Telos4
/
DoorAdmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed use of session cookie for token creation and modification

blueprint_refactoring
Simon Pirkelmann 2022-01-30 23:08:18 +01:00
parent f1eaf8af4e
commit 3caf17c861
1 changed files with 44 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
imaginaerraum_door_admin/webapp.py
View File

@ -163,6 +163,7 @@ def promote_admin(username):
db.session.commit() db.session.commit()
return redirect('/manage_admins') return redirect('/manage_admins')
@door_app.route('/demote_admin/<username>') @door_app.route('/demote_admin/<username>')
@roles_required('super_admin') @roles_required('super_admin')
def demote_admin(username): def demote_admin(username):
@ -281,6 +282,26 @@ def token_log():
return redirect('/') return redirect('/')
def store_token(token_data):
"""Store token to the token file on disk.
This will use the token id and the associated data and create/modify a
token and store the new token file to disk.
"""
token = token_data['token']
tokens = current_app.door.get_tokens()
tokens[token] = {'name': token_data['name'],
'email': token_data['email'],
'valid_thru': token_data['valid_thru'],
'inactive': token_data['inactive'],
'organization': token_data['organization']}
try:
current_app.door.store_tokens(tokens)
current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
except Exception as e:
flash(f"Error during store_tokens. Exception: {e}")
# routes for registering, editing and deleting tokens # routes for registering, editing and deleting tokens
@door_app.route('/register-token', methods=['GET', 'POST']) @door_app.route('/register-token', methods=['GET', 'POST'])
@roles_required('admin') @roles_required('admin')
@ -298,7 +319,7 @@ def register():
recent_token = {} recent_token = {}
if {'token', 'timestamp'}.issubset(set(token.keys())): if {'token', 'timestamp'}.issubset(set(token.keys())):
dt = datetime.utcnow() - token['timestamp'] dt = datetime.utcnow() - token['timestamp']
if dt < timedelta(minutes=10): if dt < timedelta(minutes=10):
recent_token = token recent_token = token
recent_token['timedelta_minutes'] = int(dt.total_seconds() / 60.0) recent_token['timedelta_minutes'] = int(dt.total_seconds() / 60.0)
@ -307,22 +328,19 @@ def register():
# set default valid thru date to today to make sure form validity check passes # set default valid thru date to today to make sure form validity check passes
# (will not be used if limited validity is disabled) # (will not be used if limited validity is disabled)
form.valid_thru.data = date.today() form.valid_thru.data = date.today()
return render_template('register.html', token=recent_token, form=form)
elif request.method == 'POST' and form.validate(): elif request.method == 'POST' and form.validate():
# store data in session cookie token_data = {
session['token'] = current_app.door.get_most_recent_token()['token'] 'token': current_app.door.get_most_recent_token()['token'],
session['name'] = form.name.data 'name': form.name.data, 'email': form.email.data,
session['email'] = form.email.data 'organization': form.organization.data,
session['organization'] = form.organization.data 'inactive': not form.active.data,
if form.limit_validity.data: 'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
session['valid_thru'] = form.valid_thru.data.isoformat() }
else: store_token(token_data)
session['valid_thru'] = '' return redirect('/tokens')
session['inactive'] = not form.active.data
return redirect('/store-token')
else: else:
return render_template('register.html', token=recent_token, form=form) flash(f'Token konnte nicht registiert werden. Fehler: {form.errors}')
return render_template('register.html', token=recent_token, form=form)
@door_app.route('/edit-token/<token>', methods=['GET', 'POST']) @door_app.route('/edit-token/<token>', methods=['GET', 'POST'])
@ -366,44 +384,21 @@ def edit_token(token):
return redirect('/tokens') return redirect('/tokens')
elif request.method == 'POST': elif request.method == 'POST':
if form.validate(): if form.validate():
# store data in session cookie # store data in token_data cookie
session['token'] = token token_data = {'token': token,
session['name'] = form.name.data 'name': form.name.data,
session['organization'] = form.organization.data 'organization': form.organization.data,
session['email'] = form.email.data 'email': form.email.data,
if form.limit_validity.data: 'inactive': not form.active.data,
session['valid_thru'] = form.valid_thru.data.isoformat() 'valid_thru': form.valid_thru.data.isoformat() if form.limit_validity.data else ''
else: }
session['valid_thru'] = '' store_token(token_data)
session['inactive'] = not form.active.data return redirect('/tokens')
return redirect(f'/store-token')
else: else:
flash(f'Token konnte nicht editiert werden. Fehler: {form.errors}')
return render_template('edit.html', token=token, form=form) return render_template('edit.html', token=token, form=form)
@door_app.route('/store-token')
@roles_required('admin')
def store_token():
"""Store token to the token file on disk.
This will use the token id and the associated data stored in the session cookie (filled by register_token() or
edit_token()) and create/modify a token and store the new token file to disk.
"""
token = session['token']
tokens = current_app.door.get_tokens()
tokens[token] = {'name': session['name'],
'email': session['email'],
'valid_thru': session['valid_thru'],
'inactive': session['inactive'],
'organization': session['organization']}
try:
current_app.door.store_tokens(tokens)
current_app.logger.info(f"Token {token} stored in database by admin user {current_user.username}")
except Exception as e:
flash(f"Error during store_tokens. Exception: {e}")
return redirect('/tokens')
@door_app.route('/delete-token/<token>', methods=['GET', 'POST']) @door_app.route('/delete-token/<token>', methods=['GET', 'POST'])
@roles_required('admin') @roles_required('admin')
def delete_token(token): def delete_token(token):