aji/costapy
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: aji:c85c2ac8ff1f6d9b679edbde13d444513b21f6de
Branches Tags
aji:master
aji:template/sbmodernbiz
aji:system/authsquare
aji:system/invlab
aji:template/kiddy
aji:template/prime
aji:bottle
aji:cherrypy
..
compare: aji:7f77ad39bf3db80eec43ad947f07771ab7d9fdc3
Branches Tags
aji:template/sbmodernbiz
aji:system/authsquare
aji:master
aji:system/invlab
aji:template/kiddy
aji:template/prime
aji:bottle
aji:cherrypy

3 Commits
c85c2ac8ff ... 7f77ad39bf

Author SHA1 Message Date
Dita Aji Pratama
7f77ad39bf Update login.js to use Bearer on header 2025-03-10 14:17:24 +07:00
Dita Aji Pratama
2be2f425c6 Session features now use Bearer to send the token 2025-03-10 14:16:16 +07:00
Dita Aji Pratama
182c888553 Moving the login position 2025-03-10 14:13:50 +07:00
3 changed files with 21 additions and 48 deletions
Show Stats Expand all files Collapse all files

18
handler.py
View File

@ -62,15 +62,6 @@ def index():
} }
return public_verify.verify().html(params) return public_verify.verify().html(params)
@app.route('/login')
def index():
params = {
"mako" : {
"website" : template_public.main(directory.page["public"], "login")
}
}
return public_login.login().html(params)
@app.route('/forgot') @app.route('/forgot')
def index(): def index():
params = { params = {
@ -89,6 +80,15 @@ def index():
} }
return public_reset.reset().html(params) return public_reset.reset().html(params)
@app.route('/login')
def index():
params = {
"mako" : {
"website" : template_public.main(directory.page["public"], "login")
}
}
return public_login.login().html(params)
@app.route('/logout') @app.route('/logout')
def index(): def index():
beaker_session = request.environ.get('beaker.session') beaker_session = request.environ.get('beaker.session')

45
modules/api/auth.py
View File

@ -291,25 +291,17 @@ class auth:
loggorilla.prcss(APIADDR, "Define parameters") loggorilla.prcss(APIADDR, "Define parameters")
response = {} response = {}
try: try:
type = params["type" ] # set / check / out type = params["type" ] # set / out
if type == "set": loggorilla.prcss(APIADDR, "Extract the token from Header")
loggorilla.fyinf(APIADDR, "type is 'set': get the jwt from parameters") auth_header = request.get_header('Authorization')
loggorilla.prcss(APIADDR, "Get the token from params") if auth_header and auth_header.split(' ')[0] == 'Bearer':
jwt = params["jwt" ] loggorilla.fyinf(APIADDR, "Use Bearer")
jwt = auth_header.split(' ')[1]
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
session_id = payload["session"]["id"]
else: else:
jwt = params["jwt" ] loggorilla.fyinf(APIADDR, "Not use Bearer")
#loggorilla.fyinf(APIADDR, "type is not 'set': get the jwt from Header") jwt = None
#loggorilla.prcss(APIADDR, "Extract the token from Header")
#auth_header = request.get_header('Authorization')
#loggorilla.prcss(APIADDR, "Check the bearer")
#if auth_header.split(' ')[0] == 'Bearer':
# loggorilla.fyinf(APIADDR, "Use bearer")
# jwt = auth_header.split(' ')[1]
#else:
# loggorilla.fyinf(APIADDR, "Not use bearer")
# jwt = None
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
session_id = payload["session"]["id"]
session_beaker = request.environ.get('beaker.session') session_beaker = request.environ.get('beaker.session')
if type == 'set': if type == 'set':
loggorilla.prcss(APIADDR, "Set session") loggorilla.prcss(APIADDR, "Set session")
@ -317,23 +309,6 @@ class auth:
session_beaker.save() session_beaker.save()
response["status" ] = "success" response["status" ] = "success"
response["desc" ] = "Session set" response["desc" ] = "Session set"
elif type == 'check':
loggorilla.prcss(APIADDR, "Check session")
self.cursor.execute(f"SELECT COUNT(*) AS `count` FROM auth_session WHERE id = %s ; ", (session_id,) )
result_session = self.cursor.fetchone()
if result_session['count'] == 0:
bottle_response.set_header("Authorization", "")
response["status" ] = "success"
response["desc" ] = "session out"
response["data" ] = {
"status":"lost"
}
else:
response["status" ] = "success"
response["desc" ] = "session active"
response["data" ] = {
"status":"active"
}
elif type == 'out': elif type == 'out':
loggorilla.prcss(APIADDR, "Out session") loggorilla.prcss(APIADDR, "Out session")
session_beaker.delete() session_beaker.delete()

6
static/js/auth/login.js
View File

@ -32,16 +32,14 @@ function responseSession(response) {
function setSession(jwt) { function setSession(jwt) {
var url = "/api/auth/session/set"; var url = "/api/auth/session/set";
var payload = { var payload = {};
"jwt" : jwt
};
sendHttpRequest(url, "POST", payload, function (error, response) { sendHttpRequest(url, "POST", payload, function (error, response) {
if (error) console.error("Error:", error); if (error) console.error("Error:", error);
else { else {
console.log("JSON Response:", response); console.log("JSON Response:", response);
responseSession(response); responseSession(response);
} }
}, "application/json"); }, "application/json", `Bearer ${jwt}`);
} }
function responseAlert(response) { function responseAlert(response) {