Loading lib/DatabaseLayer.py +0 −14 Original line number Diff line number Diff line Loading @@ -221,23 +221,9 @@ def findRanking(cpe=None, regex=False): return sanitize(colRANKING.find_one({'cpe': cpe})) # Users def getUsers(): return sanitize(colUSERS.find()) def getUser(user): return sanitize(colUSERS.find_one({"username": user})) def getToken(user): data = sanitize(colUSERS.find_one({"username": user})) if not data: return None if 'token' in data.keys():return data['token'] else: return generateToken(user) def generateToken(user): token = uuid.uuid4().hex colUSERS.update({'username': user}, {'$set': {'token': token}}) return token ########### # Plugins # ########### Loading lib/DatabaseLayer2.py +0 −1 Original line number Diff line number Diff line Loading @@ -284,7 +284,6 @@ class CWEs: self.cwe = {x.id: x for x in self.db.cwe_getAll()} for c in self.cwe.values(): c.capec = DatabaseLayer().CAPEC.relatedTo(c.id) print(self.cwe) ######### Loading web/advanced_api.py +3 −3 Original line number Diff line number Diff line Loading @@ -78,7 +78,7 @@ class Advanced_API(API): authenticator = AuthenticationHandler() if authenticator.validateUser(name, token): authenticated = True elif method.lower() == 'token': if db.getToken(name) == token: authenticated = True if self.db.Users.getToken(name) == token: authenticated = True elif method.lower() == 'session': authenticator = AuthenticationHandler() if authenticator.api_sessions.get(name) == token: authenticated = True Loading Loading @@ -155,12 +155,12 @@ class Advanced_API(API): @token_required # Of course only the login credentials would work def api_admin_get_token(self): method, name, key = Advanced_API.getAuth() return db.getToken(name) return self.db.Users.getToken(name) @token_required def api_admin_generate_token(self): method, name, key = Advanced_API.getAuth() return db.generateToken(name) return self.db.Users.generateToken(name) @token_required def api_admin_get_session(self): Loading web/index.py +2 −2 Original line number Diff line number Diff line Loading @@ -187,7 +187,7 @@ class Index(Minimal, Advanced_API): return {'stats': db.getDBStats(True), 'plugins': self.plugManager.getPlugins(), 'updateOutput': self.filterUpdateField(output), 'token': db.getToken(current_user.id)} 'token': self.db.Users.getToken(current_user.id)} # user management Loading Loading @@ -308,7 +308,7 @@ class Index(Minimal, Advanced_API): # /admin/request_token @login_required def request_token(self): return jsonify({"token": db.generateToken(current_user.id)}) return jsonify({"token": self.db.Users.generateToken(current_user.id)}) # /admin/updatedb @login_required Loading Loading
lib/DatabaseLayer.py +0 −14 Original line number Diff line number Diff line Loading @@ -221,23 +221,9 @@ def findRanking(cpe=None, regex=False): return sanitize(colRANKING.find_one({'cpe': cpe})) # Users def getUsers(): return sanitize(colUSERS.find()) def getUser(user): return sanitize(colUSERS.find_one({"username": user})) def getToken(user): data = sanitize(colUSERS.find_one({"username": user})) if not data: return None if 'token' in data.keys():return data['token'] else: return generateToken(user) def generateToken(user): token = uuid.uuid4().hex colUSERS.update({'username': user}, {'$set': {'token': token}}) return token ########### # Plugins # ########### Loading
lib/DatabaseLayer2.py +0 −1 Original line number Diff line number Diff line Loading @@ -284,7 +284,6 @@ class CWEs: self.cwe = {x.id: x for x in self.db.cwe_getAll()} for c in self.cwe.values(): c.capec = DatabaseLayer().CAPEC.relatedTo(c.id) print(self.cwe) ######### Loading
web/advanced_api.py +3 −3 Original line number Diff line number Diff line Loading @@ -78,7 +78,7 @@ class Advanced_API(API): authenticator = AuthenticationHandler() if authenticator.validateUser(name, token): authenticated = True elif method.lower() == 'token': if db.getToken(name) == token: authenticated = True if self.db.Users.getToken(name) == token: authenticated = True elif method.lower() == 'session': authenticator = AuthenticationHandler() if authenticator.api_sessions.get(name) == token: authenticated = True Loading Loading @@ -155,12 +155,12 @@ class Advanced_API(API): @token_required # Of course only the login credentials would work def api_admin_get_token(self): method, name, key = Advanced_API.getAuth() return db.getToken(name) return self.db.Users.getToken(name) @token_required def api_admin_generate_token(self): method, name, key = Advanced_API.getAuth() return db.generateToken(name) return self.db.Users.generateToken(name) @token_required def api_admin_get_session(self): Loading
web/index.py +2 −2 Original line number Diff line number Diff line Loading @@ -187,7 +187,7 @@ class Index(Minimal, Advanced_API): return {'stats': db.getDBStats(True), 'plugins': self.plugManager.getPlugins(), 'updateOutput': self.filterUpdateField(output), 'token': db.getToken(current_user.id)} 'token': self.db.Users.getToken(current_user.id)} # user management Loading Loading @@ -308,7 +308,7 @@ class Index(Minimal, Advanced_API): # /admin/request_token @login_required def request_token(self): return jsonify({"token": db.generateToken(current_user.id)}) return jsonify({"token": self.db.Users.generateToken(current_user.id)}) # /admin/updatedb @login_required Loading
