Add authentication system and admin dashboard

Security Features: - Added User model with bcrypt password hashing - Implemented Flask-Login for session management - Protected all API write operations with @login_required decorator - Added authentication routes (login/logout) Admin Dashboard: - Created comprehensive admin dashboard with statistics - Profile management interface - Skills management (add/edit/delete) - Projects management with full CRUD operations - Social links management - Modern responsive UI with Bootstrap 5 New Files: - models.py: Added User model with bcrypt - routes/auth.py: Login/logout functionality - routes/admin.py: Complete admin dashboard with CRUD operations - templates/auth/login.html: Login page - templates/admin/base.html: Admin base template - templates/admin/dashboard.html: Main dashboard - templates/admin/profile.html: Profile editor - templates/admin/skills.html: Skills manager - templates/admin/projects.html: Projects list - templates/admin/project_form.html: Project editor - templates/admin/social_links.html: Social links manager Modified Files: - app.py: Integrated Flask-Login and bcrypt, registered new blueprints - requirements.txt: Added Flask-Login, Flask-Bcrypt, bcrypt - init_db.py: Creates default admin user (admin/admin123) - routes/api.py: Protected all write operations with authentication Default Credentials: - Username: admin - Password: admin123 - ⚠️ MUST be changed after first login! Benefits: - Secure API access with session-based authentication - User-friendly admin interface for content management - No need to edit code or database directly - Bcrypt password hashing for security - Protected against unauthorized access
2025-11-13 13:49:36 +00:00
parent c6425235a2
commit aa2c704bfb
15 changed files with 1159 additions and 4 deletions
--- a/templates/admin/skills.html
+++ b/templates/admin/skills.html
@@ -0,0 +1,79 @@
+{% extends "admin/base.html" %}
+
+{% block title %}Gestione Competenze{% endblock %}
+{% block page_title %}Gestione Competenze{% endblock %}
+
+{% block content %}
+<div class="card mb-4">
+    <div class="card-header bg-white">
+        <h5 class="mb-0">Aggiungi Nuova Competenza</h5>
+    </div>
+    <div class="card-body">
+        <form method="POST" action="{{ url_for('admin.skill_add') }}" class="row g-3">
+            <div class="col-md-3">
+                <input type="text" class="form-control" name="name" placeholder="Nome (es. Python)" required>
+            </div>
+            <div class="col-md-3">
+                <input type="text" class="form-control" name="icon_class" placeholder="Icona (es. fab fa-python)" required>
+            </div>
+            <div class="col-md-2">
+                <input type="text" class="form-control" name="category" placeholder="Categoria">
+            </div>
+            <div class="col-md-2">
+                <input type="number" class="form-control" name="display_order" placeholder="Ordine" value="0">
+            </div>
+            <div class="col-md-2">
+                <button type="submit" class="btn btn-gradient w-100">
+                    <i class="fas fa-plus me-2"></i>Aggiungi
+                </button>
+            </div>
+        </form>
+    </div>
+</div>
+
+<div class="card">
+    <div class="card-header bg-white">
+        <h5 class="mb-0">Lista Competenze</h5>
+    </div>
+    <div class="card-body">
+        <div class="table-responsive">
+            <table class="table table-hover">
+                <thead>
+                    <tr>
+                        <th>Icona</th>
+                        <th>Nome</th>
+                        <th>Categoria</th>
+                        <th>Ordine</th>
+                        <th>Stato</th>
+                        <th>Azioni</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for skill in skills %}
+                    <tr>
+                        <td><i class="{{ skill.icon_class }} fa-2x text-primary"></i></td>
+                        <td>{{ skill.name }}</td>
+                        <td><span class="badge bg-secondary">{{ skill.category or '-' }}</span></td>
+                        <td>{{ skill.display_order }}</td>
+                        <td>
+                            {% if skill.is_active %}
+                                <span class="badge bg-success">Attiva</span>
+                            {% else %}
+                                <span class="badge bg-danger">Disattiva</span>
+                            {% endif %}
+                        </td>
+                        <td>
+                            <form method="POST" action="{{ url_for('admin.skill_delete', skill_id=skill.id) }}" class="d-inline">
+                                <button type="submit" class="btn btn-sm btn-outline-danger" onclick="return confirm('Sicuro di voler eliminare?')">
+                                    <i class="fas fa-trash"></i>
+                                </button>
+                            </form>
+                        </td>
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+{% endblock %}