jakob/certweb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

finish authentication by trusted header

Browse source
This commit is contained in:
Jakobus Schürz 2019-09-26 13:09:20 +02:00
parent 3abee2f226
commit 2c20ede487
7 changed files with 22 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
certweb/auth.py
View file

@ -106,18 +106,28 @@ def login():
flash(error) flash(error)
elif request.method == 'GET': elif request.method == 'GET':
print(request.headers.get('X-AUTHENTICATION-id')) print(request.headers.get('X-AUTHENTICATION-id'))
#print(dict(request.headers)) print(dict(request.headers))
db = get_db() db = get_db()
error = None error = None
if request.headers.get('X-AUTHENTICATION-id') is not None: if request.headers.get('X-AUTHENTICATION-id') is not None:
username = request.headers.get('X-AUTHENTICATION-id') username = request.headers.get('X-AUTHENTICATION-id')
fullname = request.headers.get('X-AUTHENTICATION-cn')
email = request.headers.get('X-AUTHENTICATION-email')
user = db.execute( user = db.execute(
'SELECT * FROM user WHERE username = ?', (username,) 'SELECT * FROM user WHERE username = ?', (username,)
).fetchone() ).fetchone()
if user is None: if user is None:
fullname = username if fullname is None else username
email = username+'@'+ request.headers.get('X-FORWARDED-FOR') if fullname is None else username
db.execute(
'INSERT INTO user (username, fullname, email) VALUES (?, ?, ?)',
(username, fullname, email)
)
db.commit()
return redirect(url_for('auth.login'))
error = 'Incorrect username.' error = 'Incorrect username.'
return redirect(url_for('auth.register')) return redirect(url_for('auth.register'))

2
certweb/schema.sql
View file

@ -16,7 +16,7 @@ CREATE TABLE settings (
CREATE TABLE user ( CREATE TABLE user (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
username TEXT UNIQUE NOT NULL, username TEXT UNIQUE NOT NULL,
password TEXT NOT NULL, password TEXT,
fullname TEXT NOT NULL, fullname TEXT NOT NULL,
email TEXT NOT NULL, email TEXT NOT NULL,
principals TEXT, principals TEXT,

5
certweb/templates/auth/login.html
View file

@ -5,8 +5,11 @@
{% endblock %} {% endblock %}
{% block content %} {% block content %}
A{{ request.headers }} <br>
B{{ request.header.get('X-AUTHENTICATION-id') }} <br>
<form method="post"> <form method="post">
<label for="username">Username</label> <label for="username">Username</label
value="{{ request.header.get('X-AUTHENTICATION-id') or ''}}">
<input name="username" id="username" required> <input name="username" id="username" required>
<label for="password">Password</label> <label for="password">Password</label>
<input type="password" name="password" id="password" required> <input type="password" name="password" id="password" required>

3
certweb/templates/auth/register.html
View file

@ -7,7 +7,8 @@
{% block content %} {% block content %}
<form method="post"> <form method="post">
<label for="username">Username</label> <label for="username">Username</label>
<input name="username" id="username" required> <input name="username" id="username"
value="{{ request.form['username'] or request.headers['X-AUTHENTICATION-id'] }}" required>
<label for="password">Password</label> <label for="password">Password</label>
<input type="password" name="password" id="password" required> <input type="password" name="password" id="password" required>
<label for="fullname">Anzeigename</label> <label for="fullname">Anzeigename</label>

2
certweb/templates/auth/update.html
View file

@ -14,7 +14,7 @@
value="{{ request.form['username'] or user['username'] }}" required> value="{{ request.form['username'] or user['username'] }}" required>
<label for="password">Password</label> <label for="password">Password</label>
<input type="password" name="password" id="password" <input type="password" name="password" id="password"
value="" required> value="">
<label for="email">Email: ({{ user['email'] }})</label> <label for="email">Email: ({{ user['email'] }})</label>
<input name="email" id="email" <input name="email" id="email"
value="{{ request.form['email'] or user['email'] }}" required> value="{{ request.form['email'] or user['email'] }}" required>

3
certweb/templates/base.html
View file

@ -3,7 +3,8 @@
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}"> <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
<nav> <nav>
<h1><a href="{{ url_for('pubkeys.index') }}">SSH-Certificates</a></h1> <h1><a href="{{ url_for('pubkeys.index') }}">SSH-Certificates</a></h1>
"{{ request.environ.get('HTTP_X_REAL_IP', request.remote_addr) }}" A"{{ request.environ.get('HTTP_X_REAL_IP', request.remote_addr) }}"
B"{{ request.headers.get('X-Forwarded-For') }}"
<ul> <ul>
{% if g.user %} {% if g.user %}
<li><a class="action" href="{{ url_for('auth.update', id=g.user['id']) }}">{{ g.user['username'] }} (Settings)</a> <li><a class="action" href="{{ url_for('auth.update', id=g.user['id']) }}">{{ g.user['username'] }} (Settings)</a>

1
certweb/templates/pubkeys/index.html
View file

@ -33,6 +33,7 @@
<a class="action" href="{{ url_for('pubkeys.update', id=pubkey['id']) }}">Edit</a> <a class="action" href="{{ url_for('pubkeys.update', id=pubkey['id']) }}">Edit</a>
{% if pubkey['deleted'] == 0 %} {% if pubkey['deleted'] == 0 %}
<a class="action" href="{{ url_for('pubkeys.delete', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Delete</a> <a class="action" href="{{ url_for('pubkeys.delete', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Delete</a>
<a class="action" href="{{ url_for('pubkeys.deletefinal', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Delete final</a>
{% endif %} {% endif %}
{% if pubkey['revoked'] == 0 %} {% if pubkey['revoked'] == 0 %}
<a class="action" href="{{ url_for('pubkeys.revoke', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Revoke</a> <a class="action" href="{{ url_for('pubkeys.revoke', id=pubkey['id']) }}" onclick="return confirm('Are you sure?');">Revoke</a>