Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.toolbox
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Tristan Cavelier
slapos.toolbox
Commits
0d5fa8e6
Commit
0d5fa8e6
authored
Jul 31, 2012
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add password recovery code for session
parent
513b01cd
Changes
8
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
48 additions
and
28 deletions
+48
-28
slapos/runner/__init__.py
slapos/runner/__init__.py
+3
-2
slapos/runner/static/css/styles.css
slapos/runner/static/css/styles.css
+4
-2
slapos/runner/static/js/scripts/account.js
slapos/runner/static/js/scripts/account.js
+13
-1
slapos/runner/templates/account.html
slapos/runner/templates/account.html
+14
-6
slapos/runner/templates/cloneRepository.html
slapos/runner/templates/cloneRepository.html
+3
-3
slapos/runner/templates/layout.html
slapos/runner/templates/layout.html
+1
-1
slapos/runner/utils.py
slapos/runner/utils.py
+5
-12
slapos/runner/views.py
slapos/runner/views.py
+5
-1
No files found.
slapos/runner/__init__.py
View file @
0d5fa8e6
...
...
@@ -5,7 +5,7 @@ import logging.handlers
import
os
import
sys
import
subprocess
import
hashlib
from
datetime
import
timedelta
class
Parser
(
OptionParser
):
"""
...
...
@@ -118,7 +118,8 @@ def serve(config):
workspace
=
workdir
,
instance_profile
=
'instance.cfg'
,
software_profile
=
'software.cfg'
,
SECRET_KEY
=
os
.
urandom
(
24
),
SECRET_KEY
=
"123456"
,
PERMANENT_SESSION_LIFETIME
=
timedelta
(
days
=
31
),
)
if
not
os
.
path
.
exists
(
workdir
):
os
.
mkdir
(
workdir
)
...
...
slapos/runner/static/css/styles.css
View file @
0d5fa8e6
...
...
@@ -43,7 +43,7 @@ textarea {
}
body
{
background
:
#
2281C1
;
/*
url("../images/1307251316-background-stripes.gif") repeat #9C9C9C;*/
background
:
#
1E73BD
;
/*#1862C4
url("../images/1307251316-background-stripes.gif") repeat #9C9C9C;*/
font-family
:
'Helvetica Neue'
,
Tahoma
,
Helvetica
,
Arial
,
sans-serif
;
color
:
#000000
;
font-size
:
13px
;
...
...
@@ -711,4 +711,6 @@ padding:10px; font-size:14px; color:#03406A}
.login-button
{
width
:
140px
;
margin
:
0
auto
;}
.login-element
{
float
:
left
;
min-width
:
120px
;}
.login-label
{
padding
:
5px
;
font-size
:
16px
;}
.login-input
{
width
:
220px
;}
\ No newline at end of file
.login-input
{
width
:
220px
;}
.information
{
display
:
block
;
float
:
left
;
height
:
16px
;
margin-top
:
10px
;
margin-left
:
10px
;
font-weight
:
bold
}
.account
{
margin-left
:
60px
;}
\ No newline at end of file
slapos/runner/static/js/scripts/account.js
View file @
0d5fa8e6
...
...
@@ -6,6 +6,10 @@ $(document).ready( function() {
$
(
"
#error
"
).
Popup
(
"
Invalid user name. Please check it!
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
return
false
;
}
else
if
(
$
(
"
input#username
"
).
val
().
length
<
6
){
$
(
"
#error
"
).
Popup
(
"
Username must have at least 6 characters
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
return
false
;
}
if
(
$
(
"
input#name
"
).
val
()
===
""
){
$
(
"
#error
"
).
Popup
(
"
Please enter your name and surname!
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
return
false
;
...
...
@@ -18,6 +22,10 @@ $(document).ready( function() {
$
(
"
#error
"
).
Popup
(
"
Please enter your new password!
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
return
false
;
}
if
(
$
(
"
input#password
"
).
val
()
!==
""
&&
$
(
"
input#password
"
).
val
().
length
<
6
){
$
(
"
#error
"
).
Popup
(
"
The password must have at least 6 characters
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
return
false
;
}
if
(
$
(
"
input#password
"
).
val
()
!==
""
){
if
(
$
(
"
input#password
"
).
val
()
===
""
||
!
$
(
"
input#password
"
).
val
().
match
(
/^
[\w\d\.
_-
]
+$/
)){
$
(
"
#error
"
).
Popup
(
"
Please enter your new password!
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
...
...
@@ -29,13 +37,17 @@ $(document).ready( function() {
}
haspwd
=
true
;
}
if
(
!
$
(
"
input#rcode
"
).
val
().
match
(
/^
[\w\d]
+$/
)){
$
(
"
#error
"
).
Popup
(
"
Please enter your password recovery code.
"
,
{
type
:
'
alert
'
,
duration
:
3000
});
return
false
;
}
if
(
send
)
return
false
;
send
=
true
;
$
.
ajax
({
type
:
"
POST
"
,
url
:
$SCRIPT_ROOT
+
'
/updateAccount
'
,
data
:
{
name
:
$
(
"
input#name
"
).
val
(),
username
:
$
(
"
input#username
"
).
val
(),
email
:
$
(
"
input#email
"
).
val
(),
password
:((
haspwd
)
?
$
(
"
input#password
"
).
val
():
""
)},
password
:((
haspwd
)
?
$
(
"
input#password
"
).
val
():
""
)
,
rcode
:
$
(
"
input#rcode
"
).
val
()
},
success
:
function
(
data
){
if
(
data
.
code
==
1
){
location
.
href
=
$SCRIPT_ROOT
+
"
/
"
...
...
slapos/runner/templates/account.html
View file @
0d5fa8e6
...
...
@@ -6,7 +6,7 @@
{% endblock %}
{% block body %}
<h2
class=
'title'
>
Your personal informations
</h2><br/>
<form>
<form
class=
"account"
>
<div
class=
'form'
>
<label
for=
"name"
>
Your name:
</label>
<input
type=
'text'
name=
'name'
id=
'name'
value=
'{{name}}'
/>
...
...
@@ -24,15 +24,23 @@
<input
type=
'password'
name=
'cpassword'
id=
'cpassword'
value=
''
/>
<div
class=
'clear'
></div>
<br/>
<label
for=
"rcode"
>
Password Recover code:
</label>
<input
type=
'password'
name=
'rcode'
id=
'rcode'
value=
''
/>
<span
class=
"information"
><a
href=
"#"
id=
"information"
rel=
"tooltip"
>
help?
</a></span>
<div
class=
'clear'
></div>
<br/>
<label></label>
<input
type=
"submit"
name=
"update"
id =
"update"
value=
"Update"
class=
"button"
/>
<input
type=
"submit"
name=
"update"
id =
"update"
value=
"Update
Account
"
class=
"button"
/>
<div
class=
'clear'
></div>
<br/><br/><br/>
</div>
<div
id=
"file_info"
class=
"file_info"
>
{% if username %}leave passwords blank to preserve your current password...{%else%}
Before starting, please fill your personal informations... {%endif%}
</div>
<br/>
<input
type=
"hidden"
name=
"hasAccount"
id=
"hasAccount"
value=
"{{name}}"
/>
</form>
{% if username %}
<div
id=
"file_info"
class=
"file_info"
>
leave passwords blank to preserve your current password...
</div><br/>
{%endif%}
<div
id=
"tooltip-information"
style=
"display:none; float:left"
>
<p
style=
"font-size:12px;"
>
Please find this information in your slaprunner
<br/>
instance parameters.
</p>
</div>
{% endblock %}
slapos/runner/templates/cloneRepository.html
View file @
0d5fa8e6
...
...
@@ -18,11 +18,11 @@
<div
class=
"tabDetails"
>
<div
id=
"tab1"
class=
"tabContents"
>
<div
id=
"repository"
style=
"margin-left:40px;"
>
<label
for=
'name'
>
Project name
*
:
</label>
<label
for=
'name'
>
Project name:
</label>
<input
type=
"text"
name=
"name"
id=
"name"
size=
'20'
value=
"Enter the project name..."
/>
<label
for=
'repo'
>
url
*
:
</label>
<label
for=
'repo'
>
url:
</label>
<input
type=
"text"
name=
"repo"
id=
"repo"
size=
'25'
value=
"Enter the url of your repository..."
/><br/>
<label
for=
'user'
>
Your name:
</label>
<label
for=
'user'
>
Your name:
</label>
<input
type=
"text"
name=
"user"
id=
"user"
size=
'20'
value=
"{{name}}"
/>
<label
for=
'email'
>
Email:
</label>
<input
type=
"text"
name=
"email"
id=
"email"
size=
'25'
value=
"{% if not email %}Enter your email adress...{% else %}{{email}}{%endif%}"
/>
...
...
slapos/runner/templates/layout.html
View file @
0d5fa8e6
...
...
@@ -97,7 +97,7 @@
</div>
{% if request.path != '/login' %}
<div
id=
"footer"
>
SlapO
s
web runner
©
Vifib SARL 2011 - All right reserved - Creative Commons Shared Alike Non Commercial
SlapO
S
web runner
©
Vifib SARL 2011 - All right reserved - Creative Commons Shared Alike Non Commercial
</div>
{%endif%}
</div>
...
...
slapos/runner/utils.py
View file @
0d5fa8e6
...
...
@@ -54,8 +54,7 @@ def checkLogin(config, login, pwd):
list=[username, password, email, complete_name]
"""
user
=
getSession
(
config
)
salt
=
"runner81"
#to be changed
current_pwd
=
hashlib
.
md5
(
salt
+
pwd
).
hexdigest
()
current_pwd
=
hashlib
.
md5
(
pwd
).
hexdigest
()
if
user
and
current_pwd
==
user
[
1
]
and
login
==
user
[
0
]:
return
user
return
False
...
...
@@ -73,17 +72,12 @@ def getSession(config):
Returns:
a list of user informations or False if fail to read data.
"""
user_path
=
os
.
path
.
join
(
config
[
'
runner_work
dir'
],
'.users'
)
user_path
=
os
.
path
.
join
(
config
[
'
etc_
dir'
],
'.users'
)
user
=
""
if
os
.
path
.
exists
(
user_path
):
user
=
open
(
user_path
,
'r'
).
read
().
split
(
';'
)
if
type
(
user
)
==
type
(
""
):
#Error: try to restore data from backup
if
os
.
path
.
exists
(
user_path
+
'.back'
):
os
.
rename
(
user_path
+
'.back'
,
user_path
)
user
=
open
(
user_path
,
'r'
).
read
().
split
(
';'
)
else
:
return
False
return
False
return
user
def
saveSession
(
config
,
session
,
account
):
...
...
@@ -98,12 +92,11 @@ def saveSession(config, session, account):
Returns:
True if all goes well or str (error message) if fail
"""
user
=
os
.
path
.
join
(
config
[
'
runner_work
dir'
],
'.users'
)
user
=
os
.
path
.
join
(
config
[
'
etc_
dir'
],
'.users'
)
backup
=
False
try
:
if
account
[
1
]:
salt
=
"runner81"
#to be changed
account
[
1
]
=
hashlib
.
md5
(
salt
+
account
[
1
]).
hexdigest
()
account
[
1
]
=
hashlib
.
md5
(
account
[
1
]).
hexdigest
()
else
:
account
[
1
]
=
session
[
'account'
][
1
]
if
'account'
in
session
:
...
...
slapos/runner/views.py
View file @
0d5fa8e6
...
...
@@ -18,7 +18,7 @@ def before_request():
account
=
getSession
(
app
.
config
)
if
account
:
if
request
.
path
!=
'/login'
and
request
.
path
!=
'/doLogin'
and
\
not
checkSession
(
app
.
config
,
session
,
account
)
:
not
'account'
in
session
:
return
redirect
(
url_for
(
'login'
))
session
[
'title'
]
=
getProjectTitle
(
app
.
config
)
else
:
...
...
@@ -485,6 +485,10 @@ def updateAccount():
account
.
append
(
request
.
form
[
'password'
].
strip
())
account
.
append
(
request
.
form
[
'email'
].
strip
())
account
.
append
(
request
.
form
[
'name'
].
strip
())
code
=
request
.
form
[
'rcode'
].
strip
()
recovery_code
=
open
(
os
.
path
.
join
(
app
.
config
[
'etc_dir'
],
".rcode"
),
"r"
).
read
()
if
code
!=
recovery_code
:
return
jsonify
(
code
=
0
,
result
=
"Your password recovery code is not valid!"
)
result
=
saveSession
(
app
.
config
,
session
,
account
)
if
type
(
result
)
==
type
(
""
):
return
jsonify
(
code
=
0
,
result
=
result
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment