alexander/zeiterfassung
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Login Seite entfernt. Ist in Hauptseite integriert

Browse Source 
Löschsperre für Adminuser eingefügt
Kommandozeilenfunktion für Adminanlage angepasst.
This commit is contained in:
Alexander Malzkuhn 2025-10-27 09:37:59 +01:00
parent 0b478b5e2e
commit 47a71ebf44
4 changed files with 45 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
lib/admin.py
View File

@ -44,6 +44,10 @@ def page_admin():
updates_available = ValueBinder() updates_available = ValueBinder()
updates_available.value = False updates_available.value = False
delete_binder = ValueBinder()
delete_binder.value = True
delete_info = ValueBinder()
delete_info.value = False
enabled_because_not_docker = ValueBinder enabled_because_not_docker = ValueBinder
if is_docker(): if is_docker():
@ -1091,7 +1095,6 @@ def page_admin():
workhours = [ ] workhours = [ ]
with ui.row(): with ui.row():
def user_selection_changed(): def user_selection_changed():
try: try:
if user_selection.value != None: if user_selection.value != None:
@ -1100,7 +1103,14 @@ def page_admin():
fullname_input.value = current_user.fullname fullname_input.value = current_user.fullname
#password_input.value = current_user.password #password_input.value = current_user.password
usersettingscard.visible = True usersettingscard.visible = True
if current_user.username in get_admin_list():
delete_info.value = True
delete_binder.value = False
else:
delete_info.value = False
delete_binder.value = True
print(delete_info.value)
print(delete_binder.value)
api_key_input.value = current_user.api_key api_key_input.value = current_user.api_key
api_link_column.clear() api_link_column.clear()
@ -1338,10 +1348,11 @@ def page_admin():
for i in app.urls: for i in app.urls:
stamp_link.append(ui.link(f'{i}/api/stamp/"API-Schüssel"')) stamp_link.append(ui.link(f'{i}/api/stamp/"API-Schüssel"'))
ui.label("Administratoren können nicht gelöscht werden. Um das Konto zu löschen, müssen Sie ihm zuerst die Administrationsrechte entziehen.").bind_visibility_from(delete_info, 'value').classes('font-bold text-red')
with ui.grid(columns=2): with ui.grid(columns=2):
ui.button("Speichern", on_click=save_user_settings).tooltip("Klicken Sie hier um die Änderungen zu speichern.") ui.button("Speichern", on_click=save_user_settings).tooltip("Klicken Sie hier um die Änderungen zu speichern.")
ui.button("Löschen", on_click=del_user) ui.button("Löschen", on_click=del_user).bind_enabled_from(delete_binder, 'value')
usersettings_card() usersettings_card()

42
lib/login.py
View File

@ -1,42 +0,0 @@
from datetime import datetime
from nicegui import ui, app
from lib.web_ui import *
from lib.users import *
from lib.definitions import *
from calendar import monthrange
import hashlib
import calendar
import locale
@ui.page('/login')
def page_login():
# Settingsdatei einlesen
data = load_adminsettings()
def login():
nonlocal data
print(username.value)
if username.value in get_admin_list():
#TODO Loginprozess anpassen_
if hash_password(password.value) == data["admin_password"]:
app.storage.user['admin_authenticated'] = True
#TODO Weiterleitungsauswahl ob zum Stempeln oder Administration
ui.navigate.to("/admin")
else:
ui.notify("Login fehlgeschlagen")
#ui.markdown(f"## {app_title} {app_version}")
#ui.markdown("Bitte einloggen")
pageheader("Bitte einloggen:")
with ui.grid(columns=2):
ui.markdown("Benutzer:")
username = ui.input('Benutzername')
ui.markdown("Passwort:")
password = ui.input('Passwort', password=True)
ui.button(text="Login", on_click=lambda: login())

34
main.py
View File

@ -4,7 +4,6 @@ import os.path
from lib.web_ui import * from lib.web_ui import *
from lib.admin import * from lib.admin import *
from lib.login import *
from lib.users import * from lib.users import *
from lib.touchscreen import * from lib.touchscreen import *
from lib.definitions import * from lib.definitions import *
@ -85,11 +84,34 @@ if __name__ in ("__main__", "__mp_main__"):
print("Sollen diese Einstellungen übernommen werden? j=Ja") print("Sollen diese Einstellungen übernommen werden? j=Ja")
question = input() question = input()
if question == "j": if question == "j":
admin_settings["admin_user"] = admin_user if not os.path.exists(userfolder):
admin_settings["admin_password"] = hash_password(admin_password) os.makedirs(userfolder)
json_dict = json.dumps(admin_settings, indent=4) print("Kein Ordner mit Benutzerdaten gefunden. Lege ihn an.")
with open(os.path.join(scriptpath, usersettingsfilename), "w") as outputfile: if not os.path.exists(os.path.join(userfolder, admin_user)):
outputfile.write(json_dict) print("Benutzer existiert noch nicht. Lege ihn an.")
os.makedirs(os.path.join(userfolder, admin_user))
start_date_dt = datetime.datetime.now()
start_date = start_date_dt.strftime("%Y-%m-%d")
settings_to_write = standard_usersettings
settings_to_write["workhours"][start_date] = {}
settings_to_write["fullname"] = "Administrator"
settings_to_write["username"] = admin_user
# API-Key erzeugen
string_to_hash = f'{admin_user}_{datetime.datetime.now().timestamp()}'
hash_string = hashlib.shake_256(bytes(string_to_hash, 'utf-8')).hexdigest(20)
settings_to_write["api_key"] = hash_string
for i in range(1, 8):
settings_to_write["workhours"][start_date][str(i)] = 0
settings_to_write["workhours"][start_date]["vacation"] = 0
with open(f"{userfolder}/{admin_user}/{usersettingsfilename}", 'w') as json_file:
json_dict = json.dumps(standard_usersettings, indent=4)
json_file.write(json_dict)
current_user = user(admin_user)
current_user.password = hash_password(admin_password)
current_user.write_settings()
admin_users_list = load_adminsettings()["admin_user"]
admin_users_list[str(len(admin_users_list))] = admin_user
write_adminsetting("admin_user", admin_users_list)
print("Daten geschrieben") print("Daten geschrieben")
quit() quit()
else: else:

3
settings.json
View File

@ -1,6 +1,7 @@
{ {
"admin_user": { "admin_user": {
"0": "admin" "0": "admin",
"1": "admin2"
}, },
"port": "8090", "port": "8090",
"secret": "ftgzuhjikg,mt5jn46uzer8sfi9okrmtzjhndfierko5zltjhdgise", "secret": "ftgzuhjikg,mt5jn46uzer8sfi9okrmtzjhndfierko5zltjhdgise",