2fa-0.2
This commit is contained in:
parent
be7650b777
commit
05e130d03a
39
_2fa.tpl
Normal file
39
_2fa.tpl
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<meta name="robots" content="noindex, nofollow">
|
||||||
|
|
||||||
|
<title>{{ str['welcome'] }}</title>
|
||||||
|
|
||||||
|
<link rel="stylesheet" href="{{ url('static', filename='style.css') }}">
|
||||||
|
</head>
|
||||||
|
|
||||||
|
<body>
|
||||||
|
<main>
|
||||||
|
<h1>2FA</h1>
|
||||||
|
|
||||||
|
<form name="editEmailForm" method="post" action="/user">
|
||||||
|
|
||||||
|
<label for="2fa">2FA</label>
|
||||||
|
<input id="2fa" name="2fa" type="text" value="" required>
|
||||||
|
|
||||||
|
<div class="form-buttons">
|
||||||
|
<a href="/user"><button class="green" type="button">{{ str['back'] }}</button></a>
|
||||||
|
<button class="green" type="submit">{{ str['update'] }}</button>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</form>
|
||||||
|
|
||||||
|
%for type, text, animation in get('alerts', []):
|
||||||
|
<div class="alerts {{ animation }}">
|
||||||
|
<div class="alert {{ type }}">{{ text }}</div>
|
||||||
|
</div>
|
||||||
|
%end
|
||||||
|
|
||||||
|
</main>
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</html>
|
23
app.py
23
app.py
@ -100,7 +100,6 @@ def get_index():
|
|||||||
except Exception as e:
|
except Exception as e:
|
||||||
return index_tpl(str=i18n.str)
|
return index_tpl(str=i18n.str)
|
||||||
|
|
||||||
|
|
||||||
@get('/logout')
|
@get('/logout')
|
||||||
def get_index():
|
def get_index():
|
||||||
|
|
||||||
@ -117,6 +116,13 @@ def get_index():
|
|||||||
|
|
||||||
return index_tpl(alerts=[('success', i18n.msg[0], 'fadeOut')], str=i18n.str)
|
return index_tpl(alerts=[('success', i18n.msg[0], 'fadeOut')], str=i18n.str)
|
||||||
|
|
||||||
|
@get('/_2fa')
|
||||||
|
def get_index():
|
||||||
|
try:
|
||||||
|
return _2fa_tpl(data=newSession().get(), str=i18n.str)
|
||||||
|
except Exception as e:
|
||||||
|
return index_tpl(str=i18n.str)
|
||||||
|
|
||||||
@post('/user')
|
@post('/user')
|
||||||
def post_user():
|
def post_user():
|
||||||
form = request.forms.getunicode
|
form = request.forms.getunicode
|
||||||
@ -138,7 +144,10 @@ def post_user():
|
|||||||
LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e))
|
LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e))
|
||||||
return error(str(e))
|
return error(str(e))
|
||||||
|
|
||||||
|
#if 2fa not chekced || (2fa checked & success)
|
||||||
return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
|
return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
|
||||||
|
#elif 2fa checked
|
||||||
|
#return _2fa_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str)
|
||||||
|
|
||||||
@post('/signup')
|
@post('/signup')
|
||||||
def post_signup():
|
def post_signup():
|
||||||
@ -347,6 +356,9 @@ def delete_tpl(**kwargs):
|
|||||||
def logs_tpl(**kwargs):
|
def logs_tpl(**kwargs):
|
||||||
return template('logs', **kwargs)
|
return template('logs', **kwargs)
|
||||||
|
|
||||||
|
def _2fa_tpl(**kwargs):
|
||||||
|
return template('_2fa', **kwargs)
|
||||||
|
|
||||||
def connect_ldap(conf, **kwargs):
|
def connect_ldap(conf, **kwargs):
|
||||||
server = Server(host=conf['host'],
|
server = Server(host=conf['host'],
|
||||||
port=conf.getint('port', None),
|
port=conf.getint('port', None),
|
||||||
@ -520,7 +532,8 @@ def register(conf, username, firstname, surname, password, email, isFake, device
|
|||||||
ts = datetime.now().strftime('%Y%m%d%H%M%S')+'Z'
|
ts = datetime.now().strftime('%Y%m%d%H%M%S')+'Z'
|
||||||
attributes = {'gidNumber': '501', 'uidNumber': uidNumber, 'homeDirectory': directory, 'givenName':
|
attributes = {'gidNumber': '501', 'uidNumber': uidNumber, 'homeDirectory': directory, 'givenName':
|
||||||
firstname, 'sn': surname, 'uid' : username, 'mail': email, 'active': False, 'fakeCn': isFake,
|
firstname, 'sn': surname, 'uid' : username, 'mail': email, 'active': False, 'fakeCn': isFake,
|
||||||
'devices':device, 'ip':request.environ.get('HTTP_X_REAL_IP', request.remote_addr), 'lastLogin': ts}
|
'devices':device, 'ip':request.environ.get('HTTP_X_REAL_IP', request.remote_addr), 'lastLogin': ts,
|
||||||
|
'secureAuth': False}
|
||||||
new_user_dn = "cn="+firstname+" "+surname+" - "+username+",cn=users,"+conf['base']
|
new_user_dn = "cn="+firstname+" "+surname+" - "+username+",cn=users,"+conf['base']
|
||||||
c.add(dn=new_user_dn,object_class=OBJECT_CLASS, attributes=attributes)
|
c.add(dn=new_user_dn,object_class=OBJECT_CLASS, attributes=attributes)
|
||||||
#create/change user password
|
#create/change user password
|
||||||
@ -807,7 +820,8 @@ def get_user_email_array(user_dn, conn, old_email, new_email):
|
|||||||
|
|
||||||
def get_user_data(user_dn, conn):
|
def get_user_data(user_dn, conn):
|
||||||
search_filter = '(objectClass=*)'
|
search_filter = '(objectClass=*)'
|
||||||
conn.search(user_dn, search_filter, attributes=['active','fakeCn','givenName','sn','uid','mail','devices','ip','lastLogin'])
|
conn.search(user_dn, search_filter,
|
||||||
|
attributes=['active','fakeCn','givenName','sn','uid','mail','devices','ip','lastLogin','secureAuth'])
|
||||||
data = []
|
data = []
|
||||||
data.append(conn.entries[0].active.values[0])
|
data.append(conn.entries[0].active.values[0])
|
||||||
data.append(conn.entries[0].fakeCn.values[0])
|
data.append(conn.entries[0].fakeCn.values[0])
|
||||||
@ -821,6 +835,7 @@ def get_user_data(user_dn, conn):
|
|||||||
#ts = datetime.strptime(ts, '%Y-%m-%d %H:%M:%S%z')
|
#ts = datetime.strptime(ts, '%Y-%m-%d %H:%M:%S%z')
|
||||||
#ts = datetime.strftime(t, '%Y-%m-%d %H:%M:%S')
|
#ts = datetime.strftime(t, '%Y-%m-%d %H:%M:%S')
|
||||||
data.append(str(conn.entries[0].lastLogin.values[0])[:-6])
|
data.append(str(conn.entries[0].lastLogin.values[0])[:-6])
|
||||||
|
data.append(conn.entries[0].secureAuth.values[0])
|
||||||
|
|
||||||
return(data)
|
return(data)
|
||||||
|
|
||||||
@ -922,6 +937,7 @@ def newSession():
|
|||||||
self.devices = data[6]
|
self.devices = data[6]
|
||||||
self.ip = data[7]
|
self.ip = data[7]
|
||||||
self.lastLogin = data[8]
|
self.lastLogin = data[8]
|
||||||
|
self.secureAuth = data[9]
|
||||||
|
|
||||||
self.data['active'] = self.active
|
self.data['active'] = self.active
|
||||||
self.data['fakeCn'] = self.fakeCn
|
self.data['fakeCn'] = self.fakeCn
|
||||||
@ -932,6 +948,7 @@ def newSession():
|
|||||||
self.data['devices'] = self.devices
|
self.data['devices'] = self.devices
|
||||||
self.data['ip'] = self.ip
|
self.data['ip'] = self.ip
|
||||||
self.data['lastLogin'] = self.lastLogin
|
self.data['lastLogin'] = self.lastLogin
|
||||||
|
self.data['secureAuth'] = self.secureAuth
|
||||||
|
|
||||||
def close(self):
|
def close(self):
|
||||||
self.data.pop('username')
|
self.data.pop('username')
|
||||||
|
@ -197,7 +197,9 @@ button.red:hover{
|
|||||||
/**/
|
/**/
|
||||||
.grid-container {
|
.grid-container {
|
||||||
display: grid;
|
display: grid;
|
||||||
grid-template-columns: auto max-content;
|
/*grid-template-columns: auto max-content;*/
|
||||||
|
grid-template-areas: 'bat bi'
|
||||||
|
'hiru hiru';
|
||||||
margin: 0 auto;
|
margin: 0 auto;
|
||||||
max-width: 16rem;
|
max-width: 16rem;
|
||||||
padding: 0 2.5rem 0 2.5rem;
|
padding: 0 2.5rem 0 2.5rem;
|
||||||
@ -220,6 +222,17 @@ button.red:hover{
|
|||||||
display: unset;
|
display: unset;
|
||||||
max-width: max-content;
|
max-width: max-content;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.item1 {
|
||||||
|
grid-area: bat;
|
||||||
|
}
|
||||||
|
.item2 {
|
||||||
|
grid-area: bi;
|
||||||
|
text-align: right;
|
||||||
|
}
|
||||||
|
.item3{
|
||||||
|
grid-area: hiru;
|
||||||
|
}
|
||||||
/**/
|
/**/
|
||||||
@media only screen and (max-width: 480px) {
|
@media only screen and (max-width: 480px) {
|
||||||
|
|
||||||
|
53
user.tpl
53
user.tpl
@ -16,71 +16,82 @@
|
|||||||
<h1>{{ str['welcome'] }} <span class="username">{{ data['username'] }}</span></h1>
|
<h1>{{ str['welcome'] }} <span class="username">{{ data['username'] }}</span></h1>
|
||||||
|
|
||||||
<div class="grid-container">
|
<div class="grid-container">
|
||||||
<div class="grid-item">
|
<div class="grid-item item1">
|
||||||
<div class="user account">
|
<div class="user account">
|
||||||
<h5>{{ str['usr'] }}</h5>
|
<h5>{{ str['usr'] }}</h5>
|
||||||
<p>{{ data['firstname'] }} {{ data['surname'] }}</p>
|
<p>{{ data['firstname'] }} {{ data['surname'] }}</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="grid-item">
|
<div class="grid-item item2">
|
||||||
% if data['fakeCn'] == True:
|
% if data['fakeCn'] == True:
|
||||||
<a href="/edit_fullname" class="edit">{{ str['edit'] }}</a>
|
<a href="/edit_fullname" class="edit">{{ str['edit'] }}</a>
|
||||||
% end
|
% end
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
<div class="grid-item">
|
|
||||||
|
<div class="grid-container">
|
||||||
|
<div class="grid-item item1">
|
||||||
<div class="email account">
|
<div class="email account">
|
||||||
<h5>{{ str['email'] }}</h5>
|
<h5>{{ str['email'] }}</h5>
|
||||||
<p>{{ data['mail'] }}</p>
|
<p>{{ data['mail'] }}</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="grid-item">
|
<div class="grid-item item2">
|
||||||
<a href="/edit_email">{{ str['edit'] }}</a>
|
<a href="/edit_email">{{ str['edit'] }}</a>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
<div class="grid-item">
|
|
||||||
|
<div class="grid-container">
|
||||||
|
<div class="grid-item item1">
|
||||||
<div class="account">
|
<div class="account">
|
||||||
<h5>{{ str['pwd'] }}</h5>
|
<h5>{{ str['pwd'] }}</h5>
|
||||||
<p>********</p>
|
<p>********</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="grid-item">
|
<div class="grid-item item2">
|
||||||
<a href="/change_pwd">{{ str['edit'] }}</a>
|
<a href="/change_pwd">{{ str['edit'] }}</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="grid-item">
|
<div class="grid-item item3">
|
||||||
|
<a href="/_2fa"><button class="green" type="button">2FA gaitu</button></a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<!--
|
||||||
|
<div class="grid-container">
|
||||||
|
<div class="grid-item item1">
|
||||||
<div class="account">
|
<div class="account">
|
||||||
<h5>2FA</h5>
|
<h5>2FA</h5>
|
||||||
<p>Bi urratseko autentifikazioa</p>
|
<p>Bi urratseko autentifikazioa {{data['secureAuth']}}</p>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="grid-item">
|
<div class="grid-item item2">
|
||||||
<input type="checkbox" id="2fa" name="2fa" value="2fa">
|
<input type="checkbox" id="2fa" name="2fa" value="2fa" {{!'checked="checked"' if data['secureAuth'] == True else ""}} >
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
<div class="grid-item">
|
-->
|
||||||
|
<div class="grid-container">
|
||||||
|
<div class="grid-item item1">
|
||||||
<div class="account">
|
<div class="account">
|
||||||
<h5>{{ str['logs'] }}</h5>
|
<h5>{{ str['logs'] }}</h5>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="grid-item">
|
<div class="grid-item item2">
|
||||||
<a href="/logs">{{ str['show'] }}</a>
|
<a href="/logs">{{ str['show'] }}</a>
|
||||||
</div>
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="grid-container">
|
||||||
<div class="account">
|
<div class="account">
|
||||||
<a href="/logout"><button class="green" type="button">{{ str['log-out'] }}</button></a>
|
<a href="/logout"><button class="green" type="button">{{ str['log-out'] }}</button></a>
|
||||||
<a href="/delete"><button class="red" type="button">{{ str['del'] }}</button></a>
|
<a href="/delete"><button class="red" type="button">{{ str['del'] }}</button></a>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
%for type, text, animation in get('alerts', []):
|
%for type, text, animation in get('alerts', []):
|
||||||
<div class="alerts {{ animation }}">
|
<div class="alerts {{ animation }}">
|
||||||
<div class="alert {{ type }}">{{ text }}</div>
|
<div class="alert {{ type }}">{{ text }}</div>
|
||||||
|
Loading…
Reference in New Issue
Block a user