diff --git a/server.py b/server.py
index 5c8574ee70af32d368c3a5c881e71ea7c501ee7c..ba24baae948825c7b7bda197f90d755b035ffb36 100755
--- a/server.py
+++ b/server.py
@@ -1,5 +1,6 @@
-#!/bin/python
+
from flask import *
+from functools import wraps
import sqlite3
import os
import re
@@ -109,6 +110,16 @@ def ldapget(user):
else:
return notldap[user][2]
+def login_required(func):
+ @wraps(func)
+ def decorator(*args, **kwargs):
+ if not 'user' in session:
+ flash('Diese Funktion ist nur für Moderatoren verfügbar!')
+ return redirect(url_for('login', ref=request.url))
+ else:
+ return func(*args, **kwargs)
+ return decorator
+
@app.route('/')
def index():
return render_template('index.html', latestvideos=query('''
@@ -172,8 +183,10 @@ def course():
else:
return redirect(url_for('index'))
-@app.route('/login', methods=['POST'])
+@app.route('/login', methods=['GET', 'POST'])
def login():
+ if request.method == 'GET':
+ return render_template('login.html')
user, groups = ldapauth(request.form.get('user'), request.form.get('password'))
if user and 'users' in groups:
session['user'] = ldapget(user)
diff --git a/templates/login.html b/templates/login.html
new file mode 100644
index 0000000000000000000000000000000000000000..ea3a4d4679cbf3790577b92db695a5973735d7d7
--- /dev/null
+++ b/templates/login.html
@@ -0,0 +1,22 @@
+{% extends "base.html" %}
+{% block content %}
+<div class="row">
+ <div class="col-xs-offset-1 col-xs-10">
+ <div class="panel panel-default">
+ <div class="panel-heading">
+ <h1 class="panel-title">Login für Moderatoren</h1>
+ </div>
+ <div class="panel-body">
+ <form method="post" action="login">
+ <input placeholder="User" name="user" type="text"><br>
+ <input placeholder="Password" name="password" type="password"><br>
+ {% if 'ref' in request.values %}
+ <input type="hidden" name="ref" value="{{ request.values.ref|e }}">
+ {% endif %}
+ <input type="submit" value="Login">
+ </form>
+ </div>
+ </div>
+ </div>
+</div>
+{% endblock %}