add login page
This commit is contained in:
parent
970115b947
commit
f102a7f554
37
app.py
37
app.py
@ -1,4 +1,4 @@
|
||||
from flask import Flask, send_file, jsonify, request
|
||||
from flask import Flask, flash, make_response, redirect, send_file, jsonify, request, render_template, url_for
|
||||
import db
|
||||
import os
|
||||
from werkzeug.utils import secure_filename
|
||||
@ -15,6 +15,30 @@ def ssh_thread_function():
|
||||
ssh_thread = threading.Thread(target=ssh_thread_function)
|
||||
ssh_thread.start()
|
||||
|
||||
@app.route('/')
|
||||
def main():
|
||||
auth_token = request.cookies.get('auth_token')
|
||||
if auth_token != "" and auth_token is not None:
|
||||
if db.get_user_bytoken(auth_token) is None:
|
||||
return render_template('template/login.html')
|
||||
return render_template('template/index.html')
|
||||
|
||||
@app.route('/api/login', methods=['POST'])
|
||||
def login_post():
|
||||
username = request.form['username']
|
||||
password = request.form['password']
|
||||
|
||||
auth_token = db.login()
|
||||
if auth_token is None:
|
||||
flash('Nieprawidłowa nazwa użytkownika lub hasło.', 'error')
|
||||
return redirect(url_for('login'))
|
||||
|
||||
response = make_response(render_template('template/index.html'))
|
||||
response.set_cookie('auth_token', auth_token)
|
||||
|
||||
return response
|
||||
|
||||
|
||||
@app.route("/api/addimage", methods=['POST'])
|
||||
def add_image():
|
||||
db.Connect()
|
||||
@ -51,19 +75,14 @@ def add_image():
|
||||
else:
|
||||
filename = "1"+filename
|
||||
file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
|
||||
|
||||
db.AddVPNImage(filename, token)
|
||||
db.add_conf_image(filename, token)
|
||||
|
||||
return jsonify(message="ok")
|
||||
|
||||
|
||||
@app.route("/api/getvpn")
|
||||
@app.route("/api/getconf")
|
||||
def get_image():
|
||||
try:
|
||||
filename = db.GetVPNImage(request.headers['token'])[0]
|
||||
print(filename)
|
||||
except:
|
||||
filename = "default.squashfs"
|
||||
filename = db.get_conf_image(request.headers['token'])
|
||||
if filename is None or filename == "":
|
||||
filename = "default.squashfs"
|
||||
|
||||
|
103
db.py
103
db.py
@ -1,7 +1,8 @@
|
||||
import psycopg2
|
||||
import config
|
||||
import utils
|
||||
|
||||
def Connect():
|
||||
def connect():
|
||||
global cur, conn
|
||||
try:
|
||||
conn = psycopg2.connect(database=config.database,
|
||||
@ -21,31 +22,107 @@ def Connect():
|
||||
image_name VARCHAR(255) NOT NULL,
|
||||
token VARCHAR(255) NOT NULL,
|
||||
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||
)
|
||||
""")
|
||||
);""")
|
||||
cur.execute("""
|
||||
CREATE TABLE IF NOT EXISTS users (
|
||||
id SERIAL PRIMARY KEY,
|
||||
username VARCHAR(50) UNIQUE NOT NULL,
|
||||
password VARCHAR(256) NOT NULL,
|
||||
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
|
||||
);""")
|
||||
cur.execute("""
|
||||
CREATE TABLE auth_tokens (
|
||||
id SERIAL PRIMARY KEY,
|
||||
user_id INTEGER NOT NULL REFERENCES users(id),
|
||||
token VARCHAR(64) NOT NULL,
|
||||
created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
|
||||
expires_on TIMESTAMP NOT NULL
|
||||
);""")
|
||||
conn.commit()
|
||||
|
||||
def GetCur():
|
||||
def get_cur():
|
||||
return conn.cursor()
|
||||
|
||||
def GetConn():
|
||||
def get_conn():
|
||||
return conn
|
||||
|
||||
def AddVPNImage(name, token):
|
||||
Connect()
|
||||
with GetCur() as cur:
|
||||
def add_conf_image(name, token):
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
INSERT INTO vpn (image_name, token)
|
||||
VALUES (%s, %s)
|
||||
""",(name, token,))
|
||||
conn.commit()
|
||||
|
||||
def GetVPNImage(token):
|
||||
Connect()
|
||||
with GetCur() as cur:
|
||||
def get_conf_image(token):
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
SELECT image_name FROM vpn WHERE token = %s
|
||||
""",(token,))
|
||||
return cur.fetchone()
|
||||
try:
|
||||
return cur.fetchone()[0]
|
||||
except:
|
||||
return None
|
||||
|
||||
def add_user(username, password):
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
INSERT INTO users (username, password)
|
||||
VALUES (%s, %s)
|
||||
""",(username, utils.hash_password(password),))
|
||||
conn.commit()
|
||||
|
||||
|
||||
def get_user(username, password):
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
SELECT id FROM users WHERE username = %s AND password = %s
|
||||
""",(username, utils.hash_password(password),))
|
||||
try:
|
||||
return cur.fetchone()[0]
|
||||
except:
|
||||
return None
|
||||
|
||||
def get_user_byid(id):
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
SELECT id FROM users WHERE id = %s
|
||||
""",(id,))
|
||||
try:
|
||||
return cur.fetchone()[0]
|
||||
except:
|
||||
return None
|
||||
|
||||
def get_user_bytoken(token):
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
SELECT user_id FROM auth_tokens WHERE token = %s
|
||||
""",(token,))
|
||||
try:
|
||||
return cur.fetchone()[0]
|
||||
except:
|
||||
return None
|
||||
|
||||
def add_auth_token(user_id):
|
||||
token = utils.generate_auth_token()
|
||||
connect()
|
||||
with get_cur() as cur:
|
||||
cur.execute("""
|
||||
INSERT INTO auth_tokens (user_id, token)
|
||||
VALUES (%s, %s)
|
||||
""",(user_id,token,))
|
||||
conn.commit()
|
||||
return token
|
||||
|
||||
def login(username, password):
|
||||
user_id = get_user(username, password)
|
||||
if user_id is not None:
|
||||
return add_auth_token(user_id)
|
||||
else:
|
||||
return None
|
||||
|
||||
|
63
template/login.html
Normal file
63
template/login.html
Normal file
@ -0,0 +1,63 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>Strona logowania</title>
|
||||
<style>
|
||||
body {
|
||||
background-color: #F2F2F2;
|
||||
font-family: Arial, sans-serif;
|
||||
}
|
||||
#login-box {
|
||||
background-color: #FFFFFF;
|
||||
border-radius: 10px;
|
||||
padding: 20px;
|
||||
width: 400px;
|
||||
margin: 0 auto;
|
||||
margin-top: 100px;
|
||||
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
|
||||
}
|
||||
h1 {
|
||||
text-align: center;
|
||||
font-size: 28px;
|
||||
margin-top: 0;
|
||||
}
|
||||
input[type=text], input[type=password] {
|
||||
width: 100%;
|
||||
padding: 10px;
|
||||
margin-bottom: 20px;
|
||||
border: none;
|
||||
border-radius: 5px;
|
||||
background-color: #F2F2F2;
|
||||
box-shadow: inset 0 0 5px rgba(0, 0, 0, 0.1);
|
||||
font-size: 16px;
|
||||
}
|
||||
input[type=submit] {
|
||||
background-color: #4CAF50;
|
||||
color: white;
|
||||
border: none;
|
||||
border-radius: 5px;
|
||||
padding: 10px;
|
||||
font-size: 16px;
|
||||
cursor: pointer;
|
||||
}
|
||||
input[type=submit]:hover {
|
||||
background-color: #3e8e41;
|
||||
}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div id="login-box">
|
||||
<h1>Logowanie</h1>
|
||||
<form>
|
||||
<label for="username">Nazwa użytkownika:</label>
|
||||
<input type="text" id="username" name="username" placeholder="Wprowadź nazwę użytkownika">
|
||||
|
||||
<label for="password">Hasło:</label>
|
||||
<input type="password" id="password" name="password" placeholder="Wprowadź hasło">
|
||||
|
||||
<input type="submit" value="Zaloguj się">
|
||||
</form>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
Loading…
Reference in New Issue
Block a user