Compare commits
16 Commits
Author | SHA1 | Date | |
---|---|---|---|
8293dfa761 | |||
989a229e3a | |||
4f8e493cde | |||
80935615dd | |||
d5c6cad096 | |||
82656ef33a | |||
e9e844863d | |||
7ac06aa5ec | |||
d6d51abf9b | |||
9eb6707a4c | |||
f811ea2b95 | |||
ebc48b2cb7 | |||
9eb5429455 | |||
e966b1e7bf | |||
cf10e4ec8e | |||
2982b1aded |
13
app/.gitignore
vendored
13
app/.gitignore
vendored
@ -1,8 +1,11 @@
|
||||
.ssh/
|
||||
**/__pycache__
|
||||
*.pyc
|
||||
venv/
|
||||
env/
|
||||
.ssh
|
||||
.venv
|
||||
.beaker/data/*
|
||||
!.beaker/data/.noremove
|
||||
|
||||
**/__pycache__
|
||||
*.pyc
|
||||
|
||||
.DS_Store
|
||||
|
||||
nohup.out
|
||||
|
@ -119,18 +119,21 @@ menu = {
|
||||
],
|
||||
"sidebar": [
|
||||
{
|
||||
"icon":"fa-solid fa-gauge",
|
||||
"name":"Dashboard",
|
||||
"target":"_self",
|
||||
"href":"/dashboard",
|
||||
"roles":[1,2]
|
||||
},
|
||||
{
|
||||
"icon":"fa-solid fa-user-tag",
|
||||
"name":"Roles",
|
||||
"target":"_self",
|
||||
"href":"/dashboard/roles",
|
||||
"roles":[1]
|
||||
},
|
||||
{
|
||||
"icon":"fa-solid fa-address-card",
|
||||
"name":"Users",
|
||||
"target":"_self",
|
||||
"href":"/dashboard/users",
|
||||
|
@ -230,23 +230,28 @@ def index():
|
||||
print(str(e))
|
||||
return json.dumps({}, indent = 2).encode()
|
||||
|
||||
@app.route('/api/auth/password/forgot/<type>', method='POST')
|
||||
def index(type):
|
||||
@app.route('/api/auth/password/forgot', method='POST')
|
||||
def index():
|
||||
try:
|
||||
params = request.json
|
||||
params["type"] = type
|
||||
if type == "send":
|
||||
params["mako"] = {
|
||||
"email" : template_email.main(directory.page["email"], "reset")
|
||||
}
|
||||
elif type == "change":
|
||||
response.content_type = 'application/json'
|
||||
return json.dumps(api_auth.auth().forgot(params), indent = 2).encode()
|
||||
except Exception as e:
|
||||
print(str(e))
|
||||
return json.dumps({}, indent = 2).encode()
|
||||
|
||||
@app.route('/api/auth/password/reset', method='POST')
|
||||
def index():
|
||||
try:
|
||||
params = request.json
|
||||
params["mako"] = {
|
||||
"email" : template_email.main(directory.page["email"], "message")
|
||||
}
|
||||
else:
|
||||
pass
|
||||
response.content_type = 'application/json'
|
||||
return json.dumps(api_auth.auth().forgot(params), indent = 2).encode()
|
||||
return json.dumps(api_auth.auth().reset(params), indent = 2).encode()
|
||||
except Exception as e:
|
||||
print(str(e))
|
||||
return json.dumps({}, indent = 2).encode()
|
||||
|
@ -1,10 +1,13 @@
|
||||
sudo apt-get install -y python3-pip
|
||||
pip install --upgrade pip
|
||||
pip install bottle # Micro Framework
|
||||
pip install gunicorn # WSGI Server Backend
|
||||
pip install beaker # Session & caching library
|
||||
pip install mako # Template library
|
||||
pip install mysql-connector # Database
|
||||
python3 -m venv .venv # Create .venv
|
||||
|
||||
pip install bcrypt
|
||||
pip install pyjwt[crypto]
|
||||
.venv/bin/pip3 install --upgrade pip # Upgrade pip
|
||||
|
||||
.venv/bin/pip3 install bottle # Micro Framework
|
||||
.venv/bin/pip3 install gunicorn # WSGI Server Backend
|
||||
.venv/bin/pip3 install beaker # Session & caching library
|
||||
.venv/bin/pip3 install mako # Template library
|
||||
|
||||
.venv/bin/pip3 install mysql-connector # Database connector
|
||||
.venv/bin/pip3 install bcrypt # Password hash
|
||||
.venv/bin/pip3 install pyjwt[crypto] # JWT
|
||||
.venv/bin/pip3 install requests # For HTTP Request (Recaptcha need a POST HTTP requests)
|
||||
|
@ -465,15 +465,11 @@ class auth:
|
||||
return response
|
||||
|
||||
def forgot(self, params):
|
||||
APIADDR = "/api/auth/password/forgot/:type"
|
||||
loggorilla.prcss(APIADDR, "Define parameters")
|
||||
APIADDR = "/api/auth/password/forgot"
|
||||
response = {}
|
||||
type = params["type" ] # POST: send / change
|
||||
self.cursor.execute("BEGIN;")
|
||||
try:
|
||||
loggorilla.fyinf(APIADDR, f"type: {type}")
|
||||
if type == "send":
|
||||
loggorilla.prcss(APIADDR, "Define parameters inside decision")
|
||||
loggorilla.prcss(APIADDR, "Define parameters")
|
||||
email = params["email"].lower()
|
||||
loggorilla.prcss(APIADDR, "Get dependency data")
|
||||
self.cursor.execute(f"SELECT COUNT(*) AS `count`, auth_profile.token, auth_profile.email FROM auth_profile_verification INNER JOIN auth_profile ON auth_profile.id = auth_profile_verification.auth_profile WHERE auth_profile.email = %s AND auth_profile_verification.type = 'email' AND auth_profile_verification.verified = 1 ; ", (email,) )
|
||||
@ -511,8 +507,23 @@ class auth:
|
||||
else:
|
||||
response["status" ] = "failed"
|
||||
response["desc" ] = "The parameters seems suspicious and you are not authorized for that"
|
||||
elif type == "change":
|
||||
loggorilla.prcss(APIADDR, "Define parameters inside decision")
|
||||
except Exception as e:
|
||||
self.cursor.execute("ROLLBACK;")
|
||||
loggorilla.error(APIADDR, str(e) )
|
||||
response["status" ] = "failed"
|
||||
response["desc" ] = "Internal Server Error. Please contact us if you still have an error. for detail"
|
||||
finally:
|
||||
self.cursor.execute("COMMIT;")
|
||||
self.cursor.close()
|
||||
self.db_main.close()
|
||||
return response
|
||||
|
||||
def reset(self, params):
|
||||
APIADDR = "/api/auth/password/reset"
|
||||
response = {}
|
||||
self.cursor.execute("BEGIN;")
|
||||
try:
|
||||
loggorilla.prcss(APIADDR, "Define parameters")
|
||||
token_encrypt = params["token" ]
|
||||
password = params["password" ]
|
||||
loggorilla.prcss(APIADDR, "Decrypt token")
|
||||
@ -557,9 +568,6 @@ class auth:
|
||||
loggorilla.prcss(APIADDR, "Giving response")
|
||||
response["status" ] = "success"
|
||||
response["desc" ] = "password change success"
|
||||
else:
|
||||
response["status" ] = "failed"
|
||||
response["desc" ] = "forbidden"
|
||||
except Exception as e:
|
||||
self.cursor.execute("ROLLBACK;")
|
||||
loggorilla.error(APIADDR, str(e) )
|
||||
|
@ -1,9 +1,8 @@
|
||||
<h1>Here is Dashboard!</h1>
|
||||
|
||||
% if 4 in user['profile']['roles']:
|
||||
|
||||
<!-- Debug Section -->
|
||||
<div class="container mb-5">
|
||||
<h1>Here is Dashboard!</h1>
|
||||
|
||||
% if 4 in user['profile']['roles']:
|
||||
<!-- Debug Section -->
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<div class="card">
|
||||
@ -20,6 +19,6 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
% endif
|
||||
|
||||
% endif
|
||||
</div>
|
||||
|
@ -1,4 +1,5 @@
|
||||
<div class="row">
|
||||
<div class="container mb-5">
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<h1 class="h3">Roles</h1>
|
||||
<input type="hidden" id="form-token" value="${token}">
|
||||
@ -38,5 +39,7 @@
|
||||
<script type="text/javascript" src="/js/dashboard/roles.js"></script>
|
||||
</div>
|
||||
<!-- End col -->
|
||||
</div>
|
||||
<!-- End row -->
|
||||
</div>
|
||||
<!-- End row -->
|
||||
<!-- End container -->
|
||||
|
@ -1,4 +1,5 @@
|
||||
<div class="row">
|
||||
<div class="container mb-5">
|
||||
<div class="row">
|
||||
<div class="col">
|
||||
<h1 class="h3">Users</h1>
|
||||
<input type="hidden" id="form-token" value="${token}">
|
||||
@ -27,5 +28,7 @@
|
||||
<script type="text/javascript" src="/js/dashboard/users.js"></script>
|
||||
</div>
|
||||
<!-- End col -->
|
||||
</div>
|
||||
<!-- End row -->
|
||||
</div>
|
||||
<!-- End row -->
|
||||
<!-- End container -->
|
||||
|
@ -26,7 +26,7 @@ function responseAlert(response) {
|
||||
function onSubmit() {
|
||||
loadingResponse();
|
||||
var email = document.getElementById("form-email" ).value;
|
||||
var url = "/api/auth/password/forgot/send";
|
||||
var url = "/api/auth/password/forgot";
|
||||
var payload = {
|
||||
"email" : email
|
||||
};
|
||||
|
@ -32,7 +32,7 @@ function onSubmit() {
|
||||
const urlParams = new URLSearchParams(queryString);
|
||||
const token = urlParams.get('token')
|
||||
var password = document.getElementById("form-password").value;
|
||||
var url = "/api/auth/password/forgot/change";
|
||||
var url = "/api/auth/password/reset";
|
||||
var payload = {
|
||||
"token" : token,
|
||||
"password" : password
|
||||
|
Loading…
Reference in New Issue
Block a user