micke
/
latosa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Unfinished session work

Browse Source
main
Micke Nordin 10 months ago
parent 3f541a2dcb
commit 4ae27db51e
No known key found for this signature in database
GPG Key ID: F53C4CC83EDAB3BE
5 changed files with 53 additions and 12 deletions
Show Stats Download Patch File Download Diff File

31
app.py
Unescape View File

@ -1,11 +1,14 @@
import os
import time
from base64 import b64decode, b64encode
from typing import Union
from urllib.parse import quote, unquote
from flask import (Flask, flash, redirect, render_template, request,
send_from_directory, url_for)
from flask_login import LoginManager, login_required, login_user, logout_user
from urllib.parse import unquote
from auth import Auth
from forms import LoginForm
from latosa import LaToSa
from user import User
@ -34,18 +37,36 @@ def load_user(user_id) -> Union[User, None]:
@app.route('/', methods=['GET', 'POST'])
def index():
i18n = latosa.get_i18n(request)
redirect_to = request.args.get('redirect_to', None)
session = request.args.get('session', None)
client_id = request.args.get('client_id', None)
form = LoginForm()
form.redirect_to.data = redirect_to
form.session.data = session
form.session.data = client_id
if request.method == 'POST':
username = form.username.data
password = form.password.data
redirect_to = url_for('admin')
if form.redirect_to.data:
redirect_to = unquote(form.redirect_to.data)
user = latosa.login_user(username, password)
if user:
login_user(user)
session = unquote(b64decode(form.session.data))
client_id = form.client_id.data
if session and client_id:
session_auth = Auth()
session_data = session_auth.decrypt(client_id, session)
if 'redirect_to' in session_data:
response_data = {
'status': 'success',
'uid': user.uid,
'email': user.email,
'display_name': user.display_name,
'groups': user.groups,
'timestamp': time.time()
}
cyphertext = session_auth.encrypt(client_id, response_data)
b64 = quote(b64encode(cyphertext).decode('utf-8'))
url = session_data['redirect_to']
redirect_to = f'{url}?session={b64}'
return redirect(redirect_to)
flash(i18n['login']['failed'])
return render_template('index.html', i18n=i18n, form=form)

17
auth.py
Unescape View File

@ -0,0 +1,17 @@
import json
from cryptography.fernet import Fernet
class Auth:
def get_key(self, client_id):
return Fernet.generate_key()
def decrypt(self, cyphertext, client_id) -> dict:
return json.loads(
Fernet(self.get_key(client_id)).decrypt(cyphertext).decode())
def encrypt(self, data, client_id) -> bytes:
return Fernet(self.get_key(client_id)).encrypt(
json.dumps(data).encode('utf-8'))

3
forms.py
Unescape View File

@ -6,4 +6,5 @@ class LoginForm(FlaskForm):
username = StringField('Username', validators=[DataRequired()])
password = PasswordField('Password', validators=[DataRequired()])
submit = SubmitField('Submit')
redirect_to = HiddenField('redirect_to')
session = HiddenField('session')
client_id = HiddenField('client_id')

5
requirements.txt
Unescape View File

@ -1,5 +1,6 @@
flask==3.0.2
flask-login==0.6.3
cryptography==42.0.5
flask-bcrypt==1.0.1
flask-login==0.6.3
flask-wtf==1.2.1
flask==3.0.2
pyyaml==6.0.1

9
user.py
Unescape View File

@ -1,14 +1,15 @@
from flask import Flask
from flask_bcrypt import Bcrypt
class User:
def __init__(self, app: Flask, uid: str, display_name: str, email:str, password: str, admin: bool = False):
self.uid = uid
def __init__(self, app: Flask, uid: str, display_name: str, email:str, password: str, admin: bool = False, groups: list[str] = []):
self.display_name = display_name
self.email = email
self.is_admin = admin
self.is_authenticated = False
self.groups = groups
self.is_active = False
self.is_admin = admin
self.is_anonymous = False
self.is_authenticated = False
self.uid = uid
self.bcrypt = Bcrypt(app)
self.salt = self.get_salt()
self.password_hash = self.bcrypt.generate_password_hash(password + self.salt).decode('utf-8')

Write Preview
Loading…
Cancel
Save