Commit e9fa7941 authored by Alain Takoudjou's avatar Alain Takoudjou

Create the account at the first launch of WebRunner

parent 873a5b35
......@@ -118,15 +118,9 @@ def serve(config):
workspace = workdir,
instance_profile='instance.cfg',
software_profile='software.cfg',
SECRET_KEY='123',
SECRET_KEY=os.urandom(24),
)
if not os.path.exists(workdir):
os.mkdir(workdir)
if not os.path.exists(os.path.join(config.runner_workdir, '.users')):
#set default user and password
salt = "runner81" #to be changed
pwd = hashlib.md5( salt + "insecure" ).hexdigest()
user = "root;"+pwd+";;Slaprunner Administrator"
open(os.path.join(config.runner_workdir, '.users'), 'w').write(user)
app.run(host=config.runner_host, port=int(config.runner_port),
debug=config.debug, threaded=True)
......@@ -72,6 +72,7 @@ overflow-y: scroll;
text-align: left;
padding-left: 20px;
height: 30px;
position:relative;
}
#header .run{
......@@ -706,7 +707,7 @@ input[type=radio]:hover {
#login-page{width:429px; height:236px; margin:130px auto 0px; background:url(../images/loginBox.png) no-repeat;
padding:10px; font-size:14px; color:#03406A}
#login-page h2{color:#fff; font-size:26px; font-weight:normal; text-indent:50px;}
.login-content{margin:10px; margin-top:40px; margin-bottom:0; height:90px;}
.login-content{position:relative;margin:10px; margin-top:30px; margin-bottom:0;}
.login-button{width:140px; margin:0 auto;}
.login-element{float:left; min-width:120px;}
.login-label{padding:5px; font-size:16px;}
......
......@@ -9,7 +9,7 @@ $(function () {
$('a[rel=tooltip], a[rel=tooltip-min], .popup').mouseover(function () {
var height = $(this).height();
var top = $(this).offset().top + height;
var left = $(this).offset().left - ($(this).width() /2);
var left = $(this).offset().left +($(this).width()/2)-30;
var content = "#tooltip-" + $(this).attr('id');
if (hideDelayTimer) clearTimeout(hideDelayTimer);
if (beingShown || shown) {
......@@ -17,14 +17,6 @@ $(function () {
} else {
$('#jqtooltip').empty();
var contentValue = $(content).clone(true, true);
/*$(contentValue).find("*").each(function(index, element) {
if(element.id){element.id = "jqt_" + element.id;}
if($(this).attr('for')){$(this).attr('for', 'jqt_' + $(this).attr('for'))}
//var events = $(content).get[0];
//for (var type in events)
// for (var handler in events[type])
// jQuery.event.add(this, type, events[type][handler], events[type][handler].data);
});*/
$(contentValue).appendTo('#jqtooltip');
$('#jqtooltip ' + content).show();
// reset position of info box
......
......@@ -14,6 +14,10 @@ $(document).ready( function() {
$("#error").Popup("Please enter a valid email adress!", {type:'alert', duration:3000});
return false;
}
if($("input#hasAccount").val() === "" && !$("input#password").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Please enter your new password!", {type:'alert', duration:3000});
return false;
}
if($("input#password").val() !== ""){
if($("input#password").val() === "" || !$("input#password").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Please enter your new password!", {type:'alert', duration:3000});
......@@ -34,7 +38,7 @@ $(document).ready( function() {
password:((haspwd) ? $("input#password").val():"")},
success: function(data){
if(data.code ==1){
$("#error").Popup("Your account informations has been saved!", {type:'confirm', duration:3000});
location.href = $SCRIPT_ROOT+"/"
}
else{
$("#error").Popup(data.result, {type:'error', duration:5000});
......
......@@ -29,7 +29,10 @@
<div class='clear'></div>
<br/><br/><br/>
</div>
<div id="file_info" class="file_info">leave passwords blank to preserve your current password...</div>
<div id="file_info" class="file_info">{% if username %}leave passwords blank to preserve your current password...{%else%}
Before starting, please fill your personal informations... {%endif%}
</div>
<br/>
<input type="hidden" name="hasAccount" id="hasAccount" value="{{name}}"/>
</form>
{% endblock %}
......@@ -6,17 +6,26 @@
{% block body %}
<form method="POST" action="">
<h2>Login to Slapos Web Runner</h2>
<div class="login-content">
<div class="login-content"><br/>
<div class="login-element login-label"><label for="clogin">Your login&nbsp; : </label></div>
<div class="login-element"><input type="text" class="login-input" name="clogin" id="clogin" value="Enter login..." /></div><br/><br/>
<div class="clear"></div>
<div class="login-element login-label"><label for="cpwd">Password : </label></div>
<div class="login-element"><input type="password" class="idleField login-input" name="cpwd" id="cpwd" value="******" /></div>
<div class="clear"></div>
<!--<br/><a href="#" id="information" rel="tooltip">do you need help?</a><br/>-->
</div>
<div style="text-align:center">
<div style="text-align:center; margin-top:7px;">
<input type="reset" class="button" value="reset" />
<input type="submit" class="button" id="login" value="login" />
</div>
</form>
<!--
<div id="tooltip-information" style="display:none">
<p style="font-size:12px;">
If it is your first connexion, use default parameters:<br/>
login: <strong>root</strong>, password: <strong>insecure</strong> and set your
one<br/> parameters at <strong>home->Your Account</strong>.
</p>
</div>-->
{% endblock %}
\ No newline at end of file
......@@ -56,10 +56,17 @@ def checkLogin(config, login, pwd):
user = getSession(config)
salt = "runner81" #to be changed
current_pwd = hashlib.md5( salt + pwd ).hexdigest()
if current_pwd == user[1]:
if user and current_pwd == user[1] and login == user[0]:
return user
return False
def checkSession(config, session, account):
"""Return True if current user is connected with rigth data"""
if 'account' in session and account:
return (session['account'][0] == account[0] and
session['account'][1] == account[1])
return False
def getSession(config):
"""
Get the session data of current user.
......@@ -99,6 +106,7 @@ def saveSession(config, session, account):
account[1] = hashlib.md5(salt + account[1]).hexdigest()
else:
account[1] = session['account'][1]
if 'account' in session:
#backup previous data
open(user+'.back', 'w').write(';'.join(session['account']))
backup = True
......
......@@ -14,13 +14,18 @@ app = Flask(__name__)
#Access Control: Only static files and login pages are allowed to guest
@app.before_request
def before_request():
if (not session.has_key('account') or not session['account']) \
and request.path != '/login' \
and request.path != '/doLogin' and not request.path.startswith('/static'):
if not request.path.startswith('/static'):
account = getSession(app.config)
if account:
if request.path != '/login' and request.path != '/doLogin' and \
not checkSession(app.config, session, account):
return redirect(url_for('login'))
if session.has_key('account') and session['account']:
session['title'] = getProjectTitle(app.config)
session['account'] = getSession(app.config)
else:
session.pop('account', None)
session['title'] = "No account is defined"
if request.path != "/updateAccount" and request.path != "/myAccount":
return redirect(url_for('myAccount'))
# general views
@app.route('/')
......@@ -33,12 +38,15 @@ def login():
@app.route("/myAccount")
def myAccount():
if 'account' in session:
return render_template('account.html', username=session['account'][0],
email=session['account'][2], name=session['account'][3].decode('utf-8'))
else:
return render_template('account.html')
@app.route("/logout")
def logout():
session['account'] = None
session.pop('account', None)
return redirect(url_for('login'))
@app.route('/configRepo')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment