100 Zeilen
3.1 KiB
Python
100 Zeilen
3.1 KiB
Python
import os
|
|
import psycopg2
|
|
from flask import Flask, render_template, request, redirect, session, url_for
|
|
from flask_session import Session
|
|
from functools import wraps
|
|
from dotenv import load_dotenv
|
|
|
|
load_dotenv()
|
|
|
|
app = Flask(__name__)
|
|
app.config['SECRET_KEY'] = os.urandom(24)
|
|
app.config['SESSION_TYPE'] = 'filesystem'
|
|
Session(app)
|
|
|
|
# Login decorator
|
|
def login_required(f):
|
|
@wraps(f)
|
|
def decorated_function(*args, **kwargs):
|
|
if 'logged_in' not in session:
|
|
return redirect(url_for('login'))
|
|
return f(*args, **kwargs)
|
|
return decorated_function
|
|
|
|
# DB-Verbindung
|
|
def get_connection():
|
|
return psycopg2.connect(
|
|
host=os.getenv("POSTGRES_HOST", "postgres"),
|
|
port=os.getenv("POSTGRES_PORT", "5432"),
|
|
dbname=os.getenv("POSTGRES_DB"),
|
|
user=os.getenv("POSTGRES_USER"),
|
|
password=os.getenv("POSTGRES_PASSWORD")
|
|
)
|
|
|
|
@app.route("/login", methods=["GET", "POST"])
|
|
def login():
|
|
if request.method == "POST":
|
|
username = request.form.get("username")
|
|
password = request.form.get("password")
|
|
|
|
# Check gegen beide Admin-Accounts aus .env
|
|
admin1_user = os.getenv("ADMIN1_USERNAME")
|
|
admin1_pass = os.getenv("ADMIN1_PASSWORD")
|
|
admin2_user = os.getenv("ADMIN2_USERNAME")
|
|
admin2_pass = os.getenv("ADMIN2_PASSWORD")
|
|
|
|
if ((username == admin1_user and password == admin1_pass) or
|
|
(username == admin2_user and password == admin2_pass)):
|
|
session['logged_in'] = True
|
|
session['username'] = username
|
|
return redirect(url_for('dashboard'))
|
|
else:
|
|
return render_template("login.html", error="Ungültige Anmeldedaten")
|
|
|
|
return render_template("login.html")
|
|
|
|
@app.route("/logout")
|
|
def logout():
|
|
session.pop('logged_in', None)
|
|
session.pop('username', None)
|
|
return redirect(url_for('login'))
|
|
|
|
@app.route("/", methods=["GET", "POST"])
|
|
@login_required
|
|
def dashboard():
|
|
if request.method == "POST":
|
|
name = request.form["customer_name"]
|
|
email = request.form["email"]
|
|
license_key = request.form["license_key"]
|
|
license_type = request.form["license_type"]
|
|
valid_from = request.form["valid_from"]
|
|
valid_until = request.form["valid_until"]
|
|
|
|
conn = get_connection()
|
|
cur = conn.cursor()
|
|
|
|
# Kunde einfügen (falls nicht vorhanden)
|
|
cur.execute("""
|
|
INSERT INTO customers (name, email, created_at)
|
|
VALUES (%s, %s, NOW())
|
|
RETURNING id
|
|
""", (name, email))
|
|
customer_id = cur.fetchone()[0]
|
|
|
|
# Lizenz hinzufügen
|
|
cur.execute("""
|
|
INSERT INTO licenses (license_key, customer_id, license_type, valid_from, valid_until, is_active)
|
|
VALUES (%s, %s, %s, %s, %s, TRUE)
|
|
""", (license_key, customer_id, license_type, valid_from, valid_until))
|
|
|
|
conn.commit()
|
|
cur.close()
|
|
conn.close()
|
|
|
|
return redirect("/")
|
|
|
|
return render_template("index.html", username=session.get('username'))
|
|
|
|
if __name__ == "__main__":
|
|
app.run(host="0.0.0.0", port=443, ssl_context='adhoc')
|