Allow unprivileged view

Closes: #101
This commit is contained in:
Edward Betts 2024-02-25 09:08:19 +00:00
parent f3f9ee5bf9
commit 8f749c8e35
4 changed files with 43 additions and 9 deletions

View file

@ -312,7 +312,6 @@ def get_busy_events(
url=flask.url_for("trip_page", start=trip.start.isoformat()),
)
)
# pprint(events)
busy_events = [
e
@ -426,7 +425,11 @@ async def get_data(
holiday_list = holidays.get_all(last_year, next_year, data_dir)
events += holidays.combine_holidays(holiday_list)
events += birthday.get_birthdays(last_year, os.path.join(my_data, "entities.yaml"))
if flask.g.user.is_authenticated:
events += birthday.get_birthdays(
last_year, os.path.join(my_data, "entities.yaml")
)
events += domains.renewal_dates(my_data)
events += accommodation_events
events += travel.all_events(my_data)
events += conference.get_list(os.path.join(my_data, "conferences.yaml"))
@ -440,8 +443,6 @@ async def get_data(
events += hn.whoishiring(last_year, next_year)
events += rio_carnival_events(last_year, next_year)
events += domains.renewal_dates(my_data)
# hide markets that happen while away
optional = [
e

View file

@ -86,7 +86,13 @@
</div>
<div class="grid-item">{{ item.duration }}</div>
<div class="grid-item">{{ full_flight_number }}</div>
<div class="grid-item">{{ item.booking_reference }}</div>
<div class="grid-item">
{% if g.user.is_authenticated %}
{{ item.booking_reference }}
{% else %}
<em>redacted</em>
{% endif %}
</div>
<div class="grid-item">
<a href="https://www.flightradar24.com/data/flights/{{ full_flight_number | lower }}">flightradar24</a>
| <a href="https://uk.flightaware.com/live/flight/{{ full_flight_number | replace("U2", "EZY") }}">FlightAware</a>
@ -106,6 +112,12 @@
</div>
<div class="grid-item">{{ ((item.arrive - item.depart).total_seconds() // 60) | int }} mins</div>
<div class="grid-item">{{ item.operator }}</div>
<div class="grid-item">{{ item.booking_reference }}</div>
<div class="grid-item">
{% if g.user.is_authenticated %}
{{ item.booking_reference }}
{% else %}
<em>redacted</em>
{% endif %}
</div>
<div class="grid-item"></div>
{% endmacro %}

View file

@ -31,7 +31,11 @@
{% endfor %}
</ul>
<ul class="navbar-nav ms-auto">
<li class="nav-item"><a class="nav-link" href="{{ config.UNIAUTH_URL }}/logout?next={{ request.url | urlencode }}">Logout</a></li>
{% if g.user.is_authenticated %}
<li class="nav-item"><a class="nav-link" href="{{ url_for("logout", next=request.url) }}">Logout</a></li>
{% else %}
<li class="nav-item"><a class="nav-link" href="{{ url_for("login", next=request.url) }}">Login</a></li>
{% endif %}
</ul>
</div>
</div>

View file

@ -28,11 +28,15 @@ app = flask.Flask(__name__)
app.debug = False
app.config.from_object("config.default")
app.before_request(UniAuth.auth.require_authentication)
agenda.error_mail.setup_error_mail(app)
@app.before_request
def handle_auth() -> None:
"""Handle autentication and set global user."""
flask.g.user = UniAuth.auth.get_current_user()
@app.errorhandler(werkzeug.exceptions.InternalServerError)
def exception_handler(e: werkzeug.exceptions.InternalServerError) -> tuple[str, int]:
"""Handle exception."""
@ -369,5 +373,18 @@ def auth_callback() -> tuple[str, int] | werkzeug.Response:
return UniAuth.auth.auth_callback()
@app.route("/login")
def login() -> werkzeug.Response:
"""Login."""
next_url = flask.request.args["next"]
return UniAuth.auth.redirect_to_login(next_url)
@app.route("/logout")
def logout() -> werkzeug.Response:
"""Logout."""
return UniAuth.auth.redirect_to_logout(flask.request.args["next"])
if __name__ == "__main__":
app.run(host="0.0.0.0")