Ajout fonction première connexion et correction base de donnée
This commit is contained in:
parent
3451259a57
commit
78227870bc
11
config.py
11
config.py
@ -1,10 +1,11 @@
|
||||
|
||||
# L'adresse de base de votre site.
|
||||
# example BASE_URL="http://localhost/"
|
||||
BASE_URL="https://profil.kitoy.me/"
|
||||
# example BASE_URL="https://example.com"
|
||||
BASE_URL="http://localhost:8000/" # si vous lancez pywallter avec flask run"
|
||||
|
||||
|
||||
BASE_URL="http://localhost:8000/"
|
||||
# Essentiels pour les cookies
|
||||
SECRET_KEY="La super putain de passephrase de mort"
|
||||
SECRET_KEY="CHANGE-ME"
|
||||
|
||||
# Dossier où seront stocker les fichiers
|
||||
DOSSIER_APP = "./users/"
|
||||
@ -18,7 +19,7 @@ EXT_IMG= {'.jpg', '.JPG', '.png', '.PNG', '.gif', '.GIF', '.bmp', '.BMP', '.jpeg
|
||||
# Service
|
||||
# XMPP = True => Le service est installé et lancer
|
||||
# XMMP = False => Le service est désactivé
|
||||
XMPP_SERVER = True
|
||||
XMPP_SERVER = False
|
||||
|
||||
# Service Mail
|
||||
# MAIL_SERVER = True => Le service est installé et lancer
|
||||
|
@ -29,11 +29,13 @@
|
||||
{% if signin_enable %}
|
||||
<form method="POST" action="{{ url_inscription }}">
|
||||
<input type="text" name="user" id="user" placeholder="Pseudo" class="form-control"><br />
|
||||
{% if MAIL_SERVER %}
|
||||
<div class="col-sm-7">
|
||||
<input type="text" name="mail" id="mail" placeholder="Adresse mail" class="form-control" size="2"> <br/>
|
||||
</div>
|
||||
<h4>@{{hostname}}</h4>
|
||||
<br/>
|
||||
{% endif %}
|
||||
<input type="password" name="passwd" id="passwd" placeholder="Mot de passe" class="form-control"><br />
|
||||
<input type="password" name="passwdconfirm" id="passwdconfirm" placeholder="Confirmation du mot de passe" class="form-control"><br />
|
||||
<br>
|
||||
|
@ -5,6 +5,7 @@
|
||||
|
||||
|
||||
<div class="row">
|
||||
{% if MAIL_SERVER %}
|
||||
<div class="col-md-12">
|
||||
<table class="table">
|
||||
<thead>
|
||||
@ -39,7 +40,7 @@
|
||||
|
||||
<p> Votre Adresse e-mail sur ce serveur : {{ email }} </p>
|
||||
|
||||
<label> Nouvelles identité </label>
|
||||
<label> Nouvelle identité </label>
|
||||
<br/>
|
||||
<div class="col-sm-7">
|
||||
<input type="text" name="alias" id="alias" placeholder="Nouvel_identité" class="form-control"><br />
|
||||
@ -51,15 +52,28 @@
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% else %}
|
||||
<div class="panel panel-primary">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title"> Mes identitées </h3>
|
||||
</div>
|
||||
|
||||
|
||||
<div class="panel-body">
|
||||
<h2> Le serveur de mail n'est pas activé cette fonctionnalité est désactivé <h2>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
{# on affiche les messages d'erreur puis les messages de succes #}
|
||||
{% for categorie in ['error', 'succes'] %}
|
||||
{% with msgs = get_flashed_messages(category_filter=[categorie]) %}
|
||||
{% if msgs %}
|
||||
<div class="flashed {{ categorie }}">
|
||||
{% for m in msgs %}
|
||||
<p>{{ m|safe }}</p>
|
||||
{% endfor %}
|
||||
</div>
|
||||
|
||||
<div class="flashed {{ categorie }}">
|
||||
{% for m in msgs %}
|
||||
<p>{{ m|safe }}</p>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{% endif %}
|
||||
{% endwith %}
|
||||
{% endfor %}
|
||||
|
@ -1,10 +1,12 @@
|
||||
from flask import Flask
|
||||
import sqlite3
|
||||
import os
|
||||
from tools.utils import gen_token
|
||||
from flask_bcrypt import Bcrypt
|
||||
|
||||
app = Flask( 'pywallter' )
|
||||
app.config.from_pyfile('config.py')
|
||||
|
||||
bcrypt = Bcrypt(app)
|
||||
|
||||
DATABASE = app.config['DATABASE']
|
||||
DOSSIER_PERSO = app.config['DOSSIER_APP']
|
||||
@ -17,8 +19,8 @@ def init_db():
|
||||
cursor = conn.cursor()
|
||||
cursor.execute("""
|
||||
CREATE TABLE IF NOT EXISTS users(
|
||||
Mail CHAR(80) PRIMARY KEY UNIQUE NOT NULL,
|
||||
name TEXT,
|
||||
Mail TEXT UNIQUE,
|
||||
name TEXT primary KEY UNIQUE NOT NULL,
|
||||
alias TEXT,
|
||||
xmpp TEXT,
|
||||
passwd TEXT,
|
||||
@ -46,6 +48,16 @@ def init_db():
|
||||
)
|
||||
""")
|
||||
conn.commit()
|
||||
cursor.execute("""select * from users""")
|
||||
accounts = cursor.fetchall()
|
||||
# Si aucun account n'est crée on créé l'utilisateur
|
||||
# pywallter qui permet la première inscription
|
||||
if not(accounts) :
|
||||
user = "pywallter"
|
||||
token = gen_token()
|
||||
passwd_bcrypt = bcrypt.generate_password_hash(token)
|
||||
cursor.execute("""INSERT INTO users(name, passwd, token) VALUES(?, ?, ?)""", (user, passwd_bcrypt, token))
|
||||
conn.commit()
|
||||
conn.close()
|
||||
print ('table posts OK')
|
||||
|
||||
|
@ -26,26 +26,33 @@ def append_to_log(log_line, user):
|
||||
|
||||
def email_disp(email):
|
||||
disp = True
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
unique_at = len(email.split('@'))
|
||||
print (unique_at)
|
||||
if len(email) < 80 and unique_at == 2:
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
|
||||
|
||||
cursor.execute("""SELECT mail FROM users WHERE mail=?""", (email,))
|
||||
testmail = cursor.fetchall()
|
||||
if testmail:
|
||||
print ("on passe ici")
|
||||
cursor.execute("""SELECT mail FROM users WHERE mail=?""", (email,))
|
||||
testmail = cursor.fetchall()
|
||||
if testmail :
|
||||
disp = False
|
||||
|
||||
if disp:
|
||||
cursor.execute("""SELECT alias FROM users""")
|
||||
aliases = cursor.fetchall()
|
||||
for alist in aliases:
|
||||
for alias in alist:
|
||||
if alias:
|
||||
if email in alias:
|
||||
disp=False
|
||||
|
||||
else:
|
||||
disp = False
|
||||
|
||||
if disp:
|
||||
cursor.execute("""SELECT alias FROM users""")
|
||||
aliases = cursor.fetchall()
|
||||
for alist in aliases:
|
||||
for alias in alist:
|
||||
if alias:
|
||||
if email in alias:
|
||||
disp=False
|
||||
return disp
|
||||
|
||||
|
||||
def valid_token_register(token):
|
||||
valid = True
|
||||
print(token)
|
||||
|
@ -29,39 +29,58 @@ inscription = Blueprint('inscription', __name__, template_folder='templates')
|
||||
@inscription.route( '/inscription/<token>', methods=['GET','POST'] )
|
||||
def signin(token) :
|
||||
hostname = gethostname()
|
||||
url_inscription = BASE_URL+'inscription/'+token
|
||||
resp = None
|
||||
if app.config['SIGNIN_ENABLE'] and valid_token_register(token):
|
||||
if 'username' in session :
|
||||
resp = redirect(url_for('profil.profile', _external=True))
|
||||
else :
|
||||
if request.method == 'POST':
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
if not(request.form['user']) or not(request.form['passwd']) or not(request.form['mail']):
|
||||
flash(u'Il faut remplir le formulaire en entier, les champs ne peuvent pas etre vide ', 'error')
|
||||
return render_template('inscription.html',
|
||||
signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
|
||||
user = request.form['user']
|
||||
mail = request.form['mail']+'@'+hostname
|
||||
passwd = request.form['passwd']
|
||||
|
||||
mail = ""
|
||||
passwdconfirm = request.form['passwdconfirm']
|
||||
bcrypt_passwd = bcrypt.generate_password_hash(request.form['passwd'])
|
||||
mail_passwd_change = 0
|
||||
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
|
||||
cursor.execute("""SELECT name FROM users WHERE name=?""", (user,))
|
||||
testuser = cursor.fetchone()
|
||||
conn.close()
|
||||
|
||||
|
||||
if MAIL_SERVER:
|
||||
cmd = SETUID + " set_mail_passwd " + "'"+mail+"' " + "'"+passwd+"'"
|
||||
mail_passwd_change = os.system(cmd)
|
||||
mail = request.form['mail']+'@'+hostname
|
||||
if not(email_disp(mail)) :
|
||||
flash(u'Adresse email déjà utilisé ou invalide, merci d\'en choisir une autre', 'error')
|
||||
resp = render_template('inscription.html',
|
||||
signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
else:
|
||||
cmd = SETUID + " set_mail_passwd " + "'"+mail+"' " + "'"+passwd+"'"
|
||||
mail_passwd_change = os.system(cmd)
|
||||
|
||||
|
||||
if testuser:
|
||||
if testuser or mail_passwd_change != 0 or resp:
|
||||
flash(u'Non d\'utilisateur déjà utilisé, merci d\'en choisir un autre', 'error')
|
||||
resp = render_template('inscription.html',
|
||||
signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
hostname=hostname)
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
|
||||
elif not(email_disp(mail)) or mail_passwd_change != 0 :
|
||||
flash(u'Adresse email déjà utilisé, merci d\'en choisir un autre', 'error')
|
||||
resp = render_template('inscription.html',
|
||||
signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
hostname=hostname)
|
||||
else:
|
||||
confirmation = bcrypt.check_password_hash(bcrypt_passwd, passwdconfirm)
|
||||
if confirmation is True:
|
||||
@ -83,7 +102,7 @@ def signin(token) :
|
||||
users = cursor.fetchall()
|
||||
for i in users:
|
||||
i = print('{0} - {1} - {2}'.format(i[0], i[1], i[2]))
|
||||
|
||||
|
||||
userracine = DOSSIER_PERSO + user
|
||||
userfiles = userracine + '/files'
|
||||
userimages = userracine + '/images'
|
||||
@ -114,12 +133,16 @@ def signin(token) :
|
||||
flash(u'Les mots de passe ne sont pas identiques !', 'error')
|
||||
resp = render_template('inscription.html',
|
||||
signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
hostname=hostname)
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
else :
|
||||
url_inscription = BASE_URL+'inscription/'+token
|
||||
|
||||
resp = render_template('inscription.html',
|
||||
signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
token=token, hostname=hostname, url_inscription=url_inscription)
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
else:
|
||||
resp = redirect(BASE_URL, code=401)
|
||||
|
||||
|
@ -1,6 +1,7 @@
|
||||
from flask import Blueprint, Flask, request, flash, render_template, url_for, session, redirect, abort, make_response, send_file, escape
|
||||
import sqlite3
|
||||
from flask_bcrypt import Bcrypt
|
||||
from socket import gethostname
|
||||
|
||||
app = Flask( 'pywallter' )
|
||||
app.config.from_pyfile('config.py')
|
||||
@ -14,6 +15,10 @@ DOSSIER_PERSO= app.config['DOSSIER_APP']
|
||||
extensionimg = app.config['EXT_IMG']
|
||||
|
||||
DATABASE = app.config['DATABASE']
|
||||
|
||||
BASE_URL = app.config['BASE_URL']
|
||||
|
||||
MAIL_SERVER = app.config['MAIL_SERVER']
|
||||
##################################################################################################
|
||||
|
||||
|
||||
@ -52,7 +57,22 @@ def logout():
|
||||
|
||||
@loginlogout.route( '/' )
|
||||
def index():
|
||||
|
||||
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
cursor.execute("""SELECT token passwd FROM users where name=? """, ("pywallter", ))
|
||||
tmp = cursor.fetchone()
|
||||
conn.close
|
||||
token = tmp[0]
|
||||
if 'username' in session :
|
||||
return redirect(url_for('profil.profile'))
|
||||
else :
|
||||
return redirect(url_for('loginlogout.login', _external=True))
|
||||
if token:
|
||||
hostname = gethostname()
|
||||
url_inscription = BASE_URL+'inscription/'+token
|
||||
return render_template('inscription.html', signin_enable=app.config['SIGNIN_ENABLE'],
|
||||
token=token, hostname=hostname,
|
||||
url_inscription=url_inscription,
|
||||
MAIL_SERVER=MAIL_SERVER)
|
||||
else:
|
||||
return redirect(url_for('loginlogout.login', _external=True))
|
||||
|
@ -128,9 +128,9 @@ def change_passwd() :
|
||||
mail_passwd_change = 0
|
||||
xmmp_passwd_change = 0
|
||||
passwd = request.form['password']
|
||||
|
||||
mail_passwd_change = 0
|
||||
if MAIL_SERVER:
|
||||
cmd = SETUID+ " set_mail_passwd " + "'"+mailbox['Mail']+"' "+"'"+passwd+"'"
|
||||
cmd = SETUID+ " set_mail_passwd " + "'"+mailbox['Mail']+"' "+"'"+passwd+"'"
|
||||
mail_passwd_change = os.system(cmd)
|
||||
|
||||
|
||||
@ -190,7 +190,7 @@ def myalias():
|
||||
aliases = alias_list + "," +alias
|
||||
else:
|
||||
aliases = alias
|
||||
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" add "+"'"+alias+"'"
|
||||
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" add "+"'"+alias+"'"
|
||||
res = os.system(cmd)
|
||||
if res == 0:
|
||||
cursor.execute("UPDATE users SET alias=? WHERE name=?",
|
||||
@ -223,7 +223,7 @@ def myalias():
|
||||
email=mailbox['Mail'],
|
||||
aliases=mailbox['alias'],
|
||||
hostname=hostname,
|
||||
Mail_active=MAIL_SERVER,
|
||||
MAIL_SERVER=MAIL_SERVER,
|
||||
username=UTILISATEUR )
|
||||
|
||||
else:
|
||||
@ -247,7 +247,7 @@ def remove_alias(aliasrm):
|
||||
aliases = aliases + "," + alias
|
||||
else:
|
||||
aliases = alias
|
||||
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" del "+"'"+alias+"'"
|
||||
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" del "+"'"+alias+"'"
|
||||
res = os.system(cmd)
|
||||
if res == 0:
|
||||
cursor.execute("UPDATE users SET alias=? WHERE name=?",
|
||||
@ -276,11 +276,14 @@ def invitation():
|
||||
cursor = conn.cursor() # Création de l'objet "curseur"
|
||||
cursor.execute("""SELECT Token, invitations FROM users WHERE name=?""", (UTILISATEUR,))
|
||||
tmp = cursor.fetchone()
|
||||
print (tmp[0])
|
||||
token = tmp[0]
|
||||
if token:
|
||||
url_invitation = BASE_URL + 'inscription/' + token
|
||||
else:
|
||||
url_invitation = ""
|
||||
invitations_count = tmp[1]
|
||||
conn.close()
|
||||
url_invitation = BASE_URL + 'inscription/' + token
|
||||
|
||||
return render_template('invitation.html',
|
||||
section='Profil',
|
||||
nb_invitation=invitations_count,
|
||||
|
Loading…
Reference in New Issue
Block a user