diff --git a/app.py b/app.py index 37f87f5..d796a19 100644 --- a/app.py +++ b/app.py @@ -8,6 +8,7 @@ import ipfshttpclient from datetime import date, datetime from functools import wraps import hashlib +import random import os from config import C @@ -45,7 +46,7 @@ def login_required(f): @wraps(f) def df(*args, **kwargs): username = session.get('username') - if not username or (not C.allow_guest_upload and username.startswith('guest(')): + if not username or (not C.allow_guest_upload and username.startswith('guest~')): return redirect(url_for('login')) return f(*args, **kwargs, username=username) return df @@ -61,7 +62,16 @@ def guest_login(): @app.route('/pastExam/login/guest/verify', methods=['POST']) @limiter.limit("10 / hour") def guest_login_send(): - return 'ok' + for name, ques, hint, ans in C.verify: + if request.form.get(name) != ans: + return '错误!', 401 + + if 'uid' not in session: + session['uid'] = random.randint(0, 100000) + + session['username'] = 'guest~%s' % session['uid'] + session.permanent = True + return {'r':0} @app.route('/pastExam/') @login_required diff --git a/templates/guest-login.html b/templates/guest-login.html index 9448637..689a907 100644 --- a/templates/guest-login.html +++ b/templates/guest-login.html @@ -28,7 +28,7 @@