Compare commits
4 Commits
f36f052c97
...
dffb099cc0
| Author | SHA1 | Date | |
|---|---|---|---|
| dffb099cc0 | |||
| 4c8176dd66 | |||
| 852559d97a | |||
| 828f461909 |
@ -51,6 +51,6 @@ def invitation_url(token):
|
|||||||
return url
|
return url
|
||||||
|
|
||||||
allowed_grant = [
|
allowed_grant = [
|
||||||
{ roles: 1, allowed: [1,2] },
|
{ "roles": 1, "allowed": [1,2] },
|
||||||
{ roles: 2, allowed: [2] },
|
{ "roles": 2, "allowed": [2] },
|
||||||
]
|
]
|
||||||
|
|||||||
@ -228,7 +228,7 @@ def index():
|
|||||||
params["mako" ] = {
|
params["mako" ] = {
|
||||||
"email" : template_email.main(directory.page["email"], "accept")
|
"email" : template_email.main(directory.page["email"], "accept")
|
||||||
}
|
}
|
||||||
return json.dumps(api_auth.auth().forgot(params), indent = 2).encode()
|
return json.dumps(api_auth.auth().invite(params), indent = 2).encode()
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
print(str(e),flush=True)
|
print(str(e),flush=True)
|
||||||
return json.dumps({}, indent = 2).encode()
|
return json.dumps({}, indent = 2).encode()
|
||||||
|
|||||||
@ -6,6 +6,7 @@ from config import database, email, globalvar
|
|||||||
|
|
||||||
import bcrypt
|
import bcrypt
|
||||||
import datetime
|
import datetime
|
||||||
|
import re
|
||||||
|
|
||||||
from scripts import loggorilla, saltedkey, googly, tokenguard, sendwave
|
from scripts import loggorilla, saltedkey, googly, tokenguard, sendwave
|
||||||
|
|
||||||
@ -254,6 +255,9 @@ class auth:
|
|||||||
jwt = auth_header.split(' ')[1]
|
jwt = auth_header.split(' ')[1]
|
||||||
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
|
payload = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
|
||||||
session_id = payload["session"]["id"]
|
session_id = payload["session"]["id"]
|
||||||
|
loggorilla.prcss(APIADDR, "Account validation")
|
||||||
|
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, jwt)
|
||||||
|
user = user_validation['data']
|
||||||
loggorilla.prcss(APIADDR, "Get dependency data")
|
loggorilla.prcss(APIADDR, "Get dependency data")
|
||||||
self.cursor.execute("SELECT COUNT(*) AS `count`, auth.token, auth_profile.id, auth_profile.username, auth.password FROM auth_profile INNER JOIN auth ON auth.token = auth_profile.token WHERE auth_profile.username = %s ; ", (user['profile']['username'],) )
|
self.cursor.execute("SELECT COUNT(*) AS `count`, auth.token, auth_profile.id, auth_profile.username, auth.password FROM auth_profile INNER JOIN auth ON auth.token = auth_profile.token WHERE auth_profile.username = %s ; ", (user['profile']['username'],) )
|
||||||
result_login = self.cursor.fetchone()
|
result_login = self.cursor.fetchone()
|
||||||
@ -261,9 +265,6 @@ class auth:
|
|||||||
result_email = self.cursor.fetchone()
|
result_email = self.cursor.fetchone()
|
||||||
self.cursor.execute("SELECT COUNT(*) AS `count` FROM auth_profile WHERE username = %s ; ", (username,) )
|
self.cursor.execute("SELECT COUNT(*) AS `count` FROM auth_profile WHERE username = %s ; ", (username,) )
|
||||||
result_username = self.cursor.fetchone()
|
result_username = self.cursor.fetchone()
|
||||||
loggorilla.prcss(APIADDR, "Account validation")
|
|
||||||
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
|
|
||||||
user = user_validation['data']
|
|
||||||
loggorilla.prcss(APIADDR, "Validating")
|
loggorilla.prcss(APIADDR, "Validating")
|
||||||
if not procedure_grant.is_grant_allowed(user['profile']['roles'], roles, allowed_grant):
|
if not procedure_grant.is_grant_allowed(user['profile']['roles'], roles, allowed_grant):
|
||||||
loggorilla.accss(APIADDR, f"{user['profile']['username']} do invitation with unallowed role(s)")
|
loggorilla.accss(APIADDR, f"{user['profile']['username']} do invitation with unallowed role(s)")
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user