v0.0.3
This commit is contained in:
parent
c20a8a0b2c
commit
490e9bb80c
25
app.py
25
app.py
@ -39,6 +39,7 @@ from user_agents import parse as ua_parse
|
||||
from datetime import datetime
|
||||
import cryptocode
|
||||
import base64
|
||||
import uuid
|
||||
|
||||
BASE_DIR = path.dirname(__file__)
|
||||
LOG = logging.getLogger(__name__)
|
||||
@ -160,12 +161,12 @@ def post_user():
|
||||
#if(check_2fa_step1(form('username'))):
|
||||
if(newSession().get()['secureAuth']):
|
||||
# encrypt and store the credentials
|
||||
sid = newSession().get()['id']
|
||||
key = uuid.uuid4().hex
|
||||
data = ';'.join([form('username'),form('password'),newSession().get()['authCode']])
|
||||
data_enc = cryptocode.encrypt(data, newSession().get()['id'])
|
||||
data_enc = cryptocode.encrypt(data, key)
|
||||
data_to_url = base64.urlsafe_b64encode(str.encode(data_enc))
|
||||
memo.get(data_enc)
|
||||
memo.sid=sid
|
||||
memo.data = data_enc
|
||||
memo.key = key
|
||||
logout(form('username'))
|
||||
return index_tpl(two_factor_authentication=True, path=data_to_url, str=i18n.str)
|
||||
except Error as e:
|
||||
@ -185,7 +186,7 @@ def post_user_step2(path):
|
||||
try:
|
||||
# decrypt url
|
||||
path = base64.urlsafe_b64decode(path)
|
||||
path = cryptocode.decrypt(path.decode('utf-8'), memo.sid)
|
||||
path = cryptocode.decrypt(path.decode('utf-8'), memo.key)
|
||||
data = path.split(';')
|
||||
|
||||
username = data[0]
|
||||
@ -230,7 +231,11 @@ def post_signup():
|
||||
def error(msg):
|
||||
return signup_tpl(alerts=[('error', msg, 'fadeOut')], str=i18n.str)
|
||||
|
||||
if not tools.code_is_valid(form('invite_code'), db):
|
||||
try:
|
||||
if not tools.code_is_valid(form('invite_code'), db):
|
||||
return(error(i18n.msg[6]))
|
||||
except Exception as e:
|
||||
LOG.error(e)
|
||||
return(error(i18n.msg[6]))
|
||||
|
||||
if len(form('username')) < 3:
|
||||
@ -527,7 +532,6 @@ def login_user_ldap(conf, username, password):
|
||||
c.bind()
|
||||
if is_trusted_device(conf, user_dn):
|
||||
newSession().set(get_user_data(user_dn, c))
|
||||
newSession().data['id'] = tools.session_id()
|
||||
#update timestamp + ip address
|
||||
update_login_info(conf, user_dn)
|
||||
LOG.debug("%s logged in to %s" % (username, conf['base']))
|
||||
@ -1099,9 +1103,7 @@ class Error(Exception):
|
||||
class tMemory(object):
|
||||
def __init__(self):
|
||||
self.data = None
|
||||
self.sid = None
|
||||
def get(self, data):
|
||||
self.data = data
|
||||
self.key = None
|
||||
|
||||
memo = tMemory()
|
||||
|
||||
@ -1113,6 +1115,7 @@ def newSession():
|
||||
def __init__(self):
|
||||
super(Session, self).__init__()
|
||||
self.data = bottle.request.environ.get('beaker.session')
|
||||
self.sid = self.data.id
|
||||
#localization
|
||||
self.lang = self.get_lang()
|
||||
global i18n
|
||||
@ -1159,6 +1162,8 @@ def newSession():
|
||||
self.data['secureAuth'] = self.secureAuth
|
||||
self.data['authCode'] = self.authCode
|
||||
|
||||
self.data['id'] = self.sid
|
||||
|
||||
def close(self):
|
||||
self.data.pop('username')
|
||||
|
||||
|
@ -6,7 +6,6 @@ from onetimepass import valid_totp
|
||||
from secrets import choice
|
||||
import segno
|
||||
from os import path
|
||||
import uuid
|
||||
|
||||
class Tools():
|
||||
|
||||
@ -70,7 +69,4 @@ class Tools():
|
||||
print('Wrong otp, please try again.')
|
||||
return False
|
||||
|
||||
def session_id(self):
|
||||
return uuid.uuid4().hex
|
||||
|
||||
tools = Tools()
|
||||
|
Loading…
Reference in New Issue
Block a user