Zdalne-systemy-z-kit-uVPN/app.py

143 lines
4.9 KiB
Python
Raw Normal View History

2023-04-13 09:52:51 +00:00
from flask import Flask, flash, make_response, redirect, send_file, jsonify, request, render_template, url_for
2023-04-07 11:25:24 +00:00
import db
import os
from werkzeug.utils import secure_filename
2023-04-12 13:49:11 +00:00
import subprocess
2023-04-12 13:53:05 +00:00
import threading
2023-04-13 11:12:08 +00:00
import utils
import shutil
2023-04-12 13:46:10 +00:00
2023-04-06 12:07:13 +00:00
app = Flask(__name__)
2023-04-13 11:38:36 +00:00
app.config['UPLOAD_FOLDER'] = "squash"
2023-04-07 11:25:24 +00:00
app.config['MAX_CONTENT_LENGTH'] = 1024 * 1024 * 512 #512MB
2023-04-12 13:53:05 +00:00
def ssh_thread_function():
subprocess.run(['wssh','--fbidhttp=False'])
ssh_thread = threading.Thread(target=ssh_thread_function)
ssh_thread.start()
2023-04-13 09:52:51 +00:00
@app.route('/')
def main():
auth_token = request.cookies.get('auth_token')
2023-04-13 09:53:45 +00:00
if auth_token != "" or auth_token is not None:
2023-04-13 09:52:51 +00:00
if db.get_user_bytoken(auth_token) is None:
2023-04-13 10:13:24 +00:00
return redirect("/login")
2023-04-13 09:56:36 +00:00
return render_template('index.html')
2023-04-13 09:52:51 +00:00
2023-04-13 10:13:54 +00:00
@app.route('/login')
2023-04-13 10:13:24 +00:00
def login():
2023-04-13 10:25:01 +00:00
auth_token = request.cookies.get('auth_token')
if auth_token != "" or auth_token is not None:
if db.get_user_bytoken(auth_token) is not None:
return render_template('index.html')
2023-04-13 10:13:24 +00:00
return render_template('login.html')
2023-04-13 10:09:15 +00:00
2023-04-13 10:55:06 +00:00
@app.route('/create/conf')
def create_conf():
auth_token = request.cookies.get('auth_token')
if auth_token != "" or auth_token is not None:
if db.get_user_bytoken(auth_token) is None:
return redirect("/login")
return render_template("create.html")
@app.route('/api/createconf', methods=['POST'])
def create_conf_post():
config_name = request.form['config_name']
2023-04-13 11:55:25 +00:00
print(config_name)
2023-04-13 10:55:06 +00:00
token_name = request.form['token_name']
key_length = request.form['key_length']
2023-04-13 11:14:21 +00:00
folder = utils.generate_random_string(5)
2023-04-13 10:55:06 +00:00
try:
2023-04-13 11:32:21 +00:00
os.mkdir(os.path.join(os.getcwd(), 'configs',folder))
2023-04-13 10:55:06 +00:00
authorized_keys_config = request.form['authorized_keys_config']
2023-04-13 11:12:08 +00:00
authorized_keys_file = open(folder+"/authorized_keys","w")
authorized_keys_file.write(authorized_keys_config)
authorized_keys_file.close()
2023-04-13 10:55:06 +00:00
except:
2023-04-13 11:12:08 +00:00
shutil.copy('./configs/authorized_keys', './configs/'+ folder+"/authorized_keys")
2023-04-13 11:20:37 +00:00
script_path = os.path.join(os.getcwd(), 'configs', "create.sh")
ini_path = os.path.join(os.getcwd(), 'configs', "uVPN.ini")
conf_path = os.path.join(os.getcwd(), 'configs', "uVPN.conf")
pub_path = os.path.join(os.getcwd(), 'configs', "server.pub")
scripts_path = os.path.join(os.getcwd(), 'configs', "scripts/")
authorized_keys_path = os.path.join(os.getcwd(), 'configs',folder ,"authorized_keys")
sshd_config_path = os.path.join(os.getcwd(), 'configs', "sshd_config")
sendmail_path = os.path.join(os.getcwd(), 'configs', "sendmail.sh")
subprocess.run([script_path,"-i "+ini_path, "-c "+conf_path, "-k "+pub_path, "-l "+key_length, "-n "+config_name, "-s "+scripts_path, "-a "+authorized_keys_path, "-d "+sshd_config_path, "-m "+sendmail_path])
2023-04-13 11:12:08 +00:00
if os.path.exists(folder):
2023-04-13 11:23:54 +00:00
shutil.rmtree(folder)
2023-04-13 11:12:08 +00:00
db.add_conf_image(config_name, token_name)
return send_file(os.path.join(app.config['UPLOAD_FOLDER'], config_name+".pub"))
2023-04-13 10:55:06 +00:00
2023-04-13 09:52:51 +00:00
@app.route('/api/login', methods=['POST'])
2023-04-13 10:13:24 +00:00
def login_api():
2023-04-13 09:52:51 +00:00
username = request.form['username']
password = request.form['password']
2023-04-13 10:26:49 +00:00
#register
2023-04-13 10:29:24 +00:00
#db.add_user(username, password)
2023-04-13 10:26:49 +00:00
#register
2023-04-13 09:59:55 +00:00
auth_token = db.login(username, password)
2023-04-13 09:52:51 +00:00
if auth_token is None:
2023-04-13 10:25:01 +00:00
return render_template('login.html', incorrect="Incorrect username or password!")
2023-04-13 09:52:51 +00:00
2023-04-13 10:32:13 +00:00
response = make_response(redirect('/'))
2023-04-13 09:52:51 +00:00
response.set_cookie('auth_token', auth_token)
return response
2023-04-07 11:28:20 +00:00
@app.route("/api/addimage", methods=['POST'])
2023-04-07 11:25:24 +00:00
def add_image():
db.Connect()
name = None
try:
file = request.files['file']
if file is None or file == "":
return jsonify(message="nofile")
except Exception as e:
return jsonify(message="nofile")
try:
token = request.form['token']
if token is None or token == "":
return jsonify(message="notoken")
except:
if token is None:
return jsonify(message="notoken")
incorrect = True
while incorrect:
if db.GetVPNImage(token) is not None:
if name[-1:].isdigit():
name = name[:-1] + str(int(name[-1:])+1)
else:
name = name+"1"
else:
incorrect = False
filename = secure_filename(file.filename)
while os.path.exists(os.path.join(app.config['UPLOAD_FOLDER'], filename)):
if filename[0].isdigit():
filename = str(int(filename[0])+1)+filename[1:]
else:
filename = "1"+filename
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
2023-04-13 09:52:51 +00:00
db.add_conf_image(filename, token)
2023-04-07 11:25:24 +00:00
return jsonify(message="ok")
2023-04-06 12:07:13 +00:00
2023-04-13 09:52:51 +00:00
@app.route("/api/getconf")
2023-04-07 11:25:24 +00:00
def get_image():
2023-04-13 09:52:51 +00:00
filename = db.get_conf_image(request.headers['token'])
2023-04-07 11:25:24 +00:00
if filename is None or filename == "":
filename = "default.squashfs"
2023-04-12 13:50:21 +00:00
return send_file(os.path.join(app.config['UPLOAD_FOLDER'], filename))