aji/authsquare
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: aji:prime
Branches Tags
aji:master
aji:renaming
aji:dashboard
aji:prime
..
compare: aji:master
Branches Tags
aji:master
aji:renaming
aji:dashboard
aji:prime

16 Commits
prime ... master

Author SHA1 Message Date
Dita Aji Pratama
8293dfa761 forgot send to forgot and forgot change to reset 2024-09-30 18:00:55 +07:00
Dita Aji Pratama
989a229e3a Merge branch 'dashboard' 2024-09-28 14:37:36 +07:00
Dita Aji Pratama
4f8e493cde Merge branch 'prime' 2024-09-28 14:37:19 +07:00
Dita Aji Pratama
80935615dd Merge branch 'prime' 2024-09-28 14:36:32 +07:00
Dita Aji Pratama
d5c6cad096 Merge branch 'dashboard' 2024-09-26 22:42:25 +07:00
Dita Aji Pratama
82656ef33a Merge branch 'prime' 2024-09-26 22:41:58 +07:00
Dita Aji Pratama
e9e844863d Merge branch 'dashboard' 2024-09-26 21:35:29 +07:00
Dita Aji Pratama
7ac06aa5ec Give an icon on the menu configuration 2024-09-26 21:35:05 +07:00
Dita Aji Pratama
d6d51abf9b Merge branch 'prime' 2024-09-26 21:29:25 +07:00
Dita Aji Pratama
9eb6707a4c Merge branch 'dashboard' 2024-09-26 20:01:53 +07:00
Dita Aji Pratama
f811ea2b95 Merge branch 'prime' 2024-09-26 19:53:05 +07:00
Dita Aji Pratama
ebc48b2cb7 Add a comment on installation script 2024-09-26 19:47:52 +07:00
Dita Aji Pratama
9eb5429455 Update .gitignore 2024-09-26 19:46:58 +07:00
Dita Aji Pratama
e966b1e7bf Wrap the users page with container 2024-09-26 19:44:03 +07:00
Dita Aji Pratama
cf10e4ec8e Wrap the roles page with container 2024-09-26 19:42:35 +07:00
Dita Aji Pratama
2982b1aded Put header in the container 2024-09-26 19:41:33 +07:00
10 changed files with 219 additions and 192 deletions
Show Stats Expand all files Collapse all files

13
app/.gitignore vendored
View File

@ -1,8 +1,11 @@
.ssh/ .ssh
**/__pycache__ .venv
*.pyc
venv/
env/
.beaker/data/* .beaker/data/*
!.beaker/data/.noremove !.beaker/data/.noremove
**/__pycache__
*.pyc
.DS_Store
nohup.out nohup.out

3
app/config/globalvar.py
View File

@ -119,18 +119,21 @@ menu = {
], ],
"sidebar": [ "sidebar": [
{ {
"icon":"fa-solid fa-gauge",
"name":"Dashboard", "name":"Dashboard",
"target":"_self", "target":"_self",
"href":"/dashboard", "href":"/dashboard",
"roles":[1,2] "roles":[1,2]
}, },
{ {
"icon":"fa-solid fa-user-tag",
"name":"Roles", "name":"Roles",
"target":"_self", "target":"_self",
"href":"/dashboard/roles", "href":"/dashboard/roles",
"roles":[1] "roles":[1]
}, },
{ {
"icon":"fa-solid fa-address-card",
"name":"Users", "name":"Users",
"target":"_self", "target":"_self",
"href":"/dashboard/users", "href":"/dashboard/users",

31
app/handler.py
View File

@ -230,27 +230,32 @@ def index():
print(str(e)) print(str(e))
return json.dumps({}, indent = 2).encode() return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/password/forgot/<type>', method='POST') @app.route('/api/auth/password/forgot', method='POST')
def index(type): def index():
try: try:
params = request.json params = request.json
params["type"] = type params["mako"] = {
if type == "send": "email" : template_email.main(directory.page["email"], "reset")
params["mako"] = { }
"email" : template_email.main(directory.page["email"], "reset")
}
elif type == "change":
params["mako"] = {
"email" : template_email.main(directory.page["email"], "message")
}
else:
pass
response.content_type = 'application/json' response.content_type = 'application/json'
return json.dumps(api_auth.auth().forgot(params), indent = 2).encode() return json.dumps(api_auth.auth().forgot(params), indent = 2).encode()
except Exception as e: except Exception as e:
print(str(e)) print(str(e))
return json.dumps({}, indent = 2).encode() return json.dumps({}, indent = 2).encode()
@app.route('/api/auth/password/reset', method='POST')
def index():
try:
params = request.json
params["mako"] = {
"email" : template_email.main(directory.page["email"], "message")
}
response.content_type = 'application/json'
return json.dumps(api_auth.auth().reset(params), indent = 2).encode()
except Exception as e:
print(str(e))
return json.dumps({}, indent = 2).encode()
@app.route('/api/dashboard/roles/list', method='POST') @app.route('/api/dashboard/roles/list', method='POST')
def index(): def index():
try: try:

21
app/install.sh
View File

@ -1,10 +1,13 @@
sudo apt-get install -y python3-pip python3 -m venv .venv # Create .venv
pip install --upgrade pip
pip install bottle # Micro Framework
pip install gunicorn # WSGI Server Backend
pip install beaker # Session & caching library
pip install mako # Template library
pip install mysql-connector # Database
pip install bcrypt .venv/bin/pip3 install --upgrade pip # Upgrade pip
pip install pyjwt[crypto]
.venv/bin/pip3 install bottle # Micro Framework
.venv/bin/pip3 install gunicorn # WSGI Server Backend
.venv/bin/pip3 install beaker # Session & caching library
.venv/bin/pip3 install mako # Template library
.venv/bin/pip3 install mysql-connector # Database connector
.venv/bin/pip3 install bcrypt # Password hash
.venv/bin/pip3 install pyjwt[crypto] # JWT
.venv/bin/pip3 install requests # For HTTP Request (Recaptcha need a POST HTTP requests)

186
app/modules/api/auth.py
View File

@ -465,101 +465,109 @@ class auth:
return response return response
def forgot(self, params): def forgot(self, params):
APIADDR = "/api/auth/password/forgot/:type" APIADDR = "/api/auth/password/forgot"
loggorilla.prcss(APIADDR, "Define parameters")
response = {} response = {}
type = params["type" ] # POST: send / change
self.cursor.execute("BEGIN;") self.cursor.execute("BEGIN;")
try: try:
loggorilla.fyinf(APIADDR, f"type: {type}") loggorilla.prcss(APIADDR, "Define parameters")
if type == "send": email = params["email"].lower()
loggorilla.prcss(APIADDR, "Define parameters inside decision") loggorilla.prcss(APIADDR, "Get dependency data")
email = params["email"].lower() self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) )
loggorilla.prcss(APIADDR, "Get dependency data") result_verified = self.cursor.fetchone()
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) ) if result_verified["count"] >= 1:
result_verified = self.cursor.fetchone() loggorilla.prcss(APIADDR, "Get token")
if result_verified["count"] >= 1: token = result_verified["token"].decode()
loggorilla.prcss(APIADDR, "Get token") loggorilla.prcss(APIADDR, "Generate URL")
token = result_verified["token"].decode() # TODO: set expired time
loggorilla.prcss(APIADDR, "Generate URL") expired = datetime.datetime.now() + datetime.timedelta(minutes=30) # Can be hours or minutes
# TODO: set expired time expired_isoformat = expired.isoformat()
expired = datetime.datetime.now() + datetime.timedelta(minutes=30) # Can be hours or minutes payload = {
expired_isoformat = expired.isoformat() "token" : token,
payload = { "expired": expired_isoformat
"token" : token, }
"expired": expired_isoformat # TODO: Config SSH key for tokenguard and set forgot URL
} token_encrypt = tokenguard.encode(payload, globalvar.ssh['key']['private'], globalvar.ssh['passphrase'])
# TODO: Config SSH key for tokenguard and set forgot URL change_forgot_url = globalvar.change_forgot_url(token_encrypt)
token_encrypt = tokenguard.encode(payload, globalvar.ssh['key']['private'], globalvar.ssh['passphrase']) loggorilla.prcss(APIADDR, "Sending email")
change_forgot_url = globalvar.change_forgot_url(token_encrypt) self.smtpconfig['subject' ] = f"{globalvar.title} forgot password"
loggorilla.prcss(APIADDR, "Sending email") self.smtpconfig['to' ] = email
self.smtpconfig['subject' ] = f"{globalvar.title} forgot password" self.smtpconfig['text' ] = f"Please visit this link to reset password: {change_forgot_url}. Avoid the link if you are not request this."
self.smtpconfig['to' ] = email self.smtpconfig['html' ] = Template(params["mako"]["email"]['index']).render(
self.smtpconfig['text' ] = f"Please visit this link to reset password: {change_forgot_url}. Avoid the link if you are not request this." title = globalvar.title,
self.smtpconfig['html' ] = Template(params["mako"]["email"]['index']).render( header = globalvar.title,
title = globalvar.title, copyright = globalvar.copyright,
header = globalvar.title, container = Template(params["mako"]["email"]['container']).render(
copyright = globalvar.copyright, reset = change_forgot_url
container = Template(params["mako"]["email"]['container']).render(
reset = change_forgot_url
)
) )
sendwave.smtp(self.smtpconfig) )
loggorilla.prcss(APIADDR, "Giving response") sendwave.smtp(self.smtpconfig)
response["status" ] = "success" loggorilla.prcss(APIADDR, "Giving response")
response["desc" ] = "Check email for password change." response["status" ] = "success"
else: response["desc" ] = "Check email for password change."
response["status" ] = "failed"
response["desc" ] = "The parameters seems suspicious and you are not authorized for that"
elif type == "change":
loggorilla.prcss(APIADDR, "Define parameters inside decision")
token_encrypt = params["token" ]
password = params["password" ]
loggorilla.prcss(APIADDR, "Decrypt token")
payload = tokenguard.decode(token_encrypt, globalvar.ssh['key']['public'])
token = payload['token']
expired = datetime.datetime.fromisoformat(payload['expired'])
loggorilla.prcss(APIADDR, "Process parameters")
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
loggorilla.prcss(APIADDR, "Get dependency data")
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (token,) )
result_verified = self.cursor.fetchone()
email = result_verified['email']
loggorilla.prcss(APIADDR, "Validation")
if datetime.datetime.now() > expired:
response["status" ] = "failed"
response["desc" ] = "Expired"
elif len(password) < 6:
response["status" ] = "failed"
response["desc" ] = "password too short"
elif result_verified["count"] == 0:
response["status" ] = "failed"
response["desc" ] = "Forbidden: No active account for this"
response["data" ] = {
"message": "Please contact us if you still had a problem"
}
else:
loggorilla.prcss(APIADDR, "Updating")
self.cursor.execute("UPDATE `auth` SET `password` = %s, `when_update` = NOW() WHERE `token` = %s", (hashed, token) )
loggorilla.prcss(APIADDR, "Sending email")
self.smtpconfig['subject' ] = f"{globalvar.title} password change success"
self.smtpconfig['to' ] = email
self.smtpconfig['text' ] = f"You had change your password."
self.smtpconfig['html' ] = Template(params["mako"]["email"]['index']).render(
title = globalvar.title,
header = globalvar.title,
copyright = globalvar.copyright,
container = Template(params["mako"]["email"]['container']).render(
message = f"You had change your password."
)
)
sendwave.smtp(self.smtpconfig)
loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "success"
response["desc" ] = "password change success"
else: else:
response["status" ] = "failed" response["status" ] = "failed"
response["desc" ] = "forbidden" response["desc" ] = "The parameters seems suspicious and you are not authorized for that"
except Exception as e:
self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) )
response["status" ] = "failed"
response["desc" ] = "Internal Server Error. Please contact us if you still have an error. for detail"
finally:
self.cursor.execute("COMMIT;")
self.cursor.close()
self.db_main.close()
return response
def reset(self, params):
APIADDR = "/api/auth/password/reset"
response = {}
self.cursor.execute("BEGIN;")
try:
loggorilla.prcss(APIADDR, "Define parameters")
token_encrypt = params["token" ]
password = params["password" ]
loggorilla.prcss(APIADDR, "Decrypt token")
payload = tokenguard.decode(token_encrypt, globalvar.ssh['key']['public'])
token = payload['token']
expired = datetime.datetime.fromisoformat(payload['expired'])
loggorilla.prcss(APIADDR, "Process parameters")
hashed = bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
loggorilla.prcss(APIADDR, "Get dependency data")
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.token = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (token,) )
result_verified = self.cursor.fetchone()
email = result_verified['email']
loggorilla.prcss(APIADDR, "Validation")
if datetime.datetime.now() > expired:
response["status" ] = "failed"
response["desc" ] = "Expired"
elif len(password) < 6:
response["status" ] = "failed"
response["desc" ] = "password too short"
elif result_verified["count"] == 0:
response["status" ] = "failed"
response["desc" ] = "Forbidden: No active account for this"
response["data" ] = {
"message": "Please contact us if you still had a problem"
}
else:
loggorilla.prcss(APIADDR, "Updating")
self.cursor.execute("UPDATE `auth` SET `password` = %s, `when_update` = NOW() WHERE `token` = %s", (hashed, token) )
loggorilla.prcss(APIADDR, "Sending email")
self.smtpconfig['subject' ] = f"{globalvar.title} password change success"
self.smtpconfig['to' ] = email
self.smtpconfig['text' ] = f"You had change your password."
self.smtpconfig['html' ] = Template(params["mako"]["email"]['index']).render(
title = globalvar.title,
header = globalvar.title,
copyright = globalvar.copyright,
container = Template(params["mako"]["email"]['container']).render(
message = f"You had change your password."
)
)
sendwave.smtp(self.smtpconfig)
loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "success"
response["desc" ] = "password change success"
except Exception as e: except Exception as e:
self.cursor.execute("ROLLBACK;") self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) ) loggorilla.error(APIADDR, str(e) )

13
app/pages/dashboard/dashboard.html
View File

@ -1,9 +1,8 @@
<h1>Here is Dashboard!</h1>
% if 4 in user['profile']['roles']:
<!-- Debug Section -->
<div class="container mb-5"> <div class="container mb-5">
<h1>Here is Dashboard!</h1>
% if 4 in user['profile']['roles']:
<!-- Debug Section -->
<div class="row"> <div class="row">
<div class="col"> <div class="col">
<div class="card"> <div class="card">
@ -20,6 +19,6 @@
</div> </div>
</div> </div>
</div> </div>
</div> % endif
% endif </div>

81
app/pages/dashboard/roles.html
View File

@ -1,42 +1,45 @@
<div class="row"> <div class="container mb-5">
<div class="col"> <div class="row">
<h1 class="h3">Roles</h1> <div class="col">
<input type="hidden" id="form-token" value="${token}"> <h1 class="h3">Roles</h1>
<div class="table-responsive"> <input type="hidden" id="form-token" value="${token}">
<table class="table table-sm table-bordered table-striped" id="table-roles" width="100%" cellspacing="0"> <div class="table-responsive">
<thead class="table-primary"> <table class="table table-sm table-bordered table-striped" id="table-roles" width="100%" cellspacing="0">
<tr> <thead class="table-primary">
<th>ID</th> <tr>
<th>Name</th> <th>ID</th>
<th>Users</th> <th>Name</th>
<th>Action</th> <th>Users</th>
</tr> <th>Action</th>
<tr> </tr>
<th> <tr>
<input class="form-control form-control-sm" placeholder="ID" id="form-add-id"> <th>
</th> <input class="form-control form-control-sm" placeholder="ID" id="form-add-id">
<th> </th>
<input class="form-control form-control-sm" placeholder="Name" id="form-add-name"> <th>
</th> <input class="form-control form-control-sm" placeholder="Name" id="form-add-name">
<th></th> </th>
<th> <th></th>
<button class="btn btn-primary btn-sm" type="button" onclick="submitAdd()"> <th>
<span class="fa fa-plus"></span> Add <button class="btn btn-primary btn-sm" type="button" onclick="submitAdd()">
</button> <span class="fa fa-plus"></span> Add
</th> </button>
</tr> </th>
</thead> </tr>
<tbody></tbody> </thead>
</table> <tbody></tbody>
</div> </table>
<!-- End table-responsive --> </div>
<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script> <!-- End table-responsive -->
<script src="https://cdn.datatables.net/1.13.5/js/jquery.dataTables.min.js"></script> <script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
<script src="https://cdn.datatables.net/1.13.5/js/dataTables.bootstrap5.min.js"></script> <script src="https://cdn.datatables.net/1.13.5/js/jquery.dataTables.min.js"></script>
<script src="https://cdn.datatables.net/1.13.5/js/dataTables.bootstrap5.min.js"></script>
<script type="text/javascript" src="/js/carrack.js"></script> <script type="text/javascript" src="/js/carrack.js"></script>
<script type="text/javascript" src="/js/dashboard/roles.js"></script> <script type="text/javascript" src="/js/dashboard/roles.js"></script>
</div>
<!-- End col -->
</div> </div>
<!-- End col --> <!-- End row -->
</div> </div>
<!-- End row --> <!-- End container -->

59
app/pages/dashboard/users.html
View File

@ -1,31 +1,34 @@
<div class="row"> <div class="container mb-5">
<div class="col"> <div class="row">
<h1 class="h3">Users</h1> <div class="col">
<input type="hidden" id="form-token" value="${token}"> <h1 class="h3">Users</h1>
<div class="table-responsive"> <input type="hidden" id="form-token" value="${token}">
<table class="table table-sm table-bordered table-striped" id="table-users" width="100%" cellspacing="0"> <div class="table-responsive">
<thead class="table-primary"> <table class="table table-sm table-bordered table-striped" id="table-users" width="100%" cellspacing="0">
<tr> <thead class="table-primary">
<th>ID</th> <tr>
<th>Username</th> <th>ID</th>
<th>Email</th> <th>Username</th>
<th>Phone</th> <th>Email</th>
<th>Roles</th> <th>Phone</th>
<th>Verification</th> <th>Roles</th>
<th>Action</th> <th>Verification</th>
</tr> <th>Action</th>
</thead> </tr>
<tbody></tbody> </thead>
</table> <tbody></tbody>
</div> </table>
<!-- End table-responsive --> </div>
<script src="https://code.jquery.com/jquery-3.7.1.min.js"></script> <!-- End table-responsive -->
<script src="https://cdn.datatables.net/1.13.5/js/jquery.dataTables.min.js"></script> <script src="https://code.jquery.com/jquery-3.7.1.min.js"></script>
<script src="https://cdn.datatables.net/1.13.5/js/dataTables.bootstrap5.min.js"></script> <script src="https://cdn.datatables.net/1.13.5/js/jquery.dataTables.min.js"></script>
<script src="https://cdn.datatables.net/1.13.5/js/dataTables.bootstrap5.min.js"></script>
<script type="text/javascript" src="/js/carrack.js"></script> <script type="text/javascript" src="/js/carrack.js"></script>
<script type="text/javascript" src="/js/dashboard/users.js"></script> <script type="text/javascript" src="/js/dashboard/users.js"></script>
</div>
<!-- End col -->
</div> </div>
<!-- End col --> <!-- End row -->
</div> </div>
<!-- End row --> <!-- End container -->

2
app/static/js/auth/forgot.js
View File

@ -26,7 +26,7 @@ function responseAlert(response) {
function onSubmit() { function onSubmit() {
loadingResponse(); loadingResponse();
var email = document.getElementById("form-email" ).value; var email = document.getElementById("form-email" ).value;
var url = "/api/auth/password/forgot/send"; var url = "/api/auth/password/forgot";
var payload = { var payload = {
"email" : email "email" : email
}; };

2
app/static/js/auth/reset.js
View File

@ -32,7 +32,7 @@ function onSubmit() {
const urlParams = new URLSearchParams(queryString); const urlParams = new URLSearchParams(queryString);
const token = urlParams.get('token') const token = urlParams.get('token')
var password = document.getElementById("form-password").value; var password = document.getElementById("form-password").value;
var url = "/api/auth/password/forgot/change"; var url = "/api/auth/password/reset";
var payload = { var payload = {
"token" : token, "token" : token,
"password" : password "password" : password