peterstockings/workout
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make SQL queries require auth

Browse Source
This commit is contained in:
Peter Stockings
2026-01-29 19:17:35 +11:00
parent 722ff4d8e5
commit d72bb1f30f
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
routes/sql_explorer.py
View File

@@ -2,6 +2,7 @@ import os
import requests # Import requests library
import json # Import json library
from flask import Blueprint, render_template, request, current_app, jsonify
from flask_login import login_required
from jinja2_fragments import render_block
from flask_htmx import HTMX
from extensions import db
@@ -132,6 +133,7 @@ def sql_explorer():
return render_template('sql_explorer.html', saved_queries=saved_queries)
@sql_explorer_bp.route("/query", methods=['POST'])
@login_required
def sql_query():
query = request.form.get('query')
title = request.form.get('title')
@@ -141,6 +143,7 @@ def sql_query():
title=title, query=query, error=error, saved_queries=saved_queries)
@sql_explorer_bp.route("/query/execute", methods=['POST'])
@login_required
def execute_sql_query():
query = request.form.get('query')
(results, columns, error) = _execute_sql(query)
@@ -155,6 +158,7 @@ def load_sql_query(query_id):
title=title, query=query, saved_queries=saved_queries)
@sql_explorer_bp.route('/delete_query/<int:query_id>', methods=['DELETE'])
@login_required
def delete_sql_query(query_id):
_delete_saved_query(query_id)
saved_queries = _list_saved_queries()
@@ -168,6 +172,7 @@ def sql_schema():
return render_template('partials/sql_explorer/schema.html', create_sql=create_sql)
@sql_explorer_bp.route("/plot/<int:query_id>", methods=['GET'])
@login_required
def plot_query(query_id):
(title, query) = _get_saved_query(query_id)
if not query: return "Query not found", 404
@@ -191,6 +196,7 @@ def plot_query(query_id):
return f'&lt;div class="p-4 text-red-700 bg-red-100 border border-red-400 rounded"&gt;Error preparing plot data: {e}&lt;/div&gt;', 500
@sql_explorer_bp.route("/plot/show", methods=['POST'])
@login_required
def plot_unsaved_query():
query = request.form.get('query')
title = request.form.get('title', 'SQL Query Plot') # Add default title
@@ -214,6 +220,7 @@ def plot_unsaved_query():
return f'&lt;div class="p-4 text-red-700 bg-red-100 border border-red-400 rounded"&gt;Error preparing plot data: {e}&lt;/div&gt;', 500
@sql_explorer_bp.route("/generate_sql", methods=['POST'])
@login_required
def generate_sql():
"""Generates SQL from natural language via Gemini REST API."""
natural_query = request.form.get('natural_query')