Ajout fonction première connexion et correction base de donnée

This commit is contained in:
kitoy 2022-08-07 17:36:20 +02:00
parent 3451259a57
commit 78227870bc
10 changed files with 135 additions and 54 deletions

View File

@ -1,10 +1,11 @@
# L'adresse de base de votre site. # L'adresse de base de votre site.
# example BASE_URL="http://localhost/" # example BASE_URL="https://example.com"
BASE_URL="https://profil.kitoy.me/" BASE_URL="http://localhost:8000/" # si vous lancez pywallter avec flask run"
BASE_URL="http://localhost:8000/"
# Essentiels pour les cookies # Essentiels pour les cookies
SECRET_KEY="La super putain de passephrase de mort" SECRET_KEY="CHANGE-ME"
# Dossier où seront stocker les fichiers # Dossier où seront stocker les fichiers
DOSSIER_APP = "./users/" DOSSIER_APP = "./users/"
@ -18,7 +19,7 @@ EXT_IMG= {'.jpg', '.JPG', '.png', '.PNG', '.gif', '.GIF', '.bmp', '.BMP', '.jpeg
# Service # Service
# XMPP = True => Le service est installé et lancer # XMPP = True => Le service est installé et lancer
# XMMP = False => Le service est désactivé # XMMP = False => Le service est désactivé
XMPP_SERVER = True XMPP_SERVER = False
# Service Mail # Service Mail
# MAIL_SERVER = True => Le service est installé et lancer # MAIL_SERVER = True => Le service est installé et lancer

0
sqlite Normal file
View File

View File

@ -29,11 +29,13 @@
{% if signin_enable %} {% if signin_enable %}
<form method="POST" action="{{ url_inscription }}"> <form method="POST" action="{{ url_inscription }}">
<input type="text" name="user" id="user" placeholder="Pseudo" class="form-control"><br /> <input type="text" name="user" id="user" placeholder="Pseudo" class="form-control"><br />
{% if MAIL_SERVER %}
<div class="col-sm-7"> <div class="col-sm-7">
<input type="text" name="mail" id="mail" placeholder="Adresse mail" class="form-control" size="2"> <br/> <input type="text" name="mail" id="mail" placeholder="Adresse mail" class="form-control" size="2"> <br/>
</div> </div>
<h4>@{{hostname}}</h4> <h4>@{{hostname}}</h4>
<br/> <br/>
{% endif %}
<input type="password" name="passwd" id="passwd" placeholder="Mot de passe" class="form-control"><br /> <input type="password" name="passwd" id="passwd" placeholder="Mot de passe" class="form-control"><br />
<input type="password" name="passwdconfirm" id="passwdconfirm" placeholder="Confirmation du mot de passe" class="form-control"><br /> <input type="password" name="passwdconfirm" id="passwdconfirm" placeholder="Confirmation du mot de passe" class="form-control"><br />
<br> <br>

View File

@ -5,6 +5,7 @@
<div class="row"> <div class="row">
{% if MAIL_SERVER %}
<div class="col-md-12"> <div class="col-md-12">
<table class="table"> <table class="table">
<thead> <thead>
@ -39,7 +40,7 @@
<p> Votre Adresse e-mail sur ce serveur : {{ email }} </p> <p> Votre Adresse e-mail sur ce serveur : {{ email }} </p>
<label> Nouvelles identité </label> <label> Nouvelle identité </label>
<br/> <br/>
<div class="col-sm-7"> <div class="col-sm-7">
<input type="text" name="alias" id="alias" placeholder="Nouvel_identité" class="form-control"><br /> <input type="text" name="alias" id="alias" placeholder="Nouvel_identité" class="form-control"><br />
@ -51,10 +52,23 @@
</form> </form>
</div> </div>
</div> </div>
{% else %}
<div class="panel panel-primary">
<div class="panel-heading">
<h3 class="panel-title"> Mes identitées </h3>
</div>
<div class="panel-body">
<h2> Le serveur de mail n'est pas activé cette fonctionnalité est désactivé <h2>
</div>
</div>
{% endif %}
{# on affiche les messages d'erreur puis les messages de succes #} {# on affiche les messages d'erreur puis les messages de succes #}
{% for categorie in ['error', 'succes'] %} {% for categorie in ['error', 'succes'] %}
{% with msgs = get_flashed_messages(category_filter=[categorie]) %} {% with msgs = get_flashed_messages(category_filter=[categorie]) %}
{% if msgs %} {% if msgs %}
<div class="flashed {{ categorie }}"> <div class="flashed {{ categorie }}">
{% for m in msgs %} {% for m in msgs %}
<p>{{ m|safe }}</p> <p>{{ m|safe }}</p>

View File

@ -1,10 +1,12 @@
from flask import Flask from flask import Flask
import sqlite3 import sqlite3
import os import os
from tools.utils import gen_token
from flask_bcrypt import Bcrypt
app = Flask( 'pywallter' ) app = Flask( 'pywallter' )
app.config.from_pyfile('config.py') app.config.from_pyfile('config.py')
bcrypt = Bcrypt(app)
DATABASE = app.config['DATABASE'] DATABASE = app.config['DATABASE']
DOSSIER_PERSO = app.config['DOSSIER_APP'] DOSSIER_PERSO = app.config['DOSSIER_APP']
@ -17,8 +19,8 @@ def init_db():
cursor = conn.cursor() cursor = conn.cursor()
cursor.execute(""" cursor.execute("""
CREATE TABLE IF NOT EXISTS users( CREATE TABLE IF NOT EXISTS users(
Mail CHAR(80) PRIMARY KEY UNIQUE NOT NULL, Mail TEXT UNIQUE,
name TEXT, name TEXT primary KEY UNIQUE NOT NULL,
alias TEXT, alias TEXT,
xmpp TEXT, xmpp TEXT,
passwd TEXT, passwd TEXT,
@ -46,6 +48,16 @@ def init_db():
) )
""") """)
conn.commit() conn.commit()
cursor.execute("""select * from users""")
accounts = cursor.fetchall()
# Si aucun account n'est crée on créé l'utilisateur
# pywallter qui permet la première inscription
if not(accounts) :
user = "pywallter"
token = gen_token()
passwd_bcrypt = bcrypt.generate_password_hash(token)
cursor.execute("""INSERT INTO users(name, passwd, token) VALUES(?, ?, ?)""", (user, passwd_bcrypt, token))
conn.commit()
conn.close() conn.close()
print ('table posts OK') print ('table posts OK')

View File

@ -26,14 +26,16 @@ def append_to_log(log_line, user):
def email_disp(email): def email_disp(email):
disp = True disp = True
unique_at = len(email.split('@'))
print (unique_at)
if len(email) < 80 and unique_at == 2:
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur" cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT mail FROM users WHERE mail=?""", (email,)) cursor.execute("""SELECT mail FROM users WHERE mail=?""", (email,))
testmail = cursor.fetchall() testmail = cursor.fetchall()
if testmail: if testmail :
print ("on passe ici")
disp = False disp = False
if disp: if disp:
@ -44,8 +46,13 @@ def email_disp(email):
if alias: if alias:
if email in alias: if email in alias:
disp=False disp=False
else:
disp = False
return disp return disp
def valid_token_register(token): def valid_token_register(token):
valid = True valid = True
print(token) print(token)

View File

@ -29,39 +29,58 @@ inscription = Blueprint('inscription', __name__, template_folder='templates')
@inscription.route( '/inscription/<token>', methods=['GET','POST'] ) @inscription.route( '/inscription/<token>', methods=['GET','POST'] )
def signin(token) : def signin(token) :
hostname = gethostname() hostname = gethostname()
url_inscription = BASE_URL+'inscription/'+token
resp = None
if app.config['SIGNIN_ENABLE'] and valid_token_register(token): if app.config['SIGNIN_ENABLE'] and valid_token_register(token):
if 'username' in session : if 'username' in session :
resp = redirect(url_for('profil.profile', _external=True)) resp = redirect(url_for('profil.profile', _external=True))
else : else :
if request.method == 'POST': if request.method == 'POST':
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée if not(request.form['user']) or not(request.form['passwd']) or not(request.form['mail']):
cursor = conn.cursor() # Création de l'objet "curseur" flash(u'Il faut remplir le formulaire en entier, les champs ne peuvent pas etre vide ', 'error')
user = request.form['user'] return render_template('inscription.html',
mail = request.form['mail']+'@'+hostname signin_enable=app.config['SIGNIN_ENABLE'],
passwd = request.form['passwd'] token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
user = request.form['user']
passwd = request.form['passwd']
mail = ""
passwdconfirm = request.form['passwdconfirm'] passwdconfirm = request.form['passwdconfirm']
bcrypt_passwd = bcrypt.generate_password_hash(request.form['passwd']) bcrypt_passwd = bcrypt.generate_password_hash(request.form['passwd'])
mail_passwd_change = 0
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT name FROM users WHERE name=?""", (user,)) cursor.execute("""SELECT name FROM users WHERE name=?""", (user,))
testuser = cursor.fetchone() testuser = cursor.fetchone()
conn.close() conn.close()
if MAIL_SERVER: if MAIL_SERVER:
mail = request.form['mail']+'@'+hostname
if not(email_disp(mail)) :
flash(u'Adresse email déjà utilisé ou invalide, merci d\'en choisir une autre', 'error')
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else:
cmd = SETUID + " set_mail_passwd " + "'"+mail+"' " + "'"+passwd+"'" cmd = SETUID + " set_mail_passwd " + "'"+mail+"' " + "'"+passwd+"'"
mail_passwd_change = os.system(cmd) mail_passwd_change = os.system(cmd)
if testuser: if testuser or mail_passwd_change != 0 or resp:
flash(u'Non d\'utilisateur déjà utilisé, merci d\'en choisir un autre', 'error') flash(u'Non d\'utilisateur déjà utilisé, merci d\'en choisir un autre', 'error')
resp = render_template('inscription.html', resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'], signin_enable=app.config['SIGNIN_ENABLE'],
hostname=hostname) token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
elif not(email_disp(mail)) or mail_passwd_change != 0 :
flash(u'Adresse email déjà utilisé, merci d\'en choisir un autre', 'error')
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
hostname=hostname)
else: else:
confirmation = bcrypt.check_password_hash(bcrypt_passwd, passwdconfirm) confirmation = bcrypt.check_password_hash(bcrypt_passwd, passwdconfirm)
if confirmation is True: if confirmation is True:
@ -114,12 +133,16 @@ def signin(token) :
flash(u'Les mots de passe ne sont pas identiques !', 'error') flash(u'Les mots de passe ne sont pas identiques !', 'error')
resp = render_template('inscription.html', resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'], signin_enable=app.config['SIGNIN_ENABLE'],
hostname=hostname) token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else : else :
url_inscription = BASE_URL+'inscription/'+token
resp = render_template('inscription.html', resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'], signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname, url_inscription=url_inscription) token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else: else:
resp = redirect(BASE_URL, code=401) resp = redirect(BASE_URL, code=401)

View File

@ -1,6 +1,7 @@
from flask import Blueprint, Flask, request, flash, render_template, url_for, session, redirect, abort, make_response, send_file, escape from flask import Blueprint, Flask, request, flash, render_template, url_for, session, redirect, abort, make_response, send_file, escape
import sqlite3 import sqlite3
from flask_bcrypt import Bcrypt from flask_bcrypt import Bcrypt
from socket import gethostname
app = Flask( 'pywallter' ) app = Flask( 'pywallter' )
app.config.from_pyfile('config.py') app.config.from_pyfile('config.py')
@ -14,6 +15,10 @@ DOSSIER_PERSO= app.config['DOSSIER_APP']
extensionimg = app.config['EXT_IMG'] extensionimg = app.config['EXT_IMG']
DATABASE = app.config['DATABASE'] DATABASE = app.config['DATABASE']
BASE_URL = app.config['BASE_URL']
MAIL_SERVER = app.config['MAIL_SERVER']
################################################################################################## ##################################################################################################
@ -52,7 +57,22 @@ def logout():
@loginlogout.route( '/' ) @loginlogout.route( '/' )
def index(): def index():
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT token passwd FROM users where name=? """, ("pywallter", ))
tmp = cursor.fetchone()
conn.close
token = tmp[0]
if 'username' in session : if 'username' in session :
return redirect(url_for('profil.profile')) return redirect(url_for('profil.profile'))
else : else :
if token:
hostname = gethostname()
url_inscription = BASE_URL+'inscription/'+token
return render_template('inscription.html', signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else:
return redirect(url_for('loginlogout.login', _external=True)) return redirect(url_for('loginlogout.login', _external=True))

View File

@ -128,7 +128,7 @@ def change_passwd() :
mail_passwd_change = 0 mail_passwd_change = 0
xmmp_passwd_change = 0 xmmp_passwd_change = 0
passwd = request.form['password'] passwd = request.form['password']
mail_passwd_change = 0
if MAIL_SERVER: if MAIL_SERVER:
cmd = SETUID+ " set_mail_passwd " + "'"+mailbox['Mail']+"' "+"'"+passwd+"'" cmd = SETUID+ " set_mail_passwd " + "'"+mailbox['Mail']+"' "+"'"+passwd+"'"
mail_passwd_change = os.system(cmd) mail_passwd_change = os.system(cmd)
@ -223,7 +223,7 @@ def myalias():
email=mailbox['Mail'], email=mailbox['Mail'],
aliases=mailbox['alias'], aliases=mailbox['alias'],
hostname=hostname, hostname=hostname,
Mail_active=MAIL_SERVER, MAIL_SERVER=MAIL_SERVER,
username=UTILISATEUR ) username=UTILISATEUR )
else: else:
@ -276,11 +276,14 @@ def invitation():
cursor = conn.cursor() # Création de l'objet "curseur" cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT Token, invitations FROM users WHERE name=?""", (UTILISATEUR,)) cursor.execute("""SELECT Token, invitations FROM users WHERE name=?""", (UTILISATEUR,))
tmp = cursor.fetchone() tmp = cursor.fetchone()
print (tmp[0])
token = tmp[0] token = tmp[0]
if token:
url_invitation = BASE_URL + 'inscription/' + token
else:
url_invitation = ""
invitations_count = tmp[1] invitations_count = tmp[1]
conn.close() conn.close()
url_invitation = BASE_URL + 'inscription/' + token
return render_template('invitation.html', return render_template('invitation.html',
section='Profil', section='Profil',
nb_invitation=invitations_count, nb_invitation=invitations_count,

View File

@ -1,5 +1,4 @@
from gevent.pywsgi import WSGIServer from gevent.pywsgi import WSGIServer
from flask import Flask
from pywallter import create_app from pywallter import create_app
app = create_app() app = create_app()