parallel/TableOrder
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hotfix

Browse source
This commit is contained in:
Tim Berchtold 2025-07-05 10:13:28 +02:00
parent eeda5062ae
commit a95e8a00b8
7 changed files with 46 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Options.ini
View file

@ -1,13 +1,13 @@
[DEFAULT]
host = 'http://0.0.0.0:5000'
host = http://0.0.0.0:5000
max_desks = 8
[SETTINGS]
lockqrcode_whit_secret = True
user = Admin
path_json_settings = '/Server/json/availiable-products.json'
path_json_settings = ./Server/json/availiable-products.json
[OTHER]
log_diagnose = True
first_startup = False
first_startup = True

2
README.md
View file

@ -21,7 +21,7 @@ Default has to be changed to your needs:
host -> is where the QR code points to whit secret if enabled.
max_desks -> How many desk it shoud create.
Execute in Terminal the "pip install -r required.txt" to download depending and "python app.py" to run the Flask server and whit it the webserver.
Execute in Terminal "python3 -m venv .venv", for the virtual enviroment activate it whit "source .venv/bin/acitvate" (Linux) " or ".venv/Scripts/activate.bat" (Windows) and then "pip install -r required.txt" to download depending and "python app.py" to run the Flask server and whit it the webserver.
##

33
Server/DB/querys.py
View file

@ -2,9 +2,15 @@
from loguru import logger
import json
import bcrypt
import configparser
from Server.DB.handler import QR, Product, Order, session, User
config = configparser.ConfigParser()
config.sections()
config.read('Options.ini')
class compare:
def is_user_pass_valid(username, password):
session_username = session.query(User).filter(User.username == username).one()
@ -102,19 +108,20 @@ class get:
return False
'''
def valid_products(get_json_=False):
with open(config['SETTINGS']['path_json_settings'], 'r') as file:
#Parse Json Product List
products = json.load(file)
if get_json_:
return products
else:
valide_products = []
for category in products.get('products'):
for product in products.get('products').get(category):
print(product)
if int(product['quantity']) >= 0:
valide_products.append(product['name'])
return valide_products
global config
with open(config['SETTINGS']['path_json_settings'], 'r') as file:
#Parse Json Product List
products = json.load(file)
if get_json_:
return products
else:
valide_products = []
for category in products.get('products'):
for product in products.get('products').get(category):
print(product)
if int(product['quantity']) >= 0:
valide_products.append(product['name'])
return valide_products
def all_orders():
# All unfinished orders (finished is False or string "False")

25
Server/Host/flaskApp.py
View file

@ -37,7 +37,7 @@ login_manager.init_app(app)
if config['OTHER']['first_startup'] == 'True':
print("Please enter a Secure Admin Password:")
add._create_user('Admin',input())
add._create_user(config['SETTINGS']['user'],input())
config.set('OTHER', 'first_startup', 'False')
with open('Options.ini', 'w') as configfile:
config.write(configfile)
@ -112,9 +112,9 @@ def orders(): #TODO on new orderGet refresh orders list
@app.route("/order_get", methods=['GET','POST'])
def order_get():
desk= 1
global config
#POST order
if request.method == 'POST' and config['SETTINGS']['lockqrcode_whit_secret'] == True:
if request.method == 'POST' and config['SETTINGS']['lockqrcode_whit_secret'] == 'True':
ordered_list = []
desk = request.form['desk']
form = request.form
@ -133,18 +133,17 @@ def order_get():
elif request.method == 'GET':
desk = int(request.args['desk'])
secret = int(request.args['secret'])
try:#TODO FIX! #Feature = True #TODO:Encryption Salting hasing and anti rainbow attack for qr code?? (needed?)
if config['SETTINGS']['lockqrcode_whit_secret'] and compare.is_QRSecret_valid(desk,secret):
return render_template('index.html', desk=desk, MAX_DESKS=config['DEFAULT']['max_desks'], orderableItems = get.valid_products(get_json_=True))
elif config['SETTINGS']['lockqrcode_whit_secret'] == False:
return render_template('index.html', desk=desk, MAX_DESKS=config['DEFAULT']['max_desks'],orderableItems = get.valid_products(get_json_=True))
return '<h1>404 wrong Secret?</h1>' #TODO Make the HTML prettier for all
except:
return '<h1>Server/code issue?</h1>'
elif config['SETTINGS']['lockqrcode_whit_secret'] == True:
if config['SETTINGS']['lockqrcode_whit_secret'] == 'True' and compare.is_QRSecret_valid(desk,secret):
return render_template('index.html', desk=desk, MAX_DESKS=int(config['DEFAULT']['max_desks']), orderableItems = get.valid_products(get_json_=True))
elif config['SETTINGS']['lockqrcode_whit_secret'] == 'False':
return render_template('index.html', desk=desk, MAX_DESKS=int(config['DEFAULT']['max_desks']),orderableItems = get.valid_products(get_json_=True))
else:
return '<h1>Somethign went wrong try again.</h1>' #TODO Make the HTML prettier for all
return '<h1>404 wrong Secret?</h1>' #TODO Make the HTML prettier for all
elif config['SETTINGS']['lockqrcode_whit_secret'] == 'True':
return '<h1>your LOCKQRCODE is invalid.</h1>'
else:
return render_template('index.html',desk=desk, MAX_DESKS=config['DEFAULT']['max_desks'],orderableItems = get.valid_products(get_json_=True))
return render_template('index.html',desk=desk, MAX_DESKS=int(config['DEFAULT']['max_desks']),orderableItems = get.valid_products(get_json_=True))
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///db.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False

3
Server/Host/templates/index.html
View file

@ -7,7 +7,8 @@
<title>Document</title>
</head>
<body>
<form name="order" onsubmit="return validateForm()" action="{{ url_for('order_get') }}" method="POST" class="flex-container">
<form name="order" onsubmit="return validateForm()" action="{{ url_for('order_get') }}" method="POST" class="flex-container">
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
<li class="box desk-nr">Tisch Nummer
<div>
<select name="desk" class="desk-select">

14
Server/Host/templates/orders.html
View file

@ -46,10 +46,7 @@
</ul>
</td>
<td>
<button
class="finish-btn"
onclick="markFinished({{ order[2] }})"
id="btn-{{ order[2] }}">
<button class="finish-btn" onclick="markFinished({{ order[2] }})" id="btn-{{ order[2] }}">
Finished
</button>
</td>
@ -59,15 +56,17 @@
<tr><td colspan="3">No open orders.</td></tr>
{% endfor %}
</table>
<script>
var csrfToken = "{{ csrf_token() }}";
// Track active timers for each order
window.activeTimers = {};
function markFinished(orderId) {
fetch('/orders', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
headers: { 'Content-Type': 'application/x-www-form-urlencoded',
'X-CSRFToken': csrfToken },
body: `order_id=${orderId}&action=finish`
})
.then(response => response.json())
@ -106,7 +105,8 @@
fetch('/orders', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
headers: { 'Content-Type': 'application/x-www-form-urlencoded' ,
'X-CSRFToken': csrfToken },
body: `order_id=${orderId}&action=undo`
})
.then(response => response.json())

2
app.py
View file

@ -20,7 +20,7 @@ you want async logging.
def run(): #TODO: sys.stderr back to a file log??
logger.add(sys.stderr, format="{time} {level} {message}", filter="startup", level="INFO")
logger.add(sys.stderr, backtrace=True, diagnose=config['OTHER']['log_diagnose'])
app.run(debug=True)
app.run(debug=False)
if __name__ == "__main__":
#First startup is handled in DB/handler