add admin auth method

.env.dist

@@ -9,3 +9,4 @@ DB_PORT=3306
 DB_USER=""
 DB_PASSWORD=""
 DB_DBNAME=""
+ADMIN_PASSWORD="s0meV3ryL0ngP@sswOrd"

truthinquiry/routes/routes_admin.py

@@ -17,6 +17,10 @@ def index():
     npcs_dicts = [{"id": npc_obj.NPC_ID, "name": npc_obj.NAME_LOCALE.get_text(DEFAULT_LANG).TEXT} for npc_obj in npcs_objs]
     return flask.render_template("admin/index.html", npcs=npcs_dicts)
 
+@routes_admin.route("/auth")
+def auth():
+    return flask.render_template("admin/auth.html")
+
 @routes_admin.route("/npc/<npc_id>")
 @require_admin(ui=True)
 def npc(npc_id):

truthinquiry/routes/routes_api_admin.py

@@ -1,3 +1,5 @@
+import os
+
 import flask
 from sqlalchemy import select, delete, or_
 
@@ -8,6 +10,15 @@ from truthinquiry.utils import require_admin
 
 routes_api_admin = flask.Blueprint("api_admin", __name__)
 
+@routes_api_admin.route("/auth", methods=["GET", "POST"])
+def auth():
+    password = flask.request.values.get("password")
+    if password == os.getenv("ADMIN_PASSWORD"):
+        flask.session["admin"] = True
+        return flask.redirect("/admin")
+    else:
+        return flask.redirect("/admin/auth?failed=1")
+
 @routes_api_admin.route("/setQuestions", methods=["GET", "POST"])
 @require_admin(api=True)
 def set_questions():

truthinquiry/templates/admin/auth.html

@@ -0,0 +1,5 @@
+<form action="/api/v1/admin/auth" method="POST">
+    <p>Password :</p>
+    <input name="password">
+    <input type="submit" value="Submit">
+</form>