mirror of
https://gitlab.com/crafty-controller/crafty-4.git
synced 2025-01-18 17:15:13 +01:00
Add cookie secret to DB
Allow users to reset cookie and api secret Add Crafty row to table on fresh install Change inserts to updates for crafty settings table.
This commit is contained in:
parent
aa2ba4f8cf
commit
2d9529ba0c
@ -46,6 +46,14 @@ class ManagementController:
|
|||||||
def get_crafty_api_key():
|
def get_crafty_api_key():
|
||||||
return HelpersManagement.get_secret_api_key()
|
return HelpersManagement.get_secret_api_key()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def set_cookie_secret(key):
|
||||||
|
HelpersManagement.set_cookie_secret(key)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def add_crafty_row():
|
||||||
|
HelpersManagement.create_crafty_row()
|
||||||
|
|
||||||
# **********************************************************************************
|
# **********************************************************************************
|
||||||
# Commands Methods
|
# Commands Methods
|
||||||
# **********************************************************************************
|
# **********************************************************************************
|
||||||
|
@ -43,6 +43,7 @@ class AuditLog(BaseModel):
|
|||||||
# **********************************************************************************
|
# **********************************************************************************
|
||||||
class CraftySettings(BaseModel):
|
class CraftySettings(BaseModel):
|
||||||
secret_api_key = CharField(default="")
|
secret_api_key = CharField(default="")
|
||||||
|
cookie_secret = CharField(default="")
|
||||||
login_photo = CharField(default="login_1.jpg")
|
login_photo = CharField(default="login_1.jpg")
|
||||||
login_opacity = IntegerField(default=100)
|
login_opacity = IntegerField(default=100)
|
||||||
|
|
||||||
@ -204,9 +205,22 @@ class HelpersManagement:
|
|||||||
else:
|
else:
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def create_crafty_row():
|
||||||
|
CraftySettings.insert(
|
||||||
|
{
|
||||||
|
CraftySettings.secret_api_key: "",
|
||||||
|
CraftySettings.cookie_secret: "",
|
||||||
|
CraftySettings.login_photo: "login_1.jpg",
|
||||||
|
CraftySettings.login_opacity: 100,
|
||||||
|
}
|
||||||
|
).execute()
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def set_secret_api_key(key):
|
def set_secret_api_key(key):
|
||||||
CraftySettings.insert(secret_api_key=key).execute()
|
CraftySettings.update({CraftySettings.secret_api_key: key}).where(
|
||||||
|
CraftySettings.id == 1
|
||||||
|
).execute()
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_secret_api_key():
|
def get_secret_api_key():
|
||||||
@ -215,6 +229,19 @@ class HelpersManagement:
|
|||||||
)
|
)
|
||||||
return settings[0].secret_api_key
|
return settings[0].secret_api_key
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_cookie_secret():
|
||||||
|
settings = CraftySettings.select(CraftySettings.cookie_secret).where(
|
||||||
|
CraftySettings.id == 1
|
||||||
|
)
|
||||||
|
return settings[0].cookie_secret
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def set_cookie_secret(key):
|
||||||
|
CraftySettings.update({CraftySettings.cookie_secret: key}).where(
|
||||||
|
CraftySettings.id == 1
|
||||||
|
).execute()
|
||||||
|
|
||||||
# **********************************************************************************
|
# **********************************************************************************
|
||||||
# Config Methods
|
# Config Methods
|
||||||
# **********************************************************************************
|
# **********************************************************************************
|
||||||
|
@ -403,8 +403,6 @@ class Helpers:
|
|||||||
"https_port": 8443,
|
"https_port": 8443,
|
||||||
"language": "en_EN",
|
"language": "en_EN",
|
||||||
"cookie_expire": 30,
|
"cookie_expire": 30,
|
||||||
"cookie_secret": "random",
|
|
||||||
"apikey_secret": "random",
|
|
||||||
"show_errors": True,
|
"show_errors": True,
|
||||||
"history_max_age": 7,
|
"history_max_age": 7,
|
||||||
"stats_update_frequency": 30,
|
"stats_update_frequency": 30,
|
||||||
@ -418,6 +416,7 @@ class Helpers:
|
|||||||
"keywords": ["help", "chunk"],
|
"keywords": ["help", "chunk"],
|
||||||
"allow_nsfw_profile_pictures": False,
|
"allow_nsfw_profile_pictures": False,
|
||||||
"enable_user_self_delete": False,
|
"enable_user_self_delete": False,
|
||||||
|
"reset_secrets_on_boot": False,
|
||||||
}
|
}
|
||||||
|
|
||||||
def get_all_settings(self):
|
def get_all_settings(self):
|
||||||
|
@ -8,9 +8,10 @@ logger = logging.getLogger(__name__)
|
|||||||
|
|
||||||
|
|
||||||
class DatabaseBuilder:
|
class DatabaseBuilder:
|
||||||
def __init__(self, database, helper, users_helper):
|
def __init__(self, database, helper, users_helper, management_helper):
|
||||||
self.database = database
|
self.database = database
|
||||||
self.helper = helper
|
self.helper = helper
|
||||||
|
self.management_helper = management_helper
|
||||||
self.users_helper = users_helper
|
self.users_helper = users_helper
|
||||||
|
|
||||||
def default_settings(self):
|
def default_settings(self):
|
||||||
@ -29,6 +30,8 @@ class DatabaseBuilder:
|
|||||||
manager=None,
|
manager=None,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
self.management_helper.create_crafty_row()
|
||||||
|
|
||||||
def is_fresh_install(self):
|
def is_fresh_install(self):
|
||||||
try:
|
try:
|
||||||
num_user = self.users_helper.get_user_total()
|
num_user = self.users_helper.get_user_total()
|
||||||
|
@ -11,6 +11,7 @@ import tornado.escape
|
|||||||
import tornado.locale
|
import tornado.locale
|
||||||
import tornado.httpserver
|
import tornado.httpserver
|
||||||
|
|
||||||
|
from app.classes.models.management import HelpersManagement
|
||||||
from app.classes.shared.console import Console
|
from app.classes.shared.console import Console
|
||||||
from app.classes.shared.helpers import Helpers
|
from app.classes.shared.helpers import Helpers
|
||||||
from app.classes.shared.main_controller import Controller
|
from app.classes.shared.main_controller import Controller
|
||||||
@ -110,10 +111,13 @@ class Webserver:
|
|||||||
https_port = self.helper.get_setting("https_port")
|
https_port = self.helper.get_setting("https_port")
|
||||||
|
|
||||||
debug_errors = self.helper.get_setting("show_errors")
|
debug_errors = self.helper.get_setting("show_errors")
|
||||||
cookie_secret = self.helper.get_setting("cookie_secret")
|
try:
|
||||||
|
cookie_secret = HelpersManagement.get_cookie_secret()
|
||||||
if cookie_secret is False:
|
except:
|
||||||
|
cookie_secret = False
|
||||||
|
if cookie_secret is False or cookie_secret == "":
|
||||||
cookie_secret = self.helper.random_string_generator(32)
|
cookie_secret = self.helper.random_string_generator(32)
|
||||||
|
HelpersManagement.set_cookie_secret(cookie_secret)
|
||||||
|
|
||||||
if not http_port:
|
if not http_port:
|
||||||
http_port = 8000
|
http_port = 8000
|
||||||
|
16
app/migrations/20230129_secrets_shh.py
Normal file
16
app/migrations/20230129_secrets_shh.py
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
# Generated by database migrator
|
||||||
|
import peewee
|
||||||
|
|
||||||
|
|
||||||
|
def migrate(migrator, database, **kwargs):
|
||||||
|
migrator.add_columns("crafty_settings", cookie_secret=peewee.CharField(default=""))
|
||||||
|
"""
|
||||||
|
Write your migrations here.
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
def rollback(migrator, database, **kwargs):
|
||||||
|
migrator.drop_columns("crafty_settings", ["cookie_secret"])
|
||||||
|
"""
|
||||||
|
Write your rollback migrations here.
|
||||||
|
"""
|
16
main.py
16
main.py
@ -14,6 +14,7 @@ from app.classes.shared.import3 import Import3
|
|||||||
from app.classes.shared.console import Console
|
from app.classes.shared.console import Console
|
||||||
from app.classes.shared.helpers import Helpers
|
from app.classes.shared.helpers import Helpers
|
||||||
from app.classes.models.users import HelperUsers
|
from app.classes.models.users import HelperUsers
|
||||||
|
from app.classes.models.management import HelpersManagement
|
||||||
from app.classes.shared.import_helper import ImportHelpers
|
from app.classes.shared.import_helper import ImportHelpers
|
||||||
|
|
||||||
console = Console()
|
console = Console()
|
||||||
@ -124,7 +125,8 @@ if __name__ == "__main__":
|
|||||||
|
|
||||||
# do our installer stuff
|
# do our installer stuff
|
||||||
user_helper = HelperUsers(database, helper)
|
user_helper = HelperUsers(database, helper)
|
||||||
installer = DatabaseBuilder(database, helper, user_helper)
|
management_helper = HelpersManagement(database, helper)
|
||||||
|
installer = DatabaseBuilder(database, helper, user_helper, management_helper)
|
||||||
FRESH_INSTALL = installer.is_fresh_install()
|
FRESH_INSTALL = installer.is_fresh_install()
|
||||||
|
|
||||||
if FRESH_INSTALL:
|
if FRESH_INSTALL:
|
||||||
@ -145,6 +147,18 @@ if __name__ == "__main__":
|
|||||||
Console.info("Checking for remote changes to config.json")
|
Console.info("Checking for remote changes to config.json")
|
||||||
controller.get_config_diff()
|
controller.get_config_diff()
|
||||||
Console.info("Remote change complete.")
|
Console.info("Remote change complete.")
|
||||||
|
|
||||||
|
Console.info("Checking for reset secret flag")
|
||||||
|
if helper.get_setting("reset_secrets_on_boot"):
|
||||||
|
Console.info("Found Reset")
|
||||||
|
controller.management.set_crafty_api_key(
|
||||||
|
str(helper.random_string_generator(64))
|
||||||
|
)
|
||||||
|
controller.management.set_cookie_secret(str(helper.random_string_generator(32)))
|
||||||
|
helper.set_setting("reset_secrets_on_boot", False)
|
||||||
|
else:
|
||||||
|
Console.info("No flag found. Secrets are staying")
|
||||||
|
|
||||||
import3 = Import3(helper, controller)
|
import3 = Import3(helper, controller)
|
||||||
tasks_manager = TasksManager(helper, controller)
|
tasks_manager = TasksManager(helper, controller)
|
||||||
tasks_manager.start_webserver()
|
tasks_manager.start_webserver()
|
||||||
|
Loading…
x
Reference in New Issue
Block a user