Merge remote-tracking branch 'melina/login'
root
commit
6d90cb073a
|
|
@ -80,6 +80,7 @@ def send_avatars_img(path):
|
||||||
'''
|
'''
|
||||||
Import all views
|
Import all views
|
||||||
'''
|
'''
|
||||||
|
from .views import LoginViews
|
||||||
from .views import MenuViews
|
from .views import MenuViews
|
||||||
from .views import AvatarViews
|
from .views import AvatarViews
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,32 @@
|
||||||
|
from admin import app
|
||||||
|
from flask_login import LoginManager, UserMixin
|
||||||
|
|
||||||
|
import os
|
||||||
|
|
||||||
|
login_manager = LoginManager()
|
||||||
|
login_manager.init_app(app)
|
||||||
|
login_manager.login_view = "login"
|
||||||
|
|
||||||
|
ram_users={
|
||||||
|
os.environ["ADMINAPP"]: {
|
||||||
|
'id': os.environ["ADMINAPP"],
|
||||||
|
'password': os.environ["ADMINAPP_PASSWORD"],
|
||||||
|
'role': 'admin'
|
||||||
|
},
|
||||||
|
os.environ["KEYCLOAK_USER"]: {
|
||||||
|
'id': os.environ["KEYCLOAK_USER"],
|
||||||
|
'password': os.environ["KEYCLOAK_PASSWORD"],
|
||||||
|
'role': 'admin-keycloak',
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class User(UserMixin):
|
||||||
|
def __init__(self, dict):
|
||||||
|
self.id = dict['id']
|
||||||
|
self.username = dict['id']
|
||||||
|
self.password = dict['password']
|
||||||
|
self.role = dict['role']
|
||||||
|
|
||||||
|
@login_manager.user_loader
|
||||||
|
def user_loader(username):
|
||||||
|
return User(ram_users[username])
|
||||||
|
|
@ -22,7 +22,7 @@
|
||||||
<link href="/isard-sso-admin/build/css/custom.min.css" rel="stylesheet">
|
<link href="/isard-sso-admin/build/css/custom.min.css" rel="stylesheet">
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
<body class="login" style="background-color:rgb(245, 169, 174)">
|
<body class="login">
|
||||||
<div>
|
<div>
|
||||||
<a class="hiddenanchor" id="signup"></a>
|
<a class="hiddenanchor" id="signup"></a>
|
||||||
<a class="hiddenanchor" id="signin"></a>
|
<a class="hiddenanchor" id="signin"></a>
|
||||||
|
|
|
||||||
|
|
@ -27,6 +27,7 @@
|
||||||
<button class="btn btn-primary btn-xs btn-sync_to_moodle">
|
<button class="btn btn-primary btn-xs btn-sync_to_moodle">
|
||||||
<i class="fa fa-refresh" aria-hidden="true"></i> Sync to Moodle
|
<i class="fa fa-refresh" aria-hidden="true"></i> Sync to Moodle
|
||||||
</button>
|
</button>
|
||||||
|
{% if current_user.role =='admin-keycloak' %}
|
||||||
<button class="btn btn-danger btn-xs btn-delete_keycloak">
|
<button class="btn btn-danger btn-xs btn-delete_keycloak">
|
||||||
<i class="fa fa-trash"></i> Delete all keycloak
|
<i class="fa fa-trash"></i> Delete all keycloak
|
||||||
</button>
|
</button>
|
||||||
|
|
@ -36,6 +37,7 @@
|
||||||
<button class="btn btn-danger btn-xs btn-delete_moodle">
|
<button class="btn btn-danger btn-xs btn-delete_moodle">
|
||||||
<i class="fa fa-trash"></i> Delete missing keycloak in moodle
|
<i class="fa fa-trash"></i> Delete missing keycloak in moodle
|
||||||
</button>
|
</button>
|
||||||
|
{% endif %}
|
||||||
<table id="users" class="table" width="100%">
|
<table id="users" class="table" width="100%">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,7 @@ from uuid import uuid4
|
||||||
import time,json
|
import time,json
|
||||||
import sys,os
|
import sys,os
|
||||||
from flask import render_template, Response, request, redirect, url_for, jsonify, send_file
|
from flask import render_template, Response, request, redirect, url_for, jsonify, send_file
|
||||||
|
from flask_login import login_required
|
||||||
|
|
||||||
from pprint import pprint
|
from pprint import pprint
|
||||||
|
|
||||||
|
|
@ -16,6 +17,7 @@ from ..lib.avatars import Avatars
|
||||||
avatars=Avatars()
|
avatars=Avatars()
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/avatar/<username>', methods=['GET'])
|
@app.route('/isard-sso-admin/avatar/<username>', methods=['GET'])
|
||||||
|
@login_required
|
||||||
def avatar(username):
|
def avatar(username):
|
||||||
userid=avatars.username2id(username)
|
userid=avatars.username2id(username)
|
||||||
if userid:
|
if userid:
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,30 @@
|
||||||
|
import os
|
||||||
|
|
||||||
|
from admin import app
|
||||||
|
from flask import render_template, flash, request, redirect, url_for
|
||||||
|
from ..auth.authentication import *
|
||||||
|
from flask_login import login_required, current_user, login_user, logout_user
|
||||||
|
|
||||||
|
@app.route('/isard-sso-admin/login', methods=['GET', 'POST'])
|
||||||
|
def login():
|
||||||
|
if request.method == 'POST':
|
||||||
|
if request.form['user'] == '' or request.form['password'] == '':
|
||||||
|
flash("Can't leave it blank",'danger')
|
||||||
|
elif request.form['user'].startswith(' '):
|
||||||
|
flash('Username not found or incorrect password.','warning')
|
||||||
|
else:
|
||||||
|
ram_user=ram_users.get(request.form['user'])
|
||||||
|
if ram_user and request.form['password'] == ram_user['password']:
|
||||||
|
user=User({'id': ram_user['id'], 'password': ram_user['password'], 'role': ram_user['role'], 'active': True})
|
||||||
|
login_user(user)
|
||||||
|
flash('Logged in successfully.','success')
|
||||||
|
return redirect(url_for('users'))
|
||||||
|
else:
|
||||||
|
flash('Username not found or incorrect password.','warning')
|
||||||
|
return render_template('login.html')
|
||||||
|
|
||||||
|
@app.route('/isard-sso-admin/logout', methods=['GET'])
|
||||||
|
@login_required
|
||||||
|
def logout():
|
||||||
|
logout_user()
|
||||||
|
return redirect(url_for('login'))
|
||||||
|
|
@ -9,6 +9,7 @@ import time,json
|
||||||
import sys,os
|
import sys,os
|
||||||
from flask import render_template, Response, request, redirect, url_for, jsonify
|
from flask import render_template, Response, request, redirect, url_for, jsonify
|
||||||
import concurrent.futures
|
import concurrent.futures
|
||||||
|
from flask_login import login_required
|
||||||
|
|
||||||
from pprint import pprint
|
from pprint import pprint
|
||||||
|
|
||||||
|
|
@ -17,13 +18,13 @@ from pprint import pprint
|
||||||
# socketio = SocketIO(app)
|
# socketio = SocketIO(app)
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/resync')
|
@app.route('/isard-sso-admin/resync')
|
||||||
# @login_required
|
@login_required
|
||||||
def resync():
|
def resync():
|
||||||
return json.dumps(app.admin.resync_data()), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.resync_data()), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/users', methods=['GET'])
|
@app.route('/isard-sso-admin/users', methods=['GET'])
|
||||||
@app.route('/isard-sso-admin/users/<provider>', methods=['POST', 'PUT', 'GET', 'DELETE'])
|
@app.route('/isard-sso-admin/users/<provider>', methods=['POST', 'PUT', 'GET', 'DELETE'])
|
||||||
# @login_required
|
@login_required
|
||||||
def users(provider=False):
|
def users(provider=False):
|
||||||
if request.method == 'DELETE':
|
if request.method == 'DELETE':
|
||||||
if provider == 'keycloak':
|
if provider == 'keycloak':
|
||||||
|
|
@ -40,25 +41,25 @@ def users(provider=False):
|
||||||
return render_template('pages/users.html', title="Users", nav="Users")
|
return render_template('pages/users.html', title="Users", nav="Users")
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/users_list')
|
@app.route('/isard-sso-admin/users_list')
|
||||||
# @login_required
|
@login_required
|
||||||
def users_list():
|
def users_list():
|
||||||
return json.dumps(app.admin.get_mix_users()), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.get_mix_users()), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/roles')
|
@app.route('/isard-sso-admin/roles')
|
||||||
# @login_required
|
@login_required
|
||||||
def roles():
|
def roles():
|
||||||
return render_template('pages/roles.html', title="Roles", nav="Roles")
|
return render_template('pages/roles.html', title="Roles", nav="Roles")
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/roles_list')
|
@app.route('/isard-sso-admin/roles_list')
|
||||||
# @login_required
|
@login_required
|
||||||
def roles_list():
|
def roles_list():
|
||||||
return json.dumps(app.admin.get_roles()), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.get_roles()), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/groups')
|
@app.route('/isard-sso-admin/groups')
|
||||||
@app.route('/isard-sso-admin/groups/<provider>', methods=['POST', 'PUT', 'GET', 'DELETE'])
|
@app.route('/isard-sso-admin/groups/<provider>', methods=['POST', 'PUT', 'GET', 'DELETE'])
|
||||||
# @login_required
|
@login_required
|
||||||
def groups(provider=False):
|
def groups(provider=False):
|
||||||
if request.method == 'DELETE':
|
if request.method == 'DELETE':
|
||||||
if provider == 'keycloak':
|
if provider == 'keycloak':
|
||||||
|
|
@ -66,13 +67,13 @@ def groups(provider=False):
|
||||||
return render_template('pages/groups.html', title="Groups", nav="Groups")
|
return render_template('pages/groups.html', title="Groups", nav="Groups")
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/groups_list')
|
@app.route('/isard-sso-admin/groups_list')
|
||||||
# @login_required
|
@login_required
|
||||||
def groups_list():
|
def groups_list():
|
||||||
return json.dumps(app.admin.get_mix_groups()), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.get_mix_groups()), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/external', methods=['POST', 'PUT', 'GET'])
|
@app.route('/isard-sso-admin/external', methods=['POST', 'PUT', 'GET'])
|
||||||
# @login_required
|
@login_required
|
||||||
def external():
|
def external():
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
data=request.get_json(force=True)
|
data=request.get_json(force=True)
|
||||||
|
|
@ -86,17 +87,17 @@ def external():
|
||||||
return render_template('pages/external.html', title="External", nav="External")
|
return render_template('pages/external.html', title="External", nav="External")
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/external_users_list')
|
@app.route('/isard-sso-admin/external_users_list')
|
||||||
# @login_required
|
@login_required
|
||||||
def external_users_list():
|
def external_users_list():
|
||||||
return json.dumps(app.admin.get_external_users()), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.get_external_users()), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/external_groups_list')
|
@app.route('/isard-sso-admin/external_groups_list')
|
||||||
# @login_required
|
@login_required
|
||||||
def external_groups_list():
|
def external_groups_list():
|
||||||
return json.dumps(app.admin.get_external_groups()), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.get_external_groups()), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
||||||
@app.route('/isard-sso-admin/external/roles', methods=['PUT'])
|
@app.route('/isard-sso-admin/external/roles', methods=['PUT'])
|
||||||
# @login_required
|
@login_required
|
||||||
def external_roles():
|
def external_roles():
|
||||||
if request.method == 'PUT':
|
if request.method == 'PUT':
|
||||||
return json.dumps(app.admin.external_roleassign(request.get_json(force=True))), 200, {'Content-Type': 'application/json'}
|
return json.dumps(app.admin.external_roleassign(request.get_json(force=True))), 200, {'Content-Type': 'application/json'}
|
||||||
|
|
|
||||||
|
|
@ -97,8 +97,8 @@ backend be_admin
|
||||||
timeout queue 600s
|
timeout queue 600s
|
||||||
timeout server 600s
|
timeout server 600s
|
||||||
timeout connect 600s
|
timeout connect 600s
|
||||||
acl authorized http_auth(AuthUsers)
|
# acl authorized http_auth(AuthUsers)
|
||||||
http-request auth realm AuthUsers unless authorized
|
# http-request auth realm AuthUsers unless authorized
|
||||||
acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
|
acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
|
||||||
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
|
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
|
||||||
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
|
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
|
||||||
|
|
@ -107,11 +107,11 @@ backend be_admin
|
||||||
|
|
||||||
backend be_adminer
|
backend be_adminer
|
||||||
mode http
|
mode http
|
||||||
acl authorized http_auth(AuthUsers)
|
# acl authorized http_auth(AuthUsers)
|
||||||
http-request auth realm AuthUsers unless authorized
|
# http-request auth realm AuthUsers unless authorized
|
||||||
http-request redirect scheme http drop-query append-slash if { path -m str /isard-sso-adminer }
|
http-request redirect scheme http drop-query append-slash if { path -m str /isard-sso-adminer }
|
||||||
http-request replace-path /isard-sso-adminer/(.*) /\1
|
http-request replace-path /isard-sso-adminer/(.*) /\1
|
||||||
http-request del-header Authorization
|
# http-request del-header Authorization
|
||||||
acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
|
acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
|
||||||
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
|
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
|
||||||
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
|
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue