from flask import Flask, render_template, redirect, url_for, flash from flask_bs4 import Bootstrap from flask_wtf import FlaskForm from wtforms import StringField, SubmitField, EmailField, PasswordField, SelectField from wtforms.validators import DataRequired from flask_sqlalchemy import SQLAlchemy from flask_login import LoginManager, UserMixin, login_user, login_required, current_user, logout_user from flask_bcrypt import Bcrypt import secrets import os app = Flask(__name__) bootstrap = Bootstrap(app) bcrypt = Bcrypt(app) app.config['SECRET_KEY'] = secrets.token_urlsafe(32) # konfiguracja bazy danych base_dir = os.path.abspath(os.path.dirname(__file__)) app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' + os.path.join(base_dir, 'data/users.sqlite') db = SQLAlchemy(app) # tabele w bazie danych class Users(db.Model, UserMixin): id = db.Column(db.Integer, primary_key=True) user_email = db.Column(db.String(50), unique=True) user_password = db.Column(db.String(50)) user_first_name = db.Column(db.String(20)) user_last_name = db.Column(db.String(30)) user_role = db.Column(db.String(20)) def is_authenticated(self): return True # konfiguracja Flask-Login login_manager = LoginManager() login_manager.init_app(app) login_manager.login_view = 'login' login_manager.login_message = 'Nie jesteś zalogowany' login_manager.login_message_category = 'warning' @login_manager.user_loader def load_user(id): return Users.query.filter_by(id=id).first() # formularze class LoginForm(FlaskForm): """logowanie użytkowników""" user_email = EmailField('Email', validators=[DataRequired()], render_kw={"placeholder": "Email"}) user_password = PasswordField('Hasło', validators=[DataRequired()], render_kw={"placeholder": "Hasło"}) submit = SubmitField('Zaloguj') class RegisterForm(FlaskForm): """rejestracja użytkowników""" user_email = EmailField('Email', validators=[DataRequired()], render_kw={"placeholder": "Email"}) user_password = PasswordField('Hasło', validators=[DataRequired()], render_kw={"placeholder": "Hasło"}) user_first_name = StringField('Imię', validators=[DataRequired()], render_kw={"placeholder": "Imię"}) user_last_name = StringField('Nazwisko', validators=[DataRequired()], render_kw={"placeholder": "Nazwisko"}) submit = SubmitField('Rejestruj') class AddUsersForm(FlaskForm): """formularz dodawania użytkowników""" user_email = EmailField('Email', validators=[DataRequired()], render_kw={"placeholder": "Email"}) user_password = PasswordField('Hasło', validators=[DataRequired()], render_kw={"placeholder": "Hasło"}) user_first_name = StringField('Imię', validators=[DataRequired()], render_kw={"placeholder": "Imię"}) user_last_name = StringField('Nazwisko', validators=[DataRequired()], render_kw={"placeholder": "Nazwisko"}) user_role = SelectField('Uprawnienia', validators=[DataRequired()], choices=[('user', 'Użytkownik'), ('admin', 'Administrator')]) submit = SubmitField('Dodaj') @app.route('/') def index(): return render_template('index.html', title='Home', header='Zarządzanie użytkownikami') @app.route('/login', methods=['GET', 'POST']) def login(): user = Users.query.all() if not user: return redirect(url_for('register')) else: login_form = LoginForm() if login_form.validate_on_submit(): user = Users.query.filter_by(user_email=login_form.user_email.data).first() if user: if bcrypt.check_password_hash(user.user_password, login_form.user_password.data): login_user(user) return redirect(url_for('dashboard')) return render_template('login.html', title='Logowanie', header='Logowanie', login_form=login_form) @app.route('/register', methods=['GET', 'POST']) def register(): register_form = RegisterForm() user = Users.query.all() if register_form.validate_on_submit() and not user: try: hash_password = bcrypt.generate_password_hash(register_form.user_password.data) new_user = Users(user_email=register_form.user_email.data, user_password=hash_password, user_first_name=register_form.user_first_name.data, user_last_name=register_form.user_last_name.data, user_role='admin') db.session.add(new_user) db.session.commit() flash('Konto utworzone poprawnie', 'success') return redirect(url_for('login')) except Exception: flash('Taki adres email istnieje, użyj innego', 'danger') elif register_form.validate_on_submit(): try: hash_password = bcrypt.generate_password_hash(register_form.user_password.data) new_user = Users(user_email=register_form.user_email.data, user_password=hash_password, user_first_name=register_form.user_first_name.data, user_last_name=register_form.user_last_name.data, user_role='user') db.session.add(new_user) db.session.commit() flash('Konto utworzone poprawnie', 'success') return redirect(url_for('login')) except Exception: flash('Taki adres email istnieje, użyj innego', 'danger') return render_template('register.html', title='Logowanie', header='Logowanie', register_form=register_form) @app.route('/logout', methods=['GET', 'POST']) @login_required def logout(): logout_user() return redirect(url_for('login')) @app.route('/dashboard') @login_required def dashboard(): add_users_form = AddUsersForm() users = Users.query.all() return render_template('dashboard.html', title='Dashboard', users=users, add_users_form=add_users_form) @app.route('/edit-user', methods=['GET', 'POST']) @login_required def edit_users(): pass @app.route('/add-user', methods=['GET', 'POST']) @login_required def add_users(): add_users_form = AddUsersForm() if add_users_form.validate_on_submit(): try: hash_password = bcrypt.generate_password_hash(add_users_form.user_password.data) new_user = Users(user_email=add_users_form.user_email.data, user_password=hash_password, user_first_name=add_users_form.user_first_name.data, user_last_name=add_users_form.user_last_name.data, user_role=add_users_form.user_role.data) db.session.add(new_user) db.session.commit() flash('Konto utworzone poprawnie', 'success') return redirect(url_for('dashboard')) except Exception: flash('Taki adres email istnieje, użyj innego', 'danger') if __name__ == '__main__': with app.app_context(): db.create_all() app.run(debug=True)