add login page
This commit is contained in:
parent
970115b947
commit
f102a7f554
37
app.py
37
app.py
@ -1,4 +1,4 @@
|
|||||||
from flask import Flask, send_file, jsonify, request
|
from flask import Flask, flash, make_response, redirect, send_file, jsonify, request, render_template, url_for
|
||||||
import db
|
import db
|
||||||
import os
|
import os
|
||||||
from werkzeug.utils import secure_filename
|
from werkzeug.utils import secure_filename
|
||||||
@ -15,6 +15,30 @@ def ssh_thread_function():
|
|||||||
ssh_thread = threading.Thread(target=ssh_thread_function)
|
ssh_thread = threading.Thread(target=ssh_thread_function)
|
||||||
ssh_thread.start()
|
ssh_thread.start()
|
||||||
|
|
||||||
|
@app.route('/')
|
||||||
|
def main():
|
||||||
|
auth_token = request.cookies.get('auth_token')
|
||||||
|
if auth_token != "" and auth_token is not None:
|
||||||
|
if db.get_user_bytoken(auth_token) is None:
|
||||||
|
return render_template('template/login.html')
|
||||||
|
return render_template('template/index.html')
|
||||||
|
|
||||||
|
@app.route('/api/login', methods=['POST'])
|
||||||
|
def login_post():
|
||||||
|
username = request.form['username']
|
||||||
|
password = request.form['password']
|
||||||
|
|
||||||
|
auth_token = db.login()
|
||||||
|
if auth_token is None:
|
||||||
|
flash('Nieprawidłowa nazwa użytkownika lub hasło.', 'error')
|
||||||
|
return redirect(url_for('login'))
|
||||||
|
|
||||||
|
response = make_response(render_template('template/index.html'))
|
||||||
|
response.set_cookie('auth_token', auth_token)
|
||||||
|
|
||||||
|
return response
|
||||||
|
|
||||||
|
|
||||||
@app.route("/api/addimage", methods=['POST'])
|
@app.route("/api/addimage", methods=['POST'])
|
||||||
def add_image():
|
def add_image():
|
||||||
db.Connect()
|
db.Connect()
|
||||||
@ -51,19 +75,14 @@ def add_image():
|
|||||||
else:
|
else:
|
||||||
filename = "1"+filename
|
filename = "1"+filename
|
||||||
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
|
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
|
||||||
|
db.add_conf_image(filename, token)
|
||||||
db.AddVPNImage(filename, token)
|
|
||||||
|
|
||||||
return jsonify(message="ok")
|
return jsonify(message="ok")
|
||||||
|
|
||||||
|
|
||||||
@app.route("/api/getvpn")
|
@app.route("/api/getconf")
|
||||||
def get_image():
|
def get_image():
|
||||||
try:
|
filename = db.get_conf_image(request.headers['token'])
|
||||||
filename = db.GetVPNImage(request.headers['token'])[0]
|
|
||||||
print(filename)
|
|
||||||
except:
|
|
||||||
filename = "default.squashfs"
|
|
||||||
if filename is None or filename == "":
|
if filename is None or filename == "":
|
||||||
filename = "default.squashfs"
|
filename = "default.squashfs"
|
||||||
|
|
||||||
|
103
db.py
103
db.py
@ -1,7 +1,8 @@
|
|||||||
import psycopg2
|
import psycopg2
|
||||||
import config
|
import config
|
||||||
|
import utils
|
||||||
|
|
||||||
def Connect():
|
def connect():
|
||||||
global cur, conn
|
global cur, conn
|
||||||
try:
|
try:
|
||||||
conn = psycopg2.connect(database=config.database,
|
conn = psycopg2.connect(database=config.database,
|
||||||
@ -21,31 +22,107 @@ def Connect():
|
|||||||
image_name VARCHAR(255) NOT NULL,
|
image_name VARCHAR(255) NOT NULL,
|
||||||
token VARCHAR(255) NOT NULL,
|
token VARCHAR(255) NOT NULL,
|
||||||
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||||
)
|
);""")
|
||||||
""")
|
cur.execute("""
|
||||||
|
CREATE TABLE IF NOT EXISTS users (
|
||||||
|
id SERIAL PRIMARY KEY,
|
||||||
|
username VARCHAR(50) UNIQUE NOT NULL,
|
||||||
|
password VARCHAR(256) NOT NULL,
|
||||||
|
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
|
||||||
|
);""")
|
||||||
|
cur.execute("""
|
||||||
|
CREATE TABLE auth_tokens (
|
||||||
|
id SERIAL PRIMARY KEY,
|
||||||
|
user_id INTEGER NOT NULL REFERENCES users(id),
|
||||||
|
token VARCHAR(64) NOT NULL,
|
||||||
|
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
|
||||||
|
expires_on TIMESTAMP NOT NULL
|
||||||
|
);""")
|
||||||
conn.commit()
|
conn.commit()
|
||||||
|
|
||||||
def GetCur():
|
def get_cur():
|
||||||
return conn.cursor()
|
return conn.cursor()
|
||||||
|
|
||||||
def GetConn():
|
def get_conn():
|
||||||
return conn
|
return conn
|
||||||
|
|
||||||
def AddVPNImage(name, token):
|
def add_conf_image(name, token):
|
||||||
Connect()
|
connect()
|
||||||
with GetCur() as cur:
|
with get_cur() as cur:
|
||||||
cur.execute("""
|
cur.execute("""
|
||||||
INSERT INTO vpn (image_name, token)
|
INSERT INTO vpn (image_name, token)
|
||||||
VALUES (%s, %s)
|
VALUES (%s, %s)
|
||||||
""",(name, token,))
|
""",(name, token,))
|
||||||
conn.commit()
|
conn.commit()
|
||||||
|
|
||||||
def GetVPNImage(token):
|
def get_conf_image(token):
|
||||||
Connect()
|
connect()
|
||||||
with GetCur() as cur:
|
with get_cur() as cur:
|
||||||
cur.execute("""
|
cur.execute("""
|
||||||
SELECT image_name FROM vpn WHERE token = %s
|
SELECT image_name FROM vpn WHERE token = %s
|
||||||
""",(token,))
|
""",(token,))
|
||||||
return cur.fetchone()
|
try:
|
||||||
|
return cur.fetchone()[0]
|
||||||
|
except:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def add_user(username, password):
|
||||||
|
connect()
|
||||||
|
with get_cur() as cur:
|
||||||
|
cur.execute("""
|
||||||
|
INSERT INTO users (username, password)
|
||||||
|
VALUES (%s, %s)
|
||||||
|
""",(username, utils.hash_password(password),))
|
||||||
|
conn.commit()
|
||||||
|
|
||||||
|
def get_user(username, password):
|
||||||
|
connect()
|
||||||
|
with get_cur() as cur:
|
||||||
|
cur.execute("""
|
||||||
|
SELECT id FROM users WHERE username = %s AND password = %s
|
||||||
|
""",(username, utils.hash_password(password),))
|
||||||
|
try:
|
||||||
|
return cur.fetchone()[0]
|
||||||
|
except:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def get_user_byid(id):
|
||||||
|
connect()
|
||||||
|
with get_cur() as cur:
|
||||||
|
cur.execute("""
|
||||||
|
SELECT id FROM users WHERE id = %s
|
||||||
|
""",(id,))
|
||||||
|
try:
|
||||||
|
return cur.fetchone()[0]
|
||||||
|
except:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def get_user_bytoken(token):
|
||||||
|
connect()
|
||||||
|
with get_cur() as cur:
|
||||||
|
cur.execute("""
|
||||||
|
SELECT user_id FROM auth_tokens WHERE token = %s
|
||||||
|
""",(token,))
|
||||||
|
try:
|
||||||
|
return cur.fetchone()[0]
|
||||||
|
except:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def add_auth_token(user_id):
|
||||||
|
token = utils.generate_auth_token()
|
||||||
|
connect()
|
||||||
|
with get_cur() as cur:
|
||||||
|
cur.execute("""
|
||||||
|
INSERT INTO auth_tokens (user_id, token)
|
||||||
|
VALUES (%s, %s)
|
||||||
|
""",(user_id,token,))
|
||||||
|
conn.commit()
|
||||||
|
return token
|
||||||
|
|
||||||
|
def login(username, password):
|
||||||
|
user_id = get_user(username, password)
|
||||||
|
if user_id is not None:
|
||||||
|
return add_auth_token(user_id)
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
63
template/login.html
Normal file
63
template/login.html
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<title>Strona logowania</title>
|
||||||
|
<style>
|
||||||
|
body {
|
||||||
|
background-color: #F2F2F2;
|
||||||
|
font-family: Arial, sans-serif;
|
||||||
|
}
|
||||||
|
#login-box {
|
||||||
|
background-color: #FFFFFF;
|
||||||
|
border-radius: 10px;
|
||||||
|
padding: 20px;
|
||||||
|
width: 400px;
|
||||||
|
margin: 0 auto;
|
||||||
|
margin-top: 100px;
|
||||||
|
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
|
||||||
|
}
|
||||||
|
h1 {
|
||||||
|
text-align: center;
|
||||||
|
font-size: 28px;
|
||||||
|
margin-top: 0;
|
||||||
|
}
|
||||||
|
input[type=text], input[type=password] {
|
||||||
|
width: 100%;
|
||||||
|
padding: 10px;
|
||||||
|
margin-bottom: 20px;
|
||||||
|
border: none;
|
||||||
|
border-radius: 5px;
|
||||||
|
background-color: #F2F2F2;
|
||||||
|
box-shadow: inset 0 0 5px rgba(0, 0, 0, 0.1);
|
||||||
|
font-size: 16px;
|
||||||
|
}
|
||||||
|
input[type=submit] {
|
||||||
|
background-color: #4CAF50;
|
||||||
|
color: white;
|
||||||
|
border: none;
|
||||||
|
border-radius: 5px;
|
||||||
|
padding: 10px;
|
||||||
|
font-size: 16px;
|
||||||
|
cursor: pointer;
|
||||||
|
}
|
||||||
|
input[type=submit]:hover {
|
||||||
|
background-color: #3e8e41;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div id="login-box">
|
||||||
|
<h1>Logowanie</h1>
|
||||||
|
<form>
|
||||||
|
<label for="username">Nazwa użytkownika:</label>
|
||||||
|
<input type="text" id="username" name="username" placeholder="Wprowadź nazwę użytkownika">
|
||||||
|
|
||||||
|
<label for="password">Hasło:</label>
|
||||||
|
<input type="password" id="password" name="password" placeholder="Wprowadź hasło">
|
||||||
|
|
||||||
|
<input type="submit" value="Zaloguj się">
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
Loading…
Reference in New Issue
Block a user