7b0024 ("Add password hashing") * 661254b ("Add 'Add user' to Users section")
* Add 'Delete user' to Users sectionv0.9.2Javier Sánchez Parra2022-04-271-0/+17
| | | | | Creates "Delete user" form. The user to be deleted is selected from the sidebar in Users section.
* Add 'Edit user' to Users sectionJavier Sánchez Parra2022-04-271-0/+26
| | | | | | Creates "Edit user" form with the following inputs: password, password confirmation, role (administrator or regular), allowed scopes. It does no allow to change/edit the username.
* Add 'Add user' to Users sectionJavier Sánchez Parra2022-04-271-0/+26
| | | | | Creates "Add user" form with the following inputs: username, password, password confirmation, role (administrator or regular), allowed scopes.
* Add password hashingJavier Sánchez Parra2022-04-221-1/+9
| | | | | | | | | | | The front-end now hashes passwords before sending them to the back-end. It uses SHA-512. This commit adds a hidden input which sends the password hash to not interfere with browsers' save password functionality. Also change passwords of the template configuration file for their hashed/digested versions.
* Rename "submit" to "submit_btn"Javier Sánchez Parra2022-04-221-1/+1
| | | | | Otherwise, wtforms use "submit" as id of the <input> tag, shadowing javascript function ".submit()".
* Restyle login.html templateDaniel García Moreno2021-06-011-5/+20
| | | | | | | | | Update the login template based on the AdminLTE extra page: https://adminlte.io/themes/v3/pages/examples/login.html This patch also adds a font-awesome icon to the login page, we've font-awesome from the AdminLTE plugins so we can use this icons in the interface.
* Add loginJose M. Guisado2021-03-051-0/+12
Ogcp requires a simple login page in order to avoid exposure of the ogServer API to anyone trying to access the web page. Because the main authorization mechanism in ogServer is the api token the login implemented for the ogcp does not include registration process but a single user and password specified in the ogcp.json. "USER": "user", "PASS": "pass" Adds two new views: /login and /logout. They are used to login the user so that the rest of views regarding ogServer functionality can be accessed in a "login required" fashion. Index view (/) is an exception, it can be accessed logged in or not so different data can be displayed. Templates can now access a variable "current_user" to get information about login status. This is a Flask-Login feature. - Templates regarding login can be found in templates/auth/ - Login form is defined in forms/auth.py to separate it from action_forms.py - Adds Flask-Login module to requirements.txt - Adds default user and pass in ogcp.json