1st user is administrator

config.ini

@@ -0,0 +1,4 @@
+[app]
+NAME=APP_NAME
+SECRET_KEY=SOME_RANDOM_STRING
+SQLALCHEMY_DATABASE_URI=sqlite:///sqlite.db

project/__init__.py

@@ -1,21 +1,25 @@
 from flask import Flask
 from flask_sqlalchemy import SQLAlchemy
 from flask_login import LoginManager
+from configparser import ConfigParser
 
 # init SQLAlchemy so we can use it later in our models
 db = SQLAlchemy()
 
 
 def create_app():
+    conf = ConfigParser()
+    conf.read("./config.ini")
     app = Flask(__name__)
 
-    app.config['SECRET_KEY'] = 'secret-key-goes-here'
-    app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///sqlite.db'
+    app.config['SECRET_KEY'] = conf['app']['SECRET_KEY']
+    app.config['SQLALCHEMY_DATABASE_URI'] = conf['app']['SQLALCHEMY_DATABASE_URI']
 
     db.init_app(app)
     login_manager = LoginManager()
     login_manager.login_view = 'auth.login'
     login_manager.init_app(app)
+    login_manager.login_message = "请先登录"
 
     from .models import User
 
@@ -24,8 +28,6 @@ def create_app():
         # since the user_id is just the primary key of our user table, use it in the query for the user
         return User.query.get(int(user_id))
 
-    from . import models
-
     with app.app_context():
         db.create_all()
 

project/auth.py

@@ -25,7 +25,7 @@ def login_post():
     # check if the user actually exists
     # take the user-supplied password, hash it, and compare it to the hashed password in the database
     if not user or not check_password_hash(user.password, password):
-        flash('Please check your login details and try again.')
+        flash('请检查登录信息')
         # if the user doesn't exist or password is wrong, reload the page
         return redirect(url_for('auth.login'))
 
@@ -60,9 +60,16 @@ def signup_post():
         flash('Password missing!')
         return redirect(url_for('auth.signup'))
     # create a new user with the form data. Hash the password so the plaintext version isn't saved.
-    new_user = User(email=email, name=name,
-                    password=generate_password_hash(password, method='sha256'), role='user', isActivated=False)
+    new_user = User(email=email,
+                    name=name,
+                    password=generate_password_hash(password, method='sha256'),
+                    role='user',
+                    isActivated=False)
 
+    # first user is always admin
+    if not db.session.query(User).count():
+        new_user.role='admin'
+        new_user.isActivated=True
     # add the new user to the database
     db.session.add(new_user)
     db.session.commit()
@@ -74,4 +81,3 @@ def logout():
     if current_user.is_authenticated:
         logout_user()
     return redirect(url_for('main.index'))
-

project/main.py

@@ -1,6 +1,5 @@
 from flask import Blueprint, render_template
 from flask_login import login_required, current_user, login_manager
-from . import db
 
 main = Blueprint('main', __name__)
 
@@ -17,5 +16,4 @@ def index():
 @main.route('/profile')
 @login_required
 def profile():
-    login_manager.login_message = "请先登录"
     return render_template('profile.html', username=current_user.name, isActivated=current_user.isActivated)

project/templates/signup.html

@@ -34,7 +34,7 @@
                 </div>
             </div>
 
-            <button class="button is-block is-info is-large is-fullwidth">Sign Up</button>
+            <button class="button is-block is-info is-large is-fullwidth">提交注册</button>
         </form>
     </div>
 </div>