cuchulu/cuchulufm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Many fixes for admin

Browse source
This commit is contained in:
Antonio de la Rosa 2025-12-02 18:29:43 +01:00
parent a6dea3481c
commit 3eec0260da
7 changed files with 147 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

26
cuchulu/libraries/sendmail.py
View file

@ -67,11 +67,11 @@ class SendMail:
self.txt_error='' self.txt_error=''
self.ssl=ssl self.ssl=ssl
if sys.version_info < (3, 6): if sys.version_info < (3, 10):
self.context = ssl_module.SSLContext(ssl_module.PROTOCOL_TLSv1_2)
else:
self.context = ssl_module.SSLContext(ssl_module.PROTOCOL_TLS) self.context = ssl_module.SSLContext(ssl_module.PROTOCOL_TLS)
else:
self.context = ssl_module.SSLContext(ssl_module.PROTOCOL_TLS_CLIENT)
def connect(self): def connect(self):
@ -79,6 +79,8 @@ class SendMail:
if self.ssl==True: if self.ssl==True:
error=False
try: try:
self.smtp.starttls(context=self.context) self.smtp.starttls(context=self.context)
@ -87,18 +89,32 @@ class SendMail:
self.txt_error='Error: cannot make HELO to this server' self.txt_error='Error: cannot make HELO to this server'
return False error=True
except RuntimeError: except RuntimeError:
self.txt_error='Error: SSL/TLS is not supported in your python interpreter' self.txt_error='Error: SSL/TLS is not supported in your python interpreter'
return False error=True
except ssl.SSLCertVerificationError:
self.txt_error='Error: certificate verify failed, unable to get local issuer certificate. Install pip-system-certs can help.'
error=True
except smtplib.SMTPException as e: except smtplib.SMTPException as e:
self.txt_error=e.__str__() self.txt_error=e.__str__()
error=True
if error:
self.smtp.quit()
return False return False

4
cuchulu/libraries/sessionplugin.py
View file

@ -118,6 +118,7 @@ def session_plugin(callback):
rv=callback(*args, **kwargs) rv=callback(*args, **kwargs)
"""
if request.environ['session'].changed: if request.environ['session'].changed:
if not safe: if not safe:
@ -125,6 +126,9 @@ def session_plugin(callback):
#if not max_age: #if not max_age:
response.set_cookie(config.cookie_name, safe.dumps(session), path=config.session_opts['session.path'], httponly=True) response.set_cookie(config.cookie_name, safe.dumps(session), path=config.session_opts['session.path'], httponly=True)
"""
request.environ['session'].save()
return rv return rv

35
cuchulu/modules/admin/app.py
View file

@ -21,6 +21,7 @@ from bottle import redirect, request, response
from cuchulu.libraries.urls import url_for from cuchulu.libraries.urls import url_for
from cuchulu.libraries.sessionplugin import Session from cuchulu.libraries.sessionplugin import Session
from cuchulu.modules.admin.libraries.check_login_tries import check_login_tries from cuchulu.modules.admin.libraries.check_login_tries import check_login_tries
import copy
#from cuchulu.modules.admin.libraries.admin_auth import admin_prepare, admin_finished, modules_access #from cuchulu.modules.admin.libraries.admin_auth import admin_prepare, admin_finished, modules_access
try: try:
import ujson as json import ujson as json
@ -92,15 +93,21 @@ def admin():
def logout(session=Session()): def logout(session=Session()):
#resp=make_response(redirect(url_for('admin_app.login'))) #resp=make_response(redirect(url_for('admin_app.login')))
"""
if 'login_admin' in session: if 'login_admin' in session:
del session['login_admin'] del session['login_admin']
if 'verify_auth' in session: if 'verify_auth' in session:
del session['verify_auth'] del session['verify_auth']
"""
#session.clear()
keys=list(session.keys())
for k in keys:
del session[k]
if 'remember_login_admin' in request.cookies: if 'remember_login_admin' in request.cookies:
response.set_cookie('remember_login_admin', '', max_age=0, expires=0, path=config.application_root) response.set_cookie('remember_login_admin', '', max_age=0, expires=0, path=config.base_url)
# We need save session when redirect is done. # We need save session when redirect is done.
@ -173,6 +180,9 @@ def login(db=True, session=Session()):
user_admin.check_user=False user_admin.check_user=False
# Disable remember login
"""
if 'remember_login' in request.forms: if 'remember_login' in request.forms:
remember_key=create_key_encrypt() remember_key=create_key_encrypt()
@ -184,11 +194,13 @@ def login(db=True, session=Session()):
user_admin.fields['token_login'].protected=False user_admin.fields['token_login'].protected=False
response.set_cookie('remember_login_admin', json.dumps((arr_user['id'], remember_key)), max_age=315360000, expires=timestamp, path=config.application_root) response.set_cookie('remember_login_admin', json.dumps((arr_user['id'], remember_key)), max_age=315360000, expires=timestamp, path=config.base_url)
"""
if arr_user['double_auth']: if arr_user['double_auth']:
token_auth=create_key(8) token_auth=create_key(8)
session['verify_auth']=False session['verify_auth']=False
user_admin.fields['token_auth'].protected=False user_admin.fields['token_auth'].protected=False
@ -309,15 +321,20 @@ def signup(db=True, session=Session()):
else: else:
return redirect(url_for('.login')) return redirect(url_for('admin_app.login'))
@admin_app.get('/admin/need_auth') @admin_app.get('/admin/need_auth', name='admin_app.need_auth', skip=[check_login])
def need_auth(): def need_auth(session=Session()):
return t.load_template('need_auth.phtml') #if session.get('verify_auth', False):
if 'verify_auth' in session and not session.get('verify_auth', False):
return t.load_template('need_auth.phtml')
else:
return redirect(url_for('admin_app.login'))
@admin_app.post('/admin/auth_check') @admin_app.post('/admin/auth_check', name='admin_app.auth_check', skip=[check_login])
def auth_check(db=True): def auth_check(db=True, session=Session()):
error=1 error=1

86
cuchulu/modules/admin/libraries/admin_auth.py
View file

@ -6,6 +6,8 @@ from cuchulu.libraries.i18n import I18n, PGetText
from bottle import request, redirect from bottle import request, redirect
from cuchulu.wsgiapp import app from cuchulu.wsgiapp import app
from bottle import abort from bottle import abort
from cuchulu.libraries.sessionplugin import get_session
from cuchulu.libraries.urls import url_for
try: try:
import ujson as json import ujson as json
@ -16,7 +18,7 @@ modules_access=[]
def check_login(callback): def check_login(callback):
def wrapper(*args, **kwargs): def wrapper(*args, **kwargs):
"""
if 'session' in request.environ: if 'session' in request.environ:
if request.environ['session'].get('login_admin', False) and not request.environ['session'].get('verify_auth', False): if request.environ['session'].get('login_admin', False) and not request.environ['session'].get('verify_auth', False):
@ -34,7 +36,89 @@ def check_login(callback):
redirect(app.get_url('admin_app.need_auth')) redirect(app.get_url('admin_app.need_auth'))
redirect(app.get_url('admin_app.login')) redirect(app.get_url('admin_app.login'))
"""
db=kwargs.get('db', WebModel.connection())
session=get_session()
if 'login_admin' not in session:
# Disabled remember login
"""
if 'remember_login_admin' in request.cookies:
try:
arr_cookie=json.loads(request.cookies['remember_login_admin'])
except:
arr_cookie=(0, '')
#print(arr_cookie)
#with g.connection.query('select count(id) as count_id from useradmin where token_login=%s', [request.cookies['remember_login_admin']]) as cursor:
with db.query('select id, token_login, dark_theme from useradmin where id=%s', [arr_cookie[0]]) as cursor:
arr_user=cursor.fetchone()
if arr_user:
passfield=PasswordField('token_login')
if passfield.verify(arr_cookie[1], arr_user['token_login']):
session['login_admin']=True
session['user_id']=arr_user['id']
if arr_user['dark_theme']:
session['theme']='1'
else:
session['theme']='0'
session['lang']=arr_user.get('lang', I18n.default_lang)
else:
session.clear()
session.save()
url_redirect=url_for('admin_app.login', _external=False)
return redirect(url_redirect)
else:
session.clear()
session.save()
url_redirect=url_for('admin_app.login', _external=False)
return redirect(url_redirect)
else:
"""
url_redirect=url_for('admin_app.login')
return redirect(url_redirect)
pass
else:
if not session.get('verify_auth', True):
url_redirect=url_for('admin_app.need_auth')
return redirect(url_redirect)
result = callback(*args, **kwargs)
return result
return wrapper return wrapper
""" """

8
cuchulu/modules/admin/templates/login.phtml
View file

@ -23,11 +23,11 @@
data_form={'username': $('#username_form').val(), 'password': $('#password_form').val(), 'csrf_token': $("#csrf_token").val()}; data_form={'username': $('#username_form').val(), 'password': $('#password_form').val(), 'csrf_token': $("#csrf_token").val()};
if($('#remember_login:checked').val()) /*if($('#remember_login:checked').val())
{ {
data_form.remember_login=$('#remember_login').val(); data_form.remember_login=$('#remember_login').val();
} }*/
$.ajax({ $.ajax({
url: "${url_for('admin_app.login')}", url: "${url_for('admin_app.login')}",
@ -99,9 +99,9 @@
${_('Paramecio Login')} ${_('Paramecio Login')}
</div> </div>
${forms|n} ${forms|n}
<div class="form"> <!--<div class="form">
${_('Remember login?')} <input type="checkbox" id="remember_login" name="remember_login" value="1"> ${_('Remember login?')} <input type="checkbox" id="remember_login" name="remember_login" value="1">
</div> </div>-->
<div id="submit_block"> <div id="submit_block">
<input type="submit" value="${_('Login')}" class="submit" id="login_submit"/> <input type="submit" value="${_('Login')}" class="submit" id="login_submit"/>
<span id="loading">&nbsp;</span> <span id="loading">&nbsp;</span>

6
cuchulu/modules/admin/templates/need_auth.phtml
View file

@ -6,7 +6,7 @@
${_('Paramecio Login')} ${_('Paramecio Login')}
</div> </div>
<div class="form"> <div class="form">
<p align="center">${_('Check your email for get instructions for complete login with double auth or')} <a href="${url_for('.logout')}">logout</a> and login again with other user</p> <p align="center">${_('Check your email for get instructions for complete login with double auth or')} <a href="${url_for('admin_app.logout')}">logout</a> and login again with other user</p>
<p><label>${_('Code')} *</label><input type="text" class="" name="code" id="code_form" value="" /> <span class="error" id="code_error"></span></p> <p><label>${_('Code')} *</label><input type="text" class="" name="code" id="code_form" value="" /> <span class="error" id="code_error"></span></p>
${csrf_token()|n} ${csrf_token()|n}
</div> </div>
@ -29,7 +29,7 @@
data_form={'code': $('#code_form').val(), 'csrf_token': $("#csrf_token").val()}; data_form={'code': $('#code_form').val(), 'csrf_token': $("#csrf_token").val()};
$.ajax({ $.ajax({
url: "${url_for('.auth_check')}", url: "${url_for('admin_app.auth_check')}",
method: "POST", method: "POST",
dataType: "json", dataType: "json",
data: data_form, data: data_form,
@ -45,7 +45,7 @@
{ {
//location.reload() //location.reload()
location.href="${url_for('.admin')}"; location.href="${url_for('admin_app.admin')}";
} }
else else

6
cuchulu/settings/config.py.sample
View file

@ -15,7 +15,7 @@ cuchulu_root=os.path.dirname(sys.modules['cuchulu'].__file__)
#Host/IP where bind the server #Host/IP where bind the server
port=8080 port=5000
debug=False debug=False
@ -64,7 +64,9 @@ session_enabled=True
cookie_name = 'cuchulu.session' cookie_name = 'cuchulu.session'
domain_url='http://localhost:8080' domain_url='http://localhost:5000
portal_email='Portal name'
#Keep this variable and don't show to anybody #Keep this variable and don't show to anybody