aji/costapy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Invitation features done

Browse Source
This commit is contained in:
Dita Aji Pratama 2025-08-13 16:57:11 +07:00
parent aa3b7c2703
commit 829b939273
6 changed files with 124 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
handler.py
View File

@ -24,6 +24,7 @@ import modules.public.reset as public_reset
import modules.public.roles as public_roles import modules.public.roles as public_roles
import modules.public.users as public_users import modules.public.users as public_users
import modules.public.accept as public_accept
import modules.api.auth as api_auth import modules.api.auth as api_auth
import modules.api.roles as api_auth_roles import modules.api.roles as api_auth_roles
@ -139,6 +140,16 @@ def index():
} }
return public_users.users().html(params) return public_users.users().html(params)
@app.route('/accept', method='GET')
def index():
params = {
"token" : request.query.token,
"mako" : {
"website" : template_public.main(directory.page["public"], "accept")
}
}
return public_accept.accept().html(params)
@app.route('/api/auth/register/<roles>', method=['OPTIONS', 'POST']) @app.route('/api/auth/register/<roles>', method=['OPTIONS', 'POST'])
def index(roles): def index(roles):
try: try:

3
modules/api/auth.py
View File

@ -382,7 +382,8 @@ class auth:
self.cursor.execute("INSERT INTO `auth_profile` VALUES (DEFAULT, %s, %s, %s, NULL);", (token, username, email) ) self.cursor.execute("INSERT INTO `auth_profile` VALUES (DEFAULT, %s, %s, %s, NULL);", (token, username, email) )
auth_profile_lastrowid = self.cursor.lastrowid auth_profile_lastrowid = self.cursor.lastrowid
self.cursor.execute("INSERT INTO `auth_profile_verification` VALUES (DEFAULT, %s, 'email', 1);", (auth_profile_lastrowid,) ) self.cursor.execute("INSERT INTO `auth_profile_verification` VALUES (DEFAULT, %s, 'email', 1);", (auth_profile_lastrowid,) )
self.cursor.execute("INSERT INTO `auth_profile_roles` VALUES (DEFAULT, %s, %s);", (auth_profile_lastrowid, roles) ) for role in roles:
self.cursor.execute("INSERT INTO `auth_profile_roles` VALUES (DEFAULT, %s, %s);", (auth_profile_lastrowid, role) )
loggorilla.prcss(APIADDR, "Sending email") loggorilla.prcss(APIADDR, "Sending email")
webmail_data = { webmail_data = {
"username" : username, "username" : username,

42
modules/public/accept.py Normal file
View File

@ -0,0 +1,42 @@
from mako.template import Template
from config import globalvar, navigation
from scripts import loggorilla, tokenguard
import procedure.validation as procedure_validation
class accept:
def __init__(self):
pass
def html(self, params):
APIADDR = "/accept"
loggorilla.prcss(APIADDR, "Define page parameters")
active_page = "Accept"
allowed_roles = [0,1,2,3]
loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles)
user = user_validation['data']
token = params['token']
payload = tokenguard.decode(token, globalvar.ssh['key']['public'])
username = payload['username']
return Template(params["mako"]["website"]['index']).render(
title = globalvar.title,
header = globalvar.header,
navbar = Template(params["mako"]["website"]['navbar']).render(
menu = navigation.menu['public']['navbar'],
user_roles = user['profile']['roles'],
active_page = active_page
),
footer = Template(params["mako"]["website"]['footer']).render(
copyright = globalvar.copyright,
),
container = Template(params["mako"]["website"]['container']).render(
token = token,
username = username
)
)

15
pages/public/accept.html Normal file
View File

@ -0,0 +1,15 @@
<input type="hidden" id="form-token" value="${token}">
<input type="hidden" id="form-get-username" value="${username or ''}">
<h2>Set your account</h2>
<input type="text" id="form-username" placeholder="Username" value="${username or ''}" required > <br>
<input type="password" id="form-password" placeholder="Password" required > <br>
<button type="button" onclick="accept()">Submit</button> <br>
<div id="alert-response" role="alert">
<b id="alert-status">Loading...</b> <span id="alert-desc">Please wait...</span>
</div>
<script type="text/javascript" src="/js/carrack.js"></script>
<script type="text/javascript" src="/js/accept.js"></script>

53
static/js/accept.js Normal file
View File

@ -0,0 +1,53 @@
function flushResponse() {
document.getElementById("alert-response" ).style.display = 'none';
document.getElementById("alert-response" ).classList.remove('alert-success' );
document.getElementById("alert-response" ).classList.remove('alert-danger' );
document.getElementById("alert-response" ).classList.remove('alert-primary' );
}
function loadingResponse() {
flushResponse();
document.getElementById("alert-status" ).innerHTML = "Loading...";
document.getElementById("alert-desc" ).innerHTML = "Please wait...";
document.getElementById("alert-response").classList.add('alert-primary');
document.getElementById("alert-response").style.display = 'block';
}
function responseAlert(response) {
flushResponse();
const obj = JSON.parse(response);
if (obj.status == "success" ) document.getElementById("alert-response").classList.add('alert-success' );
if (obj.status == "failed" ) document.getElementById("alert-response").classList.add('alert-danger' );
document.getElementById("alert-status" ).innerHTML = obj.status;
document.getElementById("alert-desc" ).innerHTML = obj.desc;
document.getElementById("alert-response").style.display = 'block';
}
var token = document.getElementById("form-token" ).value;
var getUsername = document.getElementById("form-get-username" ).value;
if (getUsername != null && getUsername != "") document.getElementById("form-username").disabled=true;
function accept() {
loadingResponse();
var username = getUsername;
if (getUsername == null || getUsername == "") username = document.getElementById('form-username').value;
const password = document.getElementById('form-password').value;
var url = "/api/auth/accept";
var payload = {
"username" : username,
"password" : password
};
sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) {
// console.error("Error:", error);
responseAlert({"status" : "failed", "desc" : error});
}
else {
// console.log("JSON Response:", response);
responseAlert(response);
}
}, "application/json", `Bearer ${token}`);
}
flushResponse();

1
static/js/users.js
View File

@ -79,6 +79,7 @@ sendHttpRequest("/api/auth/roles/list", "POST", null,
); );
function invite() { function invite() {
loadingResponse();
const roles = Array const roles = Array
.from(document.querySelectorAll('input[name="roles"]:checked')) .from(document.querySelectorAll('input[name="roles"]:checked'))
.map(row => Number(row.value)); // Convert into number. Output example: [2, 3] .map(row => Number(row.value)); // Convert into number. Output example: [2, 3]