Flask-Login integration example.

TODO.txt

@@ -5,8 +5,8 @@
 - SQLA Model Admin
     - Validation of the joins in the query
     - Automatic joined load for foreign keys
-    - Filtering
-    - Many2Many editing
+    - Built-in filtering support
+    - Many2Many support
 - File admin
 - Documentation
 - Examples

examples/auth/auth.py

+from flask import Flask, url_for, redirect, render_template, request
+from flaskext.sqlalchemy import SQLAlchemy
+
+from flask.ext import adminex, login, wtf
+from flask.ext.adminex.ext import sqlamodel
+
+# Create application
+app = Flask(__name__)
+
+# Create dummy secrey key so we can use sessions
+app.config['SECRET_KEY'] = '123456790'
+
+# Create in-memory database
+app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///test.sqlite'
+app.config['SQLALCHEMY_ECHO'] = True
+db = SQLAlchemy(app)
+
+
+# Create user model. For simplicity, it will store passwords in plain text.
+# Obviously that's not right thing to do in real world application.
+class User(db.Model):
+    id = db.Column(db.Integer, primary_key=True)
+    login = db.Column(db.String(80), unique=True)
+    email = db.Column(db.String(120))
+    password = db.Column(db.String(64))
+
+    # Flask-Login integration
+    def is_authenticated(self):
+        return True
+
+    def is_active(self):
+        return True
+
+    def is_anonymous(self):
+        return False
+
+    def get_id(self):
+        return self.id
+
+    # Required for administrative interface
+    def __unicode__(self):
+        return self.username
+
+
+# Define login and registration forms (for flask-login)
+class LoginForm(wtf.Form):
+    login = wtf.TextField(validators=[wtf.required()])
+    password = wtf.PasswordField(validators=[wtf.required()])
+
+    def validate_login(self, field):
+        user = self.get_user()
+
+        if user is None:
+            raise wtf.ValidationError('Invalid user')
+
+        if user.password != self.password.data:
+            raise wtf.ValidationError('Invalid password')
+
+    def get_user(self):
+        return db.session.query(User).filter_by(login=self.login.data).first()
+
+
+class RegistrationForm(wtf.Form):
+    login = wtf.TextField(validators=[wtf.required()])
+    email = wtf.TextField()
+    password = wtf.PasswordField(validators=[wtf.required()])
+
+    def validate_login(self, field):
+        if db.session.query(User).filter_by(login=self.login.data).count() > 0:
+            raise wtf.ValidationError('Duplicate username')
+
+
+# Initialize flask-login
+def init_login():
+    login_manager = login.LoginManager()
+    login_manager.setup_app(app)
+
+    # Create user loader function
+    @login_manager.user_loader
+    def load_user(user_id):
+        return db.session.query(User).get(user_id)
+
+
+# Create customized model view class
+class MyModelView(sqlamodel.ModelView):
+    def is_accessible(self):
+        return login.current_user.is_authenticated()
+
+
+# Create customized index view class
+class MyAdminIndexView(adminex.AdminIndexView):
+    def is_accessible(self):
+        return login.current_user.is_authenticated()
+
+
+# Flask views
+@app.route('/')
+def index():
+    return render_template('index.html', user=login.current_user)
+
+
+@app.route('/login/', methods=('GET', 'POST'))
+def login_view():
+    form = LoginForm(request.form)
+    if form.validate_on_submit():
+        user = form.get_user()
+        login.login_user(user)
+        return redirect(url_for('index'))
+
+    return render_template('form.html', form=form)
+
+
+@app.route('/register/', methods=('GET', 'POST'))
+def register_view():
+    form = RegistrationForm(request.form)
+    if form.validate_on_submit():
+        user = User()
+
+        form.populate_obj(user)
+
+        db.session.add(user)
+        db.session.commit()
+
+        login.login_user(user)
+        return redirect(url_for('index'))
+
+    return render_template('form.html', form=form)
+
+
+@app.route('/logout/')
+def logout_view():
+    login.logout_user()
+    return redirect(url_for('index'))
+
+if __name__ == '__main__':
+    # Initialize flask-login
+    init_login()
+
+    # Create admin
+    admin = adminex.Admin('Auth', index_view=MyAdminIndexView())
+
+    # Add view
+    admin.add_view(MyModelView(User, db.session))
+
+    # Associate with an app
+    admin.setup_app(app)
+
+    # Create DB
+    db.create_all()
+
+    # Start app
+    app.debug = True
+    app.run()

examples/auth/templates/form.html

+<html>
+    <body>
+        <form method="POST" action="">
+            {{ form.hidden_tag() }}
+            {% for f in form if f.label.text != 'Csrf' %}
+            <div>
+            {{ f.label }}
+            {{ f }}
+            {% if f.errors %}
+            <ul>
+                {% for e in f.errrors %}
+                <li>{{ e }}</li>
+                {% endfor %}
+            </ul>
+            {% endif %}
+            </div>
+            {% endfor %}
+            <input type="submit" />
+        </form>
+    </body>
+</html>

examples/auth/templates/index.html

+<html>
+    <body>
+        <div>
+            {% if user and user.is_authenticated() %}
+                Hello {{ user.login }}! <a href="{{ url_for('logout_view') }}">Logout</a>
+            {% else %}
+                Welcome anonymous user!
+                <a href="{{ url_for('login_view') }}">Login</a>&nbsp;<a href="{{ url_for('register_view') }}">Register</a>
+            {% endif %}
+        </div>
+        <div>
+            <a href="{{ url_for('admin.index') }}">Go to admin!</a>
+        </div>
+    </body>
+</html>

examples/sqla/simple.py

@@ -83,4 +83,4 @@ if __name__ == '__main__':
 
     # Start app
     app.debug = True
-    app.run('0.0.0.0')
+    app.run()

flask_adminex/base.py

@@ -284,7 +284,7 @@ class Admin(object):
         """
         self._views.append(view)
 
-    def apply(self, app):
+    def setup_app(self, app):
         """
             Register all views with Flask application.
 

flask_adminex/templates/admin/index.html

 {% extends 'admin/master.html' %}
 
 {% block body %}
-
 {% endblock %}