ShaYmez/hbnet
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

begin admin UI

Browse Source
This commit is contained in:
KF7EEL 2021-05-10 19:25:10 -07:00
parent bda66fbdde
commit 52ac438fcc
3 changed files with 99 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hblink.py
View File

@ -511,6 +511,7 @@ class HBSYSTEM(DatagramProtocol):
except Exception as e:
## # If UMS down, default to base 64 auth
## logger.info(e)
_new_peer_id = bytes_4(int(str(int_id(_peer_id))[:7]))
calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
_calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
ums_down = True

127
user_managment/app.py
View File

@ -174,26 +174,29 @@ def create_app():
@app.route('/generate_passphrase', methods = ['GET'])
@login_required
def gen():
#content = Markup('<strong>The HTML String</strong>')
#user_id = request.args.get('user_id')
u = current_user
## print(u.username)
id_dict = ast.literal_eval(u.dmr_ids)
#u = User.query.filter_by(username=user).first()
## print(user_id)
## print(request.args.get('mode'))
## if request.args.get('mode') == 'generated':
content = ''
for i in id_dict.items():
if i[1] == '':
content = content + '''\n
<p style="text-align: center;">Your passphrase for <strong>''' + str(i[0]) + '''</strong>:</p>
<p style="text-align: center;"><strong>''' + str(gen_passphrase(int(i[0]))) + '''</strong></p>
'''
elif i[1] == 0:
content = content + '''\n<p style="text-align: center;">Using legacy auth</p>'''
else:
content = content + '''\n<p style="text-align: center;">Using custom auth passphrase: ''' + str(i[1]) + '''</p>'''
try:
#content = Markup('<strong>The HTML String</strong>')
#user_id = request.args.get('user_id')
u = current_user
## print(u.username)
id_dict = ast.literal_eval(u.dmr_ids)
#u = User.query.filter_by(username=user).first()
## print(user_id)
## print(request.args.get('mode'))
## if request.args.get('mode') == 'generated':
content = ''
for i in id_dict.items():
if i[1] == '':
content = content + '''\n
<p style="text-align: center;">Your passphrase for <strong>''' + str(i[0]) + '''</strong>:</p>
<p style="text-align: center;"><strong>''' + str(gen_passphrase(int(i[0]))) + '''</strong></p>
'''
elif i[1] == 0:
content = content + '''\n<p style="text-align: center;">Using legacy auth</p>'''
else:
content = content + '''\n<p style="text-align: center;">Using custom auth passphrase: ''' + str(i[1]) + '''</p>'''
except:
content = Markup('<strong>No DMR IDs found or other error.</strong>')
#return str(content)
@ -231,19 +234,22 @@ def create_app():
## content = u.dmr_ids
if request.method == 'POST' and request.args.get('callsign') and request.form.get('user_status'):
edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
if request.form.get('user_status') == "True":
edit_user.active = True
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been enabled.</p>'''
if request.form.get('user_status') == "False":
edit_user.active = False
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been disabled.</p>'''
if request.form.get('user_status') != edit_user.active:
if request.form.get('user_status') == "True":
edit_user.active = True
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been enabled.</p>'''
if request.form.get('user_status') == "False":
edit_user.active = False
content = '''<p style="text-align: center;">User <strong>''' + request.args.get('callsign') + '''</strong> has been disabled.</p>'''
if request.form.get('username') != edit_user.username:
print(request.form.get('username'))
#print(edit_user.username)
print('new uname')
edit_user.username = request.form.get('username')
#db.session.commit()
if request.form.get('dmr_ids') != edit_user.dmr_ids:
edit_user.dmr_ids = request.form.get('dmr_ids')
content = '''<p style="text-align: center;">Changed authentication settings for user: <strong>''' + request.args.get('callsign') + '''</strong></p>'''
db.session.commit()
#edit_user = User.query.filter(User.username == request.args.get('callsign')).first()
elif request.method == 'POST' and request.form.get('callsign') and not request.form.get('user_status'): # and request.form.get('user_status') :
@ -262,7 +268,7 @@ def create_app():
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;"><select name="user_status">
<option selected="selected" value="''' + str(u.is_active) + '''">''' + str(u.is_active) + '''</option>
<option selected="selected" value="''' + str(u.is_active) + '''">Current: ''' + str(u.is_active) + '''</option>
<option value="True">True</option>
<option value="False">False</option>
</select></td></td>
@ -280,6 +286,12 @@ def create_app():
<input type="text" id="password" name="password" value="''' + u.password + '''"><br>
</td></tr>
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;">
<label for="username">RAW Python Dictionary of IDs:</label><br>
<input type="text" id="dmr_ids" name="dmr_ids" value="''' + str(u.dmr_ids) + '''"><br>
</td></tr>
<tr style="height: 27px;">
<td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
</tr>
@ -296,7 +308,7 @@ def create_app():
<table style="width: 600px; margin-left: auto; margin-right: auto;" border="3">
<tbody>
<tr>
<td><form action="admin" method="POST">
<td><form action="edit_user" method="POST">
<table style="margin-left: auto; margin-right: auto;">
<tbody>
<tr style="height: 62px;">
@ -346,7 +358,7 @@ def create_app():
@app.route('/test')
def test_peer():
## #u = User.query.filter_by(username='kf7eel').first()
u = User.query.filter_by(username='kf7eel').first()
## u = User.query.filter(User.dmr_ids.contains('3153591')).first()
## #tu = User.query.all()
## #tu = User.query().all()
@ -375,12 +387,61 @@ def create_app():
#edit_user.active = False
#db.session.commit()
print(type(current_user.has_roles))
print((current_user.has_roles('Admin')))
u.roles.append(Role(name='Admin'))
print((current_user.has_roles('Admin')))
#db.session.commit()
db.session.add(u)
db.session.commit()
return str(current_user.roles)
@app.route('/add_admin', methods=['POST', 'GET'])
@roles_required('Admin')
def add_admin():
if request.method == 'GET':
content = '''
<td><form action="add_admin" method="POST">
<table style="margin-left: auto; margin-right: auto;">
<tbody>
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;">
<label for="username">Username:</label><br>
<input type="text" id="username" name="username"><br>
</td></tr>
<tr style="height: 51.1667px;">
<td style="height: 51.1667px; text-align: center;">
<label for="username">Password:</label><br>
<input type="password" id="password" name="password" ><br>
</td></tr>
<tr style="height: 27px;">
<td style="text-align: center; height: 27px;"><input type="submit" value="Submit" /></td>
</tr>
</tbody>
</table>
</form></td>
</tr>
</tbody>
</table>
<p>&nbsp;</p>
'''
elif request.method == 'POST' and request.form.get('username'):
if not User.query.filter(User.username == request.form.get('username')).first():
user = User(
username='admin',
email_confirmed_at=datetime.datetime.utcnow(),
password=user_manager.hash_password(request.form.get('password')),
)
user.roles.append(Role(name='Admin'))
user.roles.append(Role(name='User'))
db.session.add(user)
db.session.commit()
content = 'Created user ' + str(request.form.get('username'))
else:
content = 'Created user ' + str(request.form.get('Error'))
return render_template('flask_user_layout.html', markup_content = Markup(content), logo = logo)
@app.route('/auth', methods=['POST'])
def auth():

7
user_managment/templates/flask_user_layout.html
View File

@ -44,13 +44,14 @@
<td style="text-align: center;"><a href={{ url_for('user.login') }}>Sign in</a></td>
{% endif %}
{% if call_or_get(current_user.is_authenticated) %}
{% if call_or_get(current_user.has_roles('Admin')) %}
<td style="text-align: center;"><a href={{url}}/edit_user>Edit a User</a></td>
<td style="text-align: center;"><a href={{url}}/add_admin>Add an Admin</a></td>
{% endif %}
<td style="text-align: center;"><a href={{url}}/generate_passphrase>View Passphrase(s)</a></td>
<td style="text-align: center;"><a href="{{ url_for('user.edit_user_profile') }}">Edit {{ current_user.username or current_user.email }}</a></td>
<td style="text-align: center;"><a href={{ url_for('user.logout') }}>Sign out</a></td>
{% endif %}
</tr>
</tbody>
</table>