Ajout fonction première connexion et correction base de donnée

This commit is contained in:
kitoy 2022-08-07 17:36:20 +02:00
parent 3451259a57
commit 78227870bc
10 changed files with 135 additions and 54 deletions

View File

@ -1,10 +1,11 @@
# L'adresse de base de votre site.
# example BASE_URL="http://localhost/"
BASE_URL="https://profil.kitoy.me/"
# example BASE_URL="https://example.com"
BASE_URL="http://localhost:8000/" # si vous lancez pywallter avec flask run"
BASE_URL="http://localhost:8000/"
# Essentiels pour les cookies
SECRET_KEY="La super putain de passephrase de mort"
SECRET_KEY="CHANGE-ME"
# Dossier où seront stocker les fichiers
DOSSIER_APP = "./users/"
@ -18,7 +19,7 @@ EXT_IMG= {'.jpg', '.JPG', '.png', '.PNG', '.gif', '.GIF', '.bmp', '.BMP', '.jpeg
# Service
# XMPP = True => Le service est installé et lancer
# XMMP = False => Le service est désactivé
XMPP_SERVER = True
XMPP_SERVER = False
# Service Mail
# MAIL_SERVER = True => Le service est installé et lancer

0
sqlite Normal file
View File

View File

@ -29,11 +29,13 @@
{% if signin_enable %}
<form method="POST" action="{{ url_inscription }}">
<input type="text" name="user" id="user" placeholder="Pseudo" class="form-control"><br />
{% if MAIL_SERVER %}
<div class="col-sm-7">
<input type="text" name="mail" id="mail" placeholder="Adresse mail" class="form-control" size="2"> <br/>
</div>
<h4>@{{hostname}}</h4>
<br/>
{% endif %}
<input type="password" name="passwd" id="passwd" placeholder="Mot de passe" class="form-control"><br />
<input type="password" name="passwdconfirm" id="passwdconfirm" placeholder="Confirmation du mot de passe" class="form-control"><br />
<br>

View File

@ -5,6 +5,7 @@
<div class="row">
{% if MAIL_SERVER %}
<div class="col-md-12">
<table class="table">
<thead>
@ -39,7 +40,7 @@
<p> Votre Adresse e-mail sur ce serveur : {{ email }} </p>
<label> Nouvelles identité </label>
<label> Nouvelle identité </label>
<br/>
<div class="col-sm-7">
<input type="text" name="alias" id="alias" placeholder="Nouvel_identité" class="form-control"><br />
@ -51,15 +52,28 @@
</form>
</div>
</div>
{% else %}
<div class="panel panel-primary">
<div class="panel-heading">
<h3 class="panel-title"> Mes identitées </h3>
</div>
<div class="panel-body">
<h2> Le serveur de mail n'est pas activé cette fonctionnalité est désactivé <h2>
</div>
</div>
{% endif %}
{# on affiche les messages d'erreur puis les messages de succes #}
{% for categorie in ['error', 'succes'] %}
{% with msgs = get_flashed_messages(category_filter=[categorie]) %}
{% if msgs %}
<div class="flashed {{ categorie }}">
{% for m in msgs %}
<p>{{ m|safe }}</p>
{% endfor %}
</div>
<div class="flashed {{ categorie }}">
{% for m in msgs %}
<p>{{ m|safe }}</p>
{% endfor %}
</div>
{% endif %}
{% endwith %}
{% endfor %}

View File

@ -1,10 +1,12 @@
from flask import Flask
import sqlite3
import os
from tools.utils import gen_token
from flask_bcrypt import Bcrypt
app = Flask( 'pywallter' )
app.config.from_pyfile('config.py')
bcrypt = Bcrypt(app)
DATABASE = app.config['DATABASE']
DOSSIER_PERSO = app.config['DOSSIER_APP']
@ -17,8 +19,8 @@ def init_db():
cursor = conn.cursor()
cursor.execute("""
CREATE TABLE IF NOT EXISTS users(
Mail CHAR(80) PRIMARY KEY UNIQUE NOT NULL,
name TEXT,
Mail TEXT UNIQUE,
name TEXT primary KEY UNIQUE NOT NULL,
alias TEXT,
xmpp TEXT,
passwd TEXT,
@ -46,6 +48,16 @@ def init_db():
)
""")
conn.commit()
cursor.execute("""select * from users""")
accounts = cursor.fetchall()
# Si aucun account n'est crée on créé l'utilisateur
# pywallter qui permet la première inscription
if not(accounts) :
user = "pywallter"
token = gen_token()
passwd_bcrypt = bcrypt.generate_password_hash(token)
cursor.execute("""INSERT INTO users(name, passwd, token) VALUES(?, ?, ?)""", (user, passwd_bcrypt, token))
conn.commit()
conn.close()
print ('table posts OK')

View File

@ -26,26 +26,33 @@ def append_to_log(log_line, user):
def email_disp(email):
disp = True
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
unique_at = len(email.split('@'))
print (unique_at)
if len(email) < 80 and unique_at == 2:
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT mail FROM users WHERE mail=?""", (email,))
testmail = cursor.fetchall()
if testmail:
print ("on passe ici")
cursor.execute("""SELECT mail FROM users WHERE mail=?""", (email,))
testmail = cursor.fetchall()
if testmail :
disp = False
if disp:
cursor.execute("""SELECT alias FROM users""")
aliases = cursor.fetchall()
for alist in aliases:
for alias in alist:
if alias:
if email in alias:
disp=False
else:
disp = False
if disp:
cursor.execute("""SELECT alias FROM users""")
aliases = cursor.fetchall()
for alist in aliases:
for alias in alist:
if alias:
if email in alias:
disp=False
return disp
def valid_token_register(token):
valid = True
print(token)

View File

@ -29,39 +29,58 @@ inscription = Blueprint('inscription', __name__, template_folder='templates')
@inscription.route( '/inscription/<token>', methods=['GET','POST'] )
def signin(token) :
hostname = gethostname()
url_inscription = BASE_URL+'inscription/'+token
resp = None
if app.config['SIGNIN_ENABLE'] and valid_token_register(token):
if 'username' in session :
resp = redirect(url_for('profil.profile', _external=True))
else :
if request.method == 'POST':
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
if not(request.form['user']) or not(request.form['passwd']) or not(request.form['mail']):
flash(u'Il faut remplir le formulaire en entier, les champs ne peuvent pas etre vide ', 'error')
return render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
user = request.form['user']
mail = request.form['mail']+'@'+hostname
passwd = request.form['passwd']
mail = ""
passwdconfirm = request.form['passwdconfirm']
bcrypt_passwd = bcrypt.generate_password_hash(request.form['passwd'])
mail_passwd_change = 0
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT name FROM users WHERE name=?""", (user,))
testuser = cursor.fetchone()
conn.close()
if MAIL_SERVER:
cmd = SETUID + " set_mail_passwd " + "'"+mail+"' " + "'"+passwd+"'"
mail_passwd_change = os.system(cmd)
mail = request.form['mail']+'@'+hostname
if not(email_disp(mail)) :
flash(u'Adresse email déjà utilisé ou invalide, merci d\'en choisir une autre', 'error')
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else:
cmd = SETUID + " set_mail_passwd " + "'"+mail+"' " + "'"+passwd+"'"
mail_passwd_change = os.system(cmd)
if testuser:
if testuser or mail_passwd_change != 0 or resp:
flash(u'Non d\'utilisateur déjà utilisé, merci d\'en choisir un autre', 'error')
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
hostname=hostname)
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
elif not(email_disp(mail)) or mail_passwd_change != 0 :
flash(u'Adresse email déjà utilisé, merci d\'en choisir un autre', 'error')
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
hostname=hostname)
else:
confirmation = bcrypt.check_password_hash(bcrypt_passwd, passwdconfirm)
if confirmation is True:
@ -83,7 +102,7 @@ def signin(token) :
users = cursor.fetchall()
for i in users:
i = print('{0} - {1} - {2}'.format(i[0], i[1], i[2]))
userracine = DOSSIER_PERSO + user
userfiles = userracine + '/files'
userimages = userracine + '/images'
@ -114,12 +133,16 @@ def signin(token) :
flash(u'Les mots de passe ne sont pas identiques !', 'error')
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
hostname=hostname)
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else :
url_inscription = BASE_URL+'inscription/'+token
resp = render_template('inscription.html',
signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname, url_inscription=url_inscription)
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else:
resp = redirect(BASE_URL, code=401)

View File

@ -1,6 +1,7 @@
from flask import Blueprint, Flask, request, flash, render_template, url_for, session, redirect, abort, make_response, send_file, escape
import sqlite3
from flask_bcrypt import Bcrypt
from socket import gethostname
app = Flask( 'pywallter' )
app.config.from_pyfile('config.py')
@ -14,6 +15,10 @@ DOSSIER_PERSO= app.config['DOSSIER_APP']
extensionimg = app.config['EXT_IMG']
DATABASE = app.config['DATABASE']
BASE_URL = app.config['BASE_URL']
MAIL_SERVER = app.config['MAIL_SERVER']
##################################################################################################
@ -52,7 +57,22 @@ def logout():
@loginlogout.route( '/' )
def index():
conn = sqlite3.connect(DATABASE) # Connexion à la base de donnée
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT token passwd FROM users where name=? """, ("pywallter", ))
tmp = cursor.fetchone()
conn.close
token = tmp[0]
if 'username' in session :
return redirect(url_for('profil.profile'))
else :
return redirect(url_for('loginlogout.login', _external=True))
if token:
hostname = gethostname()
url_inscription = BASE_URL+'inscription/'+token
return render_template('inscription.html', signin_enable=app.config['SIGNIN_ENABLE'],
token=token, hostname=hostname,
url_inscription=url_inscription,
MAIL_SERVER=MAIL_SERVER)
else:
return redirect(url_for('loginlogout.login', _external=True))

View File

@ -128,9 +128,9 @@ def change_passwd() :
mail_passwd_change = 0
xmmp_passwd_change = 0
passwd = request.form['password']
mail_passwd_change = 0
if MAIL_SERVER:
cmd = SETUID+ " set_mail_passwd " + "'"+mailbox['Mail']+"' "+"'"+passwd+"'"
cmd = SETUID+ " set_mail_passwd " + "'"+mailbox['Mail']+"' "+"'"+passwd+"'"
mail_passwd_change = os.system(cmd)
@ -190,7 +190,7 @@ def myalias():
aliases = alias_list + "," +alias
else:
aliases = alias
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" add "+"'"+alias+"'"
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" add "+"'"+alias+"'"
res = os.system(cmd)
if res == 0:
cursor.execute("UPDATE users SET alias=? WHERE name=?",
@ -223,7 +223,7 @@ def myalias():
email=mailbox['Mail'],
aliases=mailbox['alias'],
hostname=hostname,
Mail_active=MAIL_SERVER,
MAIL_SERVER=MAIL_SERVER,
username=UTILISATEUR )
else:
@ -247,7 +247,7 @@ def remove_alias(aliasrm):
aliases = aliases + "," + alias
else:
aliases = alias
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" del "+"'"+alias+"'"
cmd = SETUID+ " set_mail_alias " + "'"+mail+"'"+" del "+"'"+alias+"'"
res = os.system(cmd)
if res == 0:
cursor.execute("UPDATE users SET alias=? WHERE name=?",
@ -276,11 +276,14 @@ def invitation():
cursor = conn.cursor() # Création de l'objet "curseur"
cursor.execute("""SELECT Token, invitations FROM users WHERE name=?""", (UTILISATEUR,))
tmp = cursor.fetchone()
print (tmp[0])
token = tmp[0]
if token:
url_invitation = BASE_URL + 'inscription/' + token
else:
url_invitation = ""
invitations_count = tmp[1]
conn.close()
url_invitation = BASE_URL + 'inscription/' + token
return render_template('invitation.html',
section='Profil',
nb_invitation=invitations_count,

View File

@ -1,5 +1,4 @@
from gevent.pywsgi import WSGIServer
from flask import Flask
from pywallter import create_app
app = create_app()