diff options
Diffstat (limited to 'backend/main.py')
| -rw-r--r-- | backend/main.py | 53 |
1 files changed, 48 insertions, 5 deletions
diff --git a/backend/main.py b/backend/main.py index cbd7b10..e242389 100644 --- a/backend/main.py +++ b/backend/main.py @@ -135,7 +135,7 @@ class FinishRequestData(BaseModel): class OverrideMachineData(BaseModel): block: int machine_id: int - status: int # according to class Status + disabled: bool class Status(Enum): @@ -492,6 +492,13 @@ def delete_cookie_scheduler(cookie): pass +def authenticate_admin_check(cookie): + cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (cookie,)) + rows = cursor.fetchall() + + return len(rows) > 0 + + # --- admin login @app.post("/admin_login", response_class=PlainTextResponse) def admin_login(data: PlaintextPasswordData, response: fastapi.Response): @@ -525,16 +532,15 @@ def admin_login(data: PlaintextPasswordData, response: fastapi.Response): @app.post("/admin_check", response_class=PlainTextResponse) def admin_check(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None): print("admin check request, ", admin_auth) - cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (admin_auth,)) - rows = cursor.fetchall() - if len(rows) > 0: + if authenticate_admin_check(admin_auth): response.status_code = fastapi.status.HTTP_202_ACCEPTED return "Authorised." else: response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED return "Get out." + # --- override each machine status @app.post("/override_status", response_class=PlainTextResponse) def override_status(data: OverrideMachineData, response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None): @@ -542,6 +548,26 @@ def override_status(data: OverrideMachineData, response: fastapi.Response, admin response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED return "Unauthorised." + if authenticate_admin_check(admin_auth): + if (data.disabled): + machine_status[data.block - 1][data.machine_id - 1] = Status.OUTOFSERVICE.name + else: + cursor.execute("SELECT * FROM timers WHERE ((block = ?) AND (machine = ?))", (data.block, data.machine_id)) + rows = cursor.fetchall() + + if len(rows) > 0: + machine_status[data.block - 1][data.machine_id - 1] = Status.RUNNING.name + else: + machine_status[data.block - 1][data.machine_id - 1] = Status.EMPTY.name + + response.status_code = fastapi.status.HTTP_200_OK + return "Set!" + + print("set machine", data.machine_id, "of block", data.block, ".", machine_status) + else: + response.status_code = fastapi.status.HTTP_403_FORBIDDEN + return "Forbidden." + # --- change admin password @app.post("/admin_change_password", response_class=PlainTextResponse) @@ -550,4 +576,21 @@ def admin_change_password(data: PlaintextPasswordData, response: fastapi.Respons response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED return "Unauthorised." - pass + if authenticate_admin_check(admin_auth): + pass + else: + pass + + +# --- get all blocks machine status for admin +@app.post("/admin_machine_status") +def admin_machine_status(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None): + if not admin_auth: + response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED + return """{"reply": "Unauthorised."}""" + + if authenticate_admin_check(admin_auth): + return machine_status + else: + response.status_code = fastapi.status.HTTP_403_FORBIDDEN + return """{"reply": "Forbidden."}""" |