This commit is contained in:
aitzol 2023-11-10 13:12:15 +01:00
parent be7650b777
commit 05e130d03a
4 changed files with 105 additions and 25 deletions

39
_2fa.tpl Normal file
View File

@ -0,0 +1,39 @@
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noindex, nofollow">
<title>{{ str['welcome'] }}</title>
<link rel="stylesheet" href="{{ url('static', filename='style.css') }}">
</head>
<body>
<main>
<h1>2FA</h1>
<form name="editEmailForm" method="post" action="/user">
<label for="2fa">2FA</label>
<input id="2fa" name="2fa" type="text" value="" required>
<div class="form-buttons">
<a href="/user"><button class="green" type="button">{{ str['back'] }}</button></a>
<button class="green" type="submit">{{ str['update'] }}</button>
</div>
</form>
%for type, text, animation in get('alerts', []):
<div class="alerts {{ animation }}">
<div class="alert {{ type }}">{{ text }}</div>
</div>
%end
</main>
</body>
</html>

23
app.py
View File

@ -100,7 +100,6 @@ def get_index():
except Exception as e: except Exception as e:
return index_tpl(str=i18n.str) return index_tpl(str=i18n.str)
@get('/logout') @get('/logout')
def get_index(): def get_index():
@ -117,6 +116,13 @@ def get_index():
return index_tpl(alerts=[('success', i18n.msg[0], 'fadeOut')], str=i18n.str) return index_tpl(alerts=[('success', i18n.msg[0], 'fadeOut')], str=i18n.str)
@get('/_2fa')
def get_index():
try:
return _2fa_tpl(data=newSession().get(), str=i18n.str)
except Exception as e:
return index_tpl(str=i18n.str)
@post('/user') @post('/user')
def post_user(): def post_user():
form = request.forms.getunicode form = request.forms.getunicode
@ -138,7 +144,10 @@ def post_user():
LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e)) LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e))
return error(str(e)) return error(str(e))
#if 2fa not chekced || (2fa checked & success)
return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str) return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
#elif 2fa checked
#return _2fa_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
@post('/signup') @post('/signup')
def post_signup(): def post_signup():
@ -347,6 +356,9 @@ def delete_tpl(**kwargs):
def logs_tpl(**kwargs): def logs_tpl(**kwargs):
return template('logs', **kwargs) return template('logs', **kwargs)
def _2fa_tpl(**kwargs):
return template('_2fa', **kwargs)
def connect_ldap(conf, **kwargs): def connect_ldap(conf, **kwargs):
server = Server(host=conf['host'], server = Server(host=conf['host'],
port=conf.getint('port', None), port=conf.getint('port', None),
@ -520,7 +532,8 @@ def register(conf, username, firstname, surname, password, email, isFake, device
ts = datetime.now().strftime('%Y%m%d%H%M%S')+'Z' ts = datetime.now().strftime('%Y%m%d%H%M%S')+'Z'
attributes = {'gidNumber': '501', 'uidNumber': uidNumber, 'homeDirectory': directory, 'givenName': attributes = {'gidNumber': '501', 'uidNumber': uidNumber, 'homeDirectory': directory, 'givenName':
firstname, 'sn': surname, 'uid' : username, 'mail': email, 'active': False, 'fakeCn': isFake, firstname, 'sn': surname, 'uid' : username, 'mail': email, 'active': False, 'fakeCn': isFake,
'devices':device, 'ip':request.environ.get('HTTP_X_REAL_IP', request.remote_addr), 'lastLogin': ts} 'devices':device, 'ip':request.environ.get('HTTP_X_REAL_IP', request.remote_addr), 'lastLogin': ts,
'secureAuth': False}
new_user_dn = "cn="+firstname+" "+surname+" - "+username+",cn=users,"+conf['base'] new_user_dn = "cn="+firstname+" "+surname+" - "+username+",cn=users,"+conf['base']
c.add(dn=new_user_dn,object_class=OBJECT_CLASS, attributes=attributes) c.add(dn=new_user_dn,object_class=OBJECT_CLASS, attributes=attributes)
#create/change user password #create/change user password
@ -807,7 +820,8 @@ def get_user_email_array(user_dn, conn, old_email, new_email):
def get_user_data(user_dn, conn): def get_user_data(user_dn, conn):
search_filter = '(objectClass=*)' search_filter = '(objectClass=*)'
conn.search(user_dn, search_filter, attributes=['active','fakeCn','givenName','sn','uid','mail','devices','ip','lastLogin']) conn.search(user_dn, search_filter,
attributes=['active','fakeCn','givenName','sn','uid','mail','devices','ip','lastLogin','secureAuth'])
data = [] data = []
data.append(conn.entries[0].active.values[0]) data.append(conn.entries[0].active.values[0])
data.append(conn.entries[0].fakeCn.values[0]) data.append(conn.entries[0].fakeCn.values[0])
@ -821,6 +835,7 @@ def get_user_data(user_dn, conn):
#ts = datetime.strptime(ts, '%Y-%m-%d %H:%M:%S%z') #ts = datetime.strptime(ts, '%Y-%m-%d %H:%M:%S%z')
#ts = datetime.strftime(t, '%Y-%m-%d %H:%M:%S') #ts = datetime.strftime(t, '%Y-%m-%d %H:%M:%S')
data.append(str(conn.entries[0].lastLogin.values[0])[:-6]) data.append(str(conn.entries[0].lastLogin.values[0])[:-6])
data.append(conn.entries[0].secureAuth.values[0])
return(data) return(data)
@ -922,6 +937,7 @@ def newSession():
self.devices = data[6] self.devices = data[6]
self.ip = data[7] self.ip = data[7]
self.lastLogin = data[8] self.lastLogin = data[8]
self.secureAuth = data[9]
self.data['active'] = self.active self.data['active'] = self.active
self.data['fakeCn'] = self.fakeCn self.data['fakeCn'] = self.fakeCn
@ -932,6 +948,7 @@ def newSession():
self.data['devices'] = self.devices self.data['devices'] = self.devices
self.data['ip'] = self.ip self.data['ip'] = self.ip
self.data['lastLogin'] = self.lastLogin self.data['lastLogin'] = self.lastLogin
self.data['secureAuth'] = self.secureAuth
def close(self): def close(self):
self.data.pop('username') self.data.pop('username')

View File

@ -197,7 +197,9 @@ button.red:hover{
/**/ /**/
.grid-container { .grid-container {
display: grid; display: grid;
grid-template-columns: auto max-content; /*grid-template-columns: auto max-content;*/
grid-template-areas: 'bat bi'
'hiru hiru';
margin: 0 auto; margin: 0 auto;
max-width: 16rem; max-width: 16rem;
padding: 0 2.5rem 0 2.5rem; padding: 0 2.5rem 0 2.5rem;
@ -220,6 +222,17 @@ button.red:hover{
display: unset; display: unset;
max-width: max-content; max-width: max-content;
} }
.item1 {
grid-area: bat;
}
.item2 {
grid-area: bi;
text-align: right;
}
.item3{
grid-area: hiru;
}
/**/ /**/
@media only screen and (max-width: 480px) { @media only screen and (max-width: 480px) {

View File

@ -16,71 +16,82 @@
<h1>{{ str['welcome'] }} <span class="username">{{ data['username'] }}</span></h1> <h1>{{ str['welcome'] }} <span class="username">{{ data['username'] }}</span></h1>
<div class="grid-container"> <div class="grid-container">
<div class="grid-item"> <div class="grid-item item1">
<div class="user account"> <div class="user account">
<h5>{{ str['usr'] }}</h5> <h5>{{ str['usr'] }}</h5>
<p>{{ data['firstname'] }} {{ data['surname'] }}</p> <p>{{ data['firstname'] }} {{ data['surname'] }}</p>
</div> </div>
</div> </div>
<div class="grid-item"> <div class="grid-item item2">
% if data['fakeCn'] == True: % if data['fakeCn'] == True:
<a href="/edit_fullname" class="edit">{{ str['edit'] }}</a> <a href="/edit_fullname" class="edit">{{ str['edit'] }}</a>
% end % end
</div> </div>
</div>
<div class="grid-item"> <div class="grid-container">
<div class="grid-item item1">
<div class="email account"> <div class="email account">
<h5>{{ str['email'] }}</h5> <h5>{{ str['email'] }}</h5>
<p>{{ data['mail'] }}</p> <p>{{ data['mail'] }}</p>
</div> </div>
</div> </div>
<div class="grid-item"> <div class="grid-item item2">
<a href="/edit_email">{{ str['edit'] }}</a> <a href="/edit_email">{{ str['edit'] }}</a>
</div> </div>
</div>
<div class="grid-item"> <div class="grid-container">
<div class="grid-item item1">
<div class="account"> <div class="account">
<h5>{{ str['pwd'] }}</h5> <h5>{{ str['pwd'] }}</h5>
<p>********</p> <p>********</p>
</div> </div>
</div> </div>
<div class="grid-item"> <div class="grid-item item2">
<a href="/change_pwd">{{ str['edit'] }}</a> <a href="/change_pwd">{{ str['edit'] }}</a>
</div> </div>
<div class="grid-item"> <div class="grid-item item3">
<a href="/_2fa"><button class="green" type="button">2FA gaitu</button></a>
</div>
</div>
<!--
<div class="grid-container">
<div class="grid-item item1">
<div class="account"> <div class="account">
<h5>2FA</h5> <h5>2FA</h5>
<p>Bi urratseko autentifikazioa</p> <p>Bi urratseko autentifikazioa {{data['secureAuth']}}</p>
</div> </div>
</div> </div>
<div class="grid-item"> <div class="grid-item item2">
<input type="checkbox" id="2fa" name="2fa" value="2fa"> <input type="checkbox" id="2fa" name="2fa" value="2fa" {{!'checked="checked"' if data['secureAuth'] == True else ""}} >
</div> </div>
</div>
<div class="grid-item"> -->
<div class="grid-container">
<div class="grid-item item1">
<div class="account"> <div class="account">
<h5>{{ str['logs'] }}</h5> <h5>{{ str['logs'] }}</h5>
</div> </div>
</div> </div>
<div class="grid-item"> <div class="grid-item item2">
<a href="/logs">{{ str['show'] }}</a> <a href="/logs">{{ str['show'] }}</a>
</div> </div>
</div>
<div class="grid-container">
<div class="account"> <div class="account">
<a href="/logout"><button class="green" type="button">{{ str['log-out'] }}</button></a> <a href="/logout"><button class="green" type="button">{{ str['log-out'] }}</button></a>
<a href="/delete"><button class="red" type="button">{{ str['del'] }}</button></a> <a href="/delete"><button class="red" type="button">{{ str['del'] }}</button></a>
</div> </div>
</div> </div>
%for type, text, animation in get('alerts', []): %for type, text, animation in get('alerts', []):
<div class="alerts {{ animation }}"> <div class="alerts {{ animation }}">
<div class="alert {{ type }}">{{ text }}</div> <div class="alert {{ type }}">{{ text }}</div>