Commit e9fa7941 authored by Alain Takoudjou's avatar Alain Takoudjou

Create the account at the first launch of WebRunner

parent 873a5b35
...@@ -118,15 +118,9 @@ def serve(config): ...@@ -118,15 +118,9 @@ def serve(config):
workspace = workdir, workspace = workdir,
instance_profile='instance.cfg', instance_profile='instance.cfg',
software_profile='software.cfg', software_profile='software.cfg',
SECRET_KEY='123', SECRET_KEY=os.urandom(24),
) )
if not os.path.exists(workdir): if not os.path.exists(workdir):
os.mkdir(workdir) os.mkdir(workdir)
if not os.path.exists(os.path.join(config.runner_workdir, '.users')):
#set default user and password
salt = "runner81" #to be changed
pwd = hashlib.md5( salt + "insecure" ).hexdigest()
user = "root;"+pwd+";;Slaprunner Administrator"
open(os.path.join(config.runner_workdir, '.users'), 'w').write(user)
app.run(host=config.runner_host, port=int(config.runner_port), app.run(host=config.runner_host, port=int(config.runner_port),
debug=config.debug, threaded=True) debug=config.debug, threaded=True)
...@@ -72,6 +72,7 @@ overflow-y: scroll; ...@@ -72,6 +72,7 @@ overflow-y: scroll;
text-align: left; text-align: left;
padding-left: 20px; padding-left: 20px;
height: 30px; height: 30px;
position:relative;
} }
#header .run{ #header .run{
...@@ -706,7 +707,7 @@ input[type=radio]:hover { ...@@ -706,7 +707,7 @@ input[type=radio]:hover {
#login-page{width:429px; height:236px; margin:130px auto 0px; background:url(../images/loginBox.png) no-repeat; #login-page{width:429px; height:236px; margin:130px auto 0px; background:url(../images/loginBox.png) no-repeat;
padding:10px; font-size:14px; color:#03406A} padding:10px; font-size:14px; color:#03406A}
#login-page h2{color:#fff; font-size:26px; font-weight:normal; text-indent:50px;} #login-page h2{color:#fff; font-size:26px; font-weight:normal; text-indent:50px;}
.login-content{margin:10px; margin-top:40px; margin-bottom:0; height:90px;} .login-content{position:relative;margin:10px; margin-top:30px; margin-bottom:0;}
.login-button{width:140px; margin:0 auto;} .login-button{width:140px; margin:0 auto;}
.login-element{float:left; min-width:120px;} .login-element{float:left; min-width:120px;}
.login-label{padding:5px; font-size:16px;} .login-label{padding:5px; font-size:16px;}
......
...@@ -9,25 +9,17 @@ $(function () { ...@@ -9,25 +9,17 @@ $(function () {
$('a[rel=tooltip], a[rel=tooltip-min], .popup').mouseover(function () { $('a[rel=tooltip], a[rel=tooltip-min], .popup').mouseover(function () {
var height = $(this).height(); var height = $(this).height();
var top = $(this).offset().top + height; var top = $(this).offset().top + height;
var left = $(this).offset().left - ($(this).width() /2); var left = $(this).offset().left +($(this).width()/2)-30;
var content = "#tooltip-" + $(this).attr('id'); var content = "#tooltip-" + $(this).attr('id');
if (hideDelayTimer) clearTimeout(hideDelayTimer); if (hideDelayTimer) clearTimeout(hideDelayTimer);
if (beingShown || shown) { if (beingShown || shown) {
return; return;
} else { } else {
$('#jqtooltip').empty(); $('#jqtooltip').empty();
var contentValue = $(content).clone(true, true); var contentValue = $(content).clone(true, true);
/*$(contentValue).find("*").each(function(index, element) {
if(element.id){element.id = "jqt_" + element.id;}
if($(this).attr('for')){$(this).attr('for', 'jqt_' + $(this).attr('for'))}
//var events = $(content).get[0];
//for (var type in events)
// for (var handler in events[type])
// jQuery.event.add(this, type, events[type][handler], events[type][handler].data);
});*/
$(contentValue).appendTo('#jqtooltip'); $(contentValue).appendTo('#jqtooltip');
$('#jqtooltip ' + content).show(); $('#jqtooltip ' + content).show();
// reset position of info box // reset position of info box
beingShown = true; beingShown = true;
$('.popup').css({ $('.popup').css({
top: top, top: top,
...@@ -49,7 +41,7 @@ $(function () { ...@@ -49,7 +41,7 @@ $(function () {
$('.popup').animate({ $('.popup').animate({
top: '-=' + distance + 'px', top: '-=' + distance + 'px',
opacity: 0 opacity: 0
}, time, 'swing', function () { }, time, 'swing', function () {
$('.popup').css('display', 'none'); $('.popup').css('display', 'none');
shown = false; shown = false;
}); });
......
...@@ -14,6 +14,10 @@ $(document).ready( function() { ...@@ -14,6 +14,10 @@ $(document).ready( function() {
$("#error").Popup("Please enter a valid email adress!", {type:'alert', duration:3000}); $("#error").Popup("Please enter a valid email adress!", {type:'alert', duration:3000});
return false; return false;
} }
if($("input#hasAccount").val() === "" && !$("input#password").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Please enter your new password!", {type:'alert', duration:3000});
return false;
}
if($("input#password").val() !== ""){ if($("input#password").val() !== ""){
if($("input#password").val() === "" || !$("input#password").val().match(/^[\w\d\._-]+$/)){ if($("input#password").val() === "" || !$("input#password").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Please enter your new password!", {type:'alert', duration:3000}); $("#error").Popup("Please enter your new password!", {type:'alert', duration:3000});
...@@ -34,7 +38,7 @@ $(document).ready( function() { ...@@ -34,7 +38,7 @@ $(document).ready( function() {
password:((haspwd) ? $("input#password").val():"")}, password:((haspwd) ? $("input#password").val():"")},
success: function(data){ success: function(data){
if(data.code ==1){ if(data.code ==1){
$("#error").Popup("Your account informations has been saved!", {type:'confirm', duration:3000}); location.href = $SCRIPT_ROOT+"/"
} }
else{ else{
$("#error").Popup(data.result, {type:'error', duration:5000}); $("#error").Popup(data.result, {type:'error', duration:5000});
......
...@@ -29,7 +29,10 @@ ...@@ -29,7 +29,10 @@
<div class='clear'></div> <div class='clear'></div>
<br/><br/><br/> <br/><br/><br/>
</div> </div>
<div id="file_info" class="file_info">leave passwords blank to preserve your current password...</div> <div id="file_info" class="file_info">{% if username %}leave passwords blank to preserve your current password...{%else%}
Before starting, please fill your personal informations... {%endif%}
</div>
<br/> <br/>
<input type="hidden" name="hasAccount" id="hasAccount" value="{{name}}"/>
</form> </form>
{% endblock %} {% endblock %}
...@@ -6,17 +6,26 @@ ...@@ -6,17 +6,26 @@
{% block body %} {% block body %}
<form method="POST" action=""> <form method="POST" action="">
<h2>Login to Slapos Web Runner</h2> <h2>Login to Slapos Web Runner</h2>
<div class="login-content"> <div class="login-content"><br/>
<div class="login-element login-label"><label for="clogin">Your login&nbsp; : </label></div> <div class="login-element login-label"><label for="clogin">Your login&nbsp; : </label></div>
<div class="login-element"><input type="text" class="login-input" name="clogin" id="clogin" value="Enter login..." /></div><br/><br/> <div class="login-element"><input type="text" class="login-input" name="clogin" id="clogin" value="Enter login..." /></div><br/><br/>
<div class="clear"></div> <div class="clear"></div>
<div class="login-element login-label"><label for="cpwd">Password : </label></div> <div class="login-element login-label"><label for="cpwd">Password : </label></div>
<div class="login-element"><input type="password" class="idleField login-input" name="cpwd" id="cpwd" value="******" /></div> <div class="login-element"><input type="password" class="idleField login-input" name="cpwd" id="cpwd" value="******" /></div>
<div class="clear"></div> <div class="clear"></div>
<!--<br/><a href="#" id="information" rel="tooltip">do you need help?</a><br/>-->
</div> </div>
<div style="text-align:center"> <div style="text-align:center; margin-top:7px;">
<input type="reset" class="button" value="reset" /> <input type="reset" class="button" value="reset" />
<input type="submit" class="button" id="login" value="login" /> <input type="submit" class="button" id="login" value="login" />
</div> </div>
</form> </form>
<!--
<div id="tooltip-information" style="display:none">
<p style="font-size:12px;">
If it is your first connexion, use default parameters:<br/>
login: <strong>root</strong>, password: <strong>insecure</strong> and set your
one<br/> parameters at <strong>home->Your Account</strong>.
</p>
</div>-->
{% endblock %} {% endblock %}
\ No newline at end of file
...@@ -56,10 +56,17 @@ def checkLogin(config, login, pwd): ...@@ -56,10 +56,17 @@ def checkLogin(config, login, pwd):
user = getSession(config) user = getSession(config)
salt = "runner81" #to be changed salt = "runner81" #to be changed
current_pwd = hashlib.md5( salt + pwd ).hexdigest() current_pwd = hashlib.md5( salt + pwd ).hexdigest()
if current_pwd == user[1]: if user and current_pwd == user[1] and login == user[0]:
return user return user
return False return False
def checkSession(config, session, account):
"""Return True if current user is connected with rigth data"""
if 'account' in session and account:
return (session['account'][0] == account[0] and
session['account'][1] == account[1])
return False
def getSession(config): def getSession(config):
""" """
Get the session data of current user. Get the session data of current user.
...@@ -99,9 +106,10 @@ def saveSession(config, session, account): ...@@ -99,9 +106,10 @@ def saveSession(config, session, account):
account[1] = hashlib.md5(salt + account[1]).hexdigest() account[1] = hashlib.md5(salt + account[1]).hexdigest()
else: else:
account[1] = session['account'][1] account[1] = session['account'][1]
#backup previous data if 'account' in session:
open(user+'.back', 'w').write(';'.join(session['account'])) #backup previous data
backup = True open(user+'.back', 'w').write(';'.join(session['account']))
backup = True
#save new account data #save new account data
open(user, 'w').write((';'.join(account)).encode("utf-8")) open(user, 'w').write((';'.join(account)).encode("utf-8"))
session['account'] = account session['account'] = account
......
...@@ -14,13 +14,18 @@ app = Flask(__name__) ...@@ -14,13 +14,18 @@ app = Flask(__name__)
#Access Control: Only static files and login pages are allowed to guest #Access Control: Only static files and login pages are allowed to guest
@app.before_request @app.before_request
def before_request(): def before_request():
if (not session.has_key('account') or not session['account']) \ if not request.path.startswith('/static'):
and request.path != '/login' \ account = getSession(app.config)
and request.path != '/doLogin' and not request.path.startswith('/static'): if account:
return redirect(url_for('login')) if request.path != '/login' and request.path != '/doLogin' and \
if session.has_key('account') and session['account']: not checkSession(app.config, session, account):
session['title'] = getProjectTitle(app.config) return redirect(url_for('login'))
session['account'] = getSession(app.config) session['title'] = getProjectTitle(app.config)
else:
session.pop('account', None)
session['title'] = "No account is defined"
if request.path != "/updateAccount" and request.path != "/myAccount":
return redirect(url_for('myAccount'))
# general views # general views
@app.route('/') @app.route('/')
...@@ -33,12 +38,15 @@ def login(): ...@@ -33,12 +38,15 @@ def login():
@app.route("/myAccount") @app.route("/myAccount")
def myAccount(): def myAccount():
return render_template('account.html', username=session['account'][0], if 'account' in session:
return render_template('account.html', username=session['account'][0],
email=session['account'][2], name=session['account'][3].decode('utf-8')) email=session['account'][2], name=session['account'][3].decode('utf-8'))
else:
return render_template('account.html')
@app.route("/logout") @app.route("/logout")
def logout(): def logout():
session['account'] = None session.pop('account', None)
return redirect(url_for('login')) return redirect(url_for('login'))
@app.route('/configRepo') @app.route('/configRepo')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment