Admin login
Melina Gamboa
parent
29b7bdef1d
commit
a382f2ff09
|
|
@ -80,6 +80,7 @@ def send_avatars_img(path):
|
|||
'''
|
||||
Import all views
|
||||
'''
|
||||
from .views import LoginViews
|
||||
from .views import MenuViews
|
||||
from .views import AvatarViews
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,32 @@
|
|||
from admin import app
|
||||
from flask_login import LoginManager, UserMixin
|
||||
|
||||
import os
|
||||
|
||||
login_manager = LoginManager()
|
||||
login_manager.init_app(app)
|
||||
login_manager.login_view = "login"
|
||||
|
||||
ram_users={
|
||||
os.environ["ADMINAPP"]: {
|
||||
'id': os.environ["ADMINAPP"],
|
||||
'password': os.environ["ADMINAPP_PASSWORD"],
|
||||
'role': 'admin'
|
||||
},
|
||||
os.environ["KEYCLOAK_USER"]: {
|
||||
'id': os.environ["KEYCLOAK_USER"],
|
||||
'password': os.environ["KEYCLOAK_PASSWORD"],
|
||||
'role': 'admin-keycloak',
|
||||
}
|
||||
}
|
||||
|
||||
class User(UserMixin):
|
||||
def __init__(self, dict):
|
||||
self.id = dict['id']
|
||||
self.username = dict['id']
|
||||
self.password = dict['password']
|
||||
self.role = dict['role']
|
||||
|
||||
@login_manager.user_loader
|
||||
def user_loader(username):
|
||||
return User(ram_users[username])
|
||||
|
|
@ -22,7 +22,7 @@
|
|||
<link href="/isard-sso-admin/build/css/custom.min.css" rel="stylesheet">
|
||||
</head>
|
||||
|
||||
<body class="login" style="background-color:rgb(245, 169, 174)">
|
||||
<body class="login">
|
||||
<div>
|
||||
<a class="hiddenanchor" id="signup"></a>
|
||||
<a class="hiddenanchor" id="signin"></a>
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@
|
|||
<button class="btn btn-primary btn-xs btn-sync_to_moodle">
|
||||
<i class="fa fa-refresh" aria-hidden="true"></i> Sync to Moodle
|
||||
</button>
|
||||
{% if current_user.role =='admin-keycloak' %}
|
||||
<button class="btn btn-danger btn-xs btn-delete_keycloak">
|
||||
<i class="fa fa-trash"></i> Delete all keycloak
|
||||
</button>
|
||||
|
|
@ -36,6 +37,7 @@
|
|||
<button class="btn btn-danger btn-xs btn-delete_moodle">
|
||||
<i class="fa fa-trash"></i> Delete missing keycloak in moodle
|
||||
</button>
|
||||
{% endif %}
|
||||
<table id="users" class="table" width="100%">
|
||||
<thead>
|
||||
<tr>
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ from uuid import uuid4
|
|||
import time,json
|
||||
import sys,os
|
||||
from flask import render_template, Response, request, redirect, url_for, jsonify, send_file
|
||||
from flask_login import login_required
|
||||
|
||||
from pprint import pprint
|
||||
|
||||
|
|
@ -16,6 +17,7 @@ from ..lib.avatars import Avatars
|
|||
avatars=Avatars()
|
||||
|
||||
@app.route('/isard-sso-admin/avatar/<username>', methods=['GET'])
|
||||
@login_required
|
||||
def avatar(username):
|
||||
userid=avatars.username2id(username)
|
||||
if userid:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
import os
|
||||
|
||||
from admin import app
|
||||
from flask import render_template, flash, request, redirect, url_for
|
||||
from ..auth.authentication import *
|
||||
from flask_login import login_required, current_user, login_user, logout_user
|
||||
|
||||
@app.route('/isard-sso-admin/login', methods=['GET', 'POST'])
|
||||
def login():
|
||||
if request.method == 'POST':
|
||||
if request.form['user'] == '' or request.form['password'] == '':
|
||||
flash("Can't leave it blank",'danger')
|
||||
elif request.form['user'].startswith(' '):
|
||||
flash('Username not found or incorrect password.','warning')
|
||||
else:
|
||||
ram_user=ram_users.get(request.form['user'])
|
||||
if ram_user and request.form['password'] == ram_user['password']:
|
||||
user=User({'id': ram_user['id'], 'password': ram_user['password'], 'role': ram_user['role'], 'active': True})
|
||||
login_user(user)
|
||||
flash('Logged in successfully.','success')
|
||||
return redirect(url_for('users'))
|
||||
else:
|
||||
flash('Username not found or incorrect password.','warning')
|
||||
return render_template('login.html')
|
||||
|
||||
@app.route('/isard-sso-admin/logout', methods=['GET'])
|
||||
@login_required
|
||||
def logout():
|
||||
logout_user()
|
||||
return redirect(url_for('login'))
|
||||
|
|
@ -9,6 +9,7 @@ import time,json
|
|||
import sys,os
|
||||
from flask import render_template, Response, request, redirect, url_for, jsonify
|
||||
import concurrent.futures
|
||||
from flask_login import login_required
|
||||
|
||||
from pprint import pprint
|
||||
|
||||
|
|
@ -17,13 +18,13 @@ from pprint import pprint
|
|||
# socketio = SocketIO(app)
|
||||
|
||||
@app.route('/isard-sso-admin/resync')
|
||||
# @login_required
|
||||
@login_required
|
||||
def resync():
|
||||
return json.dumps(app.admin.resync_data()), 200, {'Content-Type': 'application/json'}
|
||||
|
||||
@app.route('/isard-sso-admin/users', methods=['GET'])
|
||||
@app.route('/isard-sso-admin/users/<provider>', methods=['POST', 'PUT', 'GET', 'DELETE'])
|
||||
# @login_required
|
||||
@login_required
|
||||
def users(provider=False):
|
||||
if request.method == 'DELETE':
|
||||
if provider == 'keycloak':
|
||||
|
|
@ -40,25 +41,25 @@ def users(provider=False):
|
|||
return render_template('pages/users.html', title="Users", nav="Users")
|
||||
|
||||
@app.route('/isard-sso-admin/users_list')
|
||||
# @login_required
|
||||
@login_required
|
||||
def users_list():
|
||||
return json.dumps(app.admin.get_mix_users()), 200, {'Content-Type': 'application/json'}
|
||||
|
||||
|
||||
@app.route('/isard-sso-admin/roles')
|
||||
# @login_required
|
||||
@login_required
|
||||
def roles():
|
||||
return render_template('pages/roles.html', title="Roles", nav="Roles")
|
||||
|
||||
@app.route('/isard-sso-admin/roles_list')
|
||||
# @login_required
|
||||
@login_required
|
||||
def roles_list():
|
||||
return json.dumps(app.admin.get_roles()), 200, {'Content-Type': 'application/json'}
|
||||
|
||||
|
||||
@app.route('/isard-sso-admin/groups')
|
||||
@app.route('/isard-sso-admin/groups/<provider>', methods=['POST', 'PUT', 'GET', 'DELETE'])
|
||||
# @login_required
|
||||
@login_required
|
||||
def groups(provider=False):
|
||||
if request.method == 'DELETE':
|
||||
if provider == 'keycloak':
|
||||
|
|
@ -66,13 +67,13 @@ def groups(provider=False):
|
|||
return render_template('pages/groups.html', title="Groups", nav="Groups")
|
||||
|
||||
@app.route('/isard-sso-admin/groups_list')
|
||||
# @login_required
|
||||
@login_required
|
||||
def groups_list():
|
||||
return json.dumps(app.admin.get_mix_groups()), 200, {'Content-Type': 'application/json'}
|
||||
|
||||
|
||||
@app.route('/isard-sso-admin/external', methods=['POST', 'PUT', 'GET'])
|
||||
# @login_required
|
||||
@login_required
|
||||
def external():
|
||||
if request.method == 'POST':
|
||||
data=request.get_json(force=True)
|
||||
|
|
@ -86,17 +87,17 @@ def external():
|
|||
return render_template('pages/external.html', title="External", nav="External")
|
||||
|
||||
@app.route('/isard-sso-admin/external_users_list')
|
||||
# @login_required
|
||||
@login_required
|
||||
def external_users_list():
|
||||
return json.dumps(app.admin.get_external_users()), 200, {'Content-Type': 'application/json'}
|
||||
|
||||
@app.route('/isard-sso-admin/external_groups_list')
|
||||
# @login_required
|
||||
@login_required
|
||||
def external_groups_list():
|
||||
return json.dumps(app.admin.get_external_groups()), 200, {'Content-Type': 'application/json'}
|
||||
|
||||
@app.route('/isard-sso-admin/external/roles', methods=['PUT'])
|
||||
# @login_required
|
||||
@login_required
|
||||
def external_roles():
|
||||
if request.method == 'PUT':
|
||||
return json.dumps(app.admin.external_roleassign(request.get_json(force=True))), 200, {'Content-Type': 'application/json'}
|
||||
|
|
|
|||
|
|
@ -97,8 +97,8 @@ backend be_admin
|
|||
timeout queue 600s
|
||||
timeout server 600s
|
||||
timeout connect 600s
|
||||
acl authorized http_auth(AuthUsers)
|
||||
http-request auth realm AuthUsers unless authorized
|
||||
# acl authorized http_auth(AuthUsers)
|
||||
# http-request auth realm AuthUsers unless authorized
|
||||
acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
|
||||
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
|
||||
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
|
||||
|
|
@ -107,11 +107,11 @@ backend be_admin
|
|||
|
||||
backend be_adminer
|
||||
mode http
|
||||
acl authorized http_auth(AuthUsers)
|
||||
http-request auth realm AuthUsers unless authorized
|
||||
# acl authorized http_auth(AuthUsers)
|
||||
# http-request auth realm AuthUsers unless authorized
|
||||
http-request redirect scheme http drop-query append-slash if { path -m str /isard-sso-adminer }
|
||||
http-request replace-path /isard-sso-adminer/(.*) /\1
|
||||
http-request del-header Authorization
|
||||
# http-request del-header Authorization
|
||||
acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
|
||||
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
|
||||
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
|
||||
|
|
|
|||
Loading…
Reference in New Issue