Loading lib/User.py +11 −12 Original line number Diff line number Diff line Loading @@ -26,7 +26,7 @@ class UserNotFoundError(Exception): # Class class User(UserMixin): def __init__(self, id): '''Simple User class''' if not Configuration.loginRequired(): # dummy account for when logon is not required. Loading @@ -36,11 +36,10 @@ class User(UserMixin): for user in db.getUsers(): USERS[user['username']] = user['password'] def __init__(self, id): if not id in self.USERS: if not id in USERS: raise UserNotFoundError() self.id = id self.password = self.USERS[id] self.password = USERS[id] @classmethod def get(self_class, id): Loading web/index.py +13 −0 Original line number Diff line number Diff line Loading @@ -469,6 +469,19 @@ def admin(): output=separator+separator.join(output) return render_template('admin.html', status="default", stats=adminStats(), updateOutput=filterUpdateField(output)) @app.route('/admin/change_pass') @login_required def change_pass(): current_pass = request.args.get('current_pass') new_pass = request.args.get('new_pass') if pbkdf2_sha256.verify(current_pass, current_user.password): if new_pass: new_pass = pbkdf2_sha256.encrypt(new_pass, rounds=8000, salt_size=10) db.changePassword(current_user.id , new_pass) return jsonify({"status": "password_changed"}) return jsonfiy({"status": "no_password"}) else: return jsonify({"status": "wrong_user_pass"}) @app.route('/admin/updatedb') @login_required Loading web/static/js/custom/admin.js +14 −1 Original line number Diff line number Diff line function updateDB(){ setStatus("Database update started", "info") $.getJSON('/admin/updatedb', {}, function(data){ alert(data); parseStatus(data) }) $.getJSON('/admin/updatedb', {}, function(data){ parseStatus(data) }) .fail(function() { parseStatus({"status": "auth_again"}); }) } function whitelistImport(){ listURLBuilder("/admin/whitelist/import", 'wl');} Loading Loading @@ -51,3 +51,16 @@ function postURL(url, force, file) { form.appendChild(inputFile); form.submit(); } function changePass() { var pass1 = document.getElementById("new_pass").value; var pass2 = document.getElementById("repeat_pass").value; var ok = true; if (pass1 != pass2) { document.getElementById("new_pass").style.borderColor = "#E34234"; document.getElementById("repeat_pass").style.borderColor = "#E34234"; }else { data = {'new_pass':pass1, 'current_pass':document.getElementById("current_pass").value} $.getJSON('/admin/change_pass', data, function(data){ parseStatus(data) }) .fail(function() { parseStatus({"status": "auth_again"}); }) } } web/static/js/custom/statusses.js +2 −0 Original line number Diff line number Diff line Loading @@ -14,6 +14,8 @@ case "logged_in": setStatus("Logged in successfully", "success"); _ok=true;break; case "auth_again": setStatus("Please authenticate again", "danger"); break; case "wrong_user_pass": setStatus("Combination user / password is wrong", "danger"); break; case "password_changed": setStatus("Password updated!", "success"); _ok=true;break; case "no_password": setStatus("Please make sure you enter a password", "danger"); break; case "outdated_database": setStatus("The database model is outdated! Please update to the latest database model", "danger"); break; case "db_updated": setStatus("Database update finished <div class='well'><pre>"+data['updateOutput']+"</pre></div>", "success"); _ok=true;break; case "wl_imported": Loading web/templates/admin.html +10 −0 Original line number Diff line number Diff line Loading @@ -67,5 +67,15 @@ <button onclick="dropBlacklist()">Drop list</button> <button onclick="location.href='/admin/blacklist'">View</button> </div> <!-- Change password --> <div class="well well-small tab"> <strong>Change your password</strong> <br /> <table> <tr><td>Current</td><td><input type="password" name="current_pass" id="current_pass"></td></tr> <tr><td>New </td><td><input type="password" name="new_pass" id="new_pass"> </td></tr> <tr><td>Repeat </td><td><input type="password" name="repeat_pass" id="repeat_pass"> </td></tr> </table> <button onclick="changePass()">Update</button> </div> <a href="#" class="back-to-top">Back to Top</a> {% endblock %} Loading
lib/User.py +11 −12 Original line number Diff line number Diff line Loading @@ -26,7 +26,7 @@ class UserNotFoundError(Exception): # Class class User(UserMixin): def __init__(self, id): '''Simple User class''' if not Configuration.loginRequired(): # dummy account for when logon is not required. Loading @@ -36,11 +36,10 @@ class User(UserMixin): for user in db.getUsers(): USERS[user['username']] = user['password'] def __init__(self, id): if not id in self.USERS: if not id in USERS: raise UserNotFoundError() self.id = id self.password = self.USERS[id] self.password = USERS[id] @classmethod def get(self_class, id): Loading
web/index.py +13 −0 Original line number Diff line number Diff line Loading @@ -469,6 +469,19 @@ def admin(): output=separator+separator.join(output) return render_template('admin.html', status="default", stats=adminStats(), updateOutput=filterUpdateField(output)) @app.route('/admin/change_pass') @login_required def change_pass(): current_pass = request.args.get('current_pass') new_pass = request.args.get('new_pass') if pbkdf2_sha256.verify(current_pass, current_user.password): if new_pass: new_pass = pbkdf2_sha256.encrypt(new_pass, rounds=8000, salt_size=10) db.changePassword(current_user.id , new_pass) return jsonify({"status": "password_changed"}) return jsonfiy({"status": "no_password"}) else: return jsonify({"status": "wrong_user_pass"}) @app.route('/admin/updatedb') @login_required Loading
web/static/js/custom/admin.js +14 −1 Original line number Diff line number Diff line function updateDB(){ setStatus("Database update started", "info") $.getJSON('/admin/updatedb', {}, function(data){ alert(data); parseStatus(data) }) $.getJSON('/admin/updatedb', {}, function(data){ parseStatus(data) }) .fail(function() { parseStatus({"status": "auth_again"}); }) } function whitelistImport(){ listURLBuilder("/admin/whitelist/import", 'wl');} Loading Loading @@ -51,3 +51,16 @@ function postURL(url, force, file) { form.appendChild(inputFile); form.submit(); } function changePass() { var pass1 = document.getElementById("new_pass").value; var pass2 = document.getElementById("repeat_pass").value; var ok = true; if (pass1 != pass2) { document.getElementById("new_pass").style.borderColor = "#E34234"; document.getElementById("repeat_pass").style.borderColor = "#E34234"; }else { data = {'new_pass':pass1, 'current_pass':document.getElementById("current_pass").value} $.getJSON('/admin/change_pass', data, function(data){ parseStatus(data) }) .fail(function() { parseStatus({"status": "auth_again"}); }) } }
web/static/js/custom/statusses.js +2 −0 Original line number Diff line number Diff line Loading @@ -14,6 +14,8 @@ case "logged_in": setStatus("Logged in successfully", "success"); _ok=true;break; case "auth_again": setStatus("Please authenticate again", "danger"); break; case "wrong_user_pass": setStatus("Combination user / password is wrong", "danger"); break; case "password_changed": setStatus("Password updated!", "success"); _ok=true;break; case "no_password": setStatus("Please make sure you enter a password", "danger"); break; case "outdated_database": setStatus("The database model is outdated! Please update to the latest database model", "danger"); break; case "db_updated": setStatus("Database update finished <div class='well'><pre>"+data['updateOutput']+"</pre></div>", "success"); _ok=true;break; case "wl_imported": Loading
web/templates/admin.html +10 −0 Original line number Diff line number Diff line Loading @@ -67,5 +67,15 @@ <button onclick="dropBlacklist()">Drop list</button> <button onclick="location.href='/admin/blacklist'">View</button> </div> <!-- Change password --> <div class="well well-small tab"> <strong>Change your password</strong> <br /> <table> <tr><td>Current</td><td><input type="password" name="current_pass" id="current_pass"></td></tr> <tr><td>New </td><td><input type="password" name="new_pass" id="new_pass"> </td></tr> <tr><td>Repeat </td><td><input type="password" name="repeat_pass" id="repeat_pass"> </td></tr> </table> <button onclick="changePass()">Update</button> </div> <a href="#" class="back-to-top">Back to Top</a> {% endblock %}
