jakob/certweb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

finish authentication by trusted header

Browse source
This commit is contained in:
Jakobus Schürz 2019-09-26 13:09:20 +02:00
parent 3abee2f226
commit 2c20ede487
7 changed files with 22 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
certweb/auth.py
View file

@ -106,18 +106,28 @@ def login():
flash(error)
elif request.method == 'GET':
print(request.headers.get('X-AUTHENTICATION-id'))
#print(dict(request.headers))
print(dict(request.headers))
db = get_db()
error = None
if request.headers.get('X-AUTHENTICATION-id') is not None:
username = request.headers.get('X-AUTHENTICATION-id')
fullname = request.headers.get('X-AUTHENTICATION-cn')
email = request.headers.get('X-AUTHENTICATION-email')
user = db.execute(
'SELECT * FROM user WHERE username = ?', (username,)
).fetchone()
if user is None:
fullname = username if fullname is None else username
email = username+'@'+ request.headers.get('X-FORWARDED-FOR') if fullname is None else username
db.execute(
'INSERT INTO user (username, fullname, email) VALUES (?, ?, ?)',
(username, fullname, email)
)
db.commit()
return redirect(url_for('auth.login'))
error = 'Incorrect username.'
return redirect(url_for('auth.register'))

2
certweb/schema.sql
View file

@ -16,7 +16,7 @@ CREATE TABLE settings (
CREATE TABLE user (
id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT UNIQUE NOT NULL,
password TEXT NOT NULL,
password TEXT,
fullname TEXT NOT NULL,
email TEXT NOT NULL,
principals TEXT,

5
certweb/templates/auth/login.html
View file

@ -5,8 +5,11 @@
{% endblock %}
{% block content %}
A{{ request.headers }} <br>
B{{ request.header.get('X-AUTHENTICATION-id') }} <br>
<form method="post">
<label for="username">Username</label>
<label for="username">Username</label
value="{{ request.header.get('X-AUTHENTICATION-id') or ''}}">
<input name="username" id="username" required>
<label for="password">Password</label>
<input type="password" name="password" id="password" required>

3
certweb/templates/auth/register.html
View file

@ -7,7 +7,8 @@
{% block content %}
<form method="post">
<label for="username">Username</label>
<input name="username" id="username" required>
<input name="username" id="username"
value="{{ request.form['username'] or request.headers['X-AUTHENTICATION-id'] }}" required>
<label for="password">Password</label>
<input type="password" name="password" id="password" required>
<label for="fullname">Anzeigename</label>

2
certweb/templates/auth/update.html
View file

@ -14,7 +14,7 @@
value="{{ request.form['username'] or user['username'] }}" required>
<label for="password">Password</label>
<input type="password" name="password" id="password"
value="" required>
value="">
<label for="email">Email: ({{ user['email'] }})</label>
<input name="email" id="email"
value="{{ request.form['email'] or user['email'] }}" required>

3
certweb/templates/base.html
View file

@ -3,7 +3,8 @@
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
<nav>
<h1><a href="{{ url_for('pubkeys.index') }}">SSH-Certificates</a></h1>
"{{ request.environ.get('HTTP_X_REAL_IP', request.remote_addr) }}"
A"{{ request.environ.get('HTTP_X_REAL_IP', request.remote_addr) }}"
B"{{ request.headers.get('X-Forwarded-For') }}"
<ul>
{% if g.user %}
<li><a class="action" href="{{ url_for('auth.update', id=g.user['id']) }}">{{ g.user['username'] }} (Settings)</a>

1
certweb/templates/pubkeys/index.html
View file

@ -33,6 +33,7 @@
<a class="action" href="{{ url_for('pubkeys.update', id=pubkey['id']) }}">Edit</a>
{% if pubkey['deleted'] == 0 %}
<a class="action" href="{{ url_for('pubkeys.delete', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Delete</a>
<a class="action" href="{{ url_for('pubkeys.deletefinal', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Delete final</a>
{% endif %}
{% if pubkey['revoked'] == 0 %}
<a class="action" href="{{ url_for('pubkeys.revoke', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Revoke</a>