storm/bragi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: record IP. refresh cookie if new token is provided

Browse Source
This commit is contained in:
Terry Geng 2020-05-18 13:30:18 +08:00
parent edf5495fe5
commit 62a115b56e
No known key found for this signature in database
GPG Key ID: F982F8EA1DF720E7
2 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
command.py
View File

@ -1191,6 +1191,7 @@ def cmd_web_access(bot, user, text, command, parameter):
else: else:
token = secrets.token_urlsafe(5) token = secrets.token_urlsafe(5)
var.db.set("web_token", token, user) var.db.set("web_token", token, user)
var.db.set("user", user, json.dumps({'token': token, 'datetime': str(datetime.datetime.now()), 'IP': ''})) var.db.set("user", user, json.dumps({'token': token, 'datetime': str(datetime.datetime.now()), 'IP': ''}))
access_address = var.config.get("webinterface", "access_address") access_address = var.config.get("webinterface", "access_address")

18
interface.py
View File

@ -105,26 +105,32 @@ def requires_auth(f):
if var.config.getboolean("webinterface", "require_auth") and ( if var.config.getboolean("webinterface", "require_auth") and (
not auth or not check_auth(auth.username, auth.password)): not auth or not check_auth(auth.username, auth.password)):
if auth: if auth:
log.warning("web: failed login attempt, user: %s" % auth.username) log.warning(f"web: failed login attempt, user: {auth.username}, from ip {request.remote_addr}.")
return authenticate() return authenticate()
if auth_method == 'token': if auth_method == 'token':
if 'token' in session: if 'token' in session and 'token' not in request.args:
token = session['token'] token = session['token']
token_user = var.db.get("web_token", token, fallback=None) token_user = var.db.get("web_token", token, fallback=None)
if token_user is not None: if token_user is not None:
user = token_user user = token_user
log.debug(f"web: token validated for the user: {token_user}") log.debug(f"web: token validated for the user: {token_user}, from ip {request.remote_addr}.")
return f(*args, **kwargs) return f(*args, **kwargs)
else: elif 'token' in request.args:
token = request.args.get('token') token = request.args.get('token')
token_user = var.db.get("web_token", token, fallback=None) token_user = var.db.get("web_token", token, fallback=None)
if token_user is not None: if token_user is not None:
user = token_user user = token_user
log.info(f"web: new user access, token validated for the user: {token_user}")
user_info = var.db.get("user", user, fallback=None)
user_dict = json.loads(user_info)
user_dict['IP'] = request.remote_addr
var.db.set("user", user, json.dumps(user_dict))
log.info(f"web: new user access, token validated for the user: {token_user}, from ip {request.remote_addr}.")
session['token'] = token session['token'] = token
return f(*args, **kwargs) return f(*args, **kwargs)
log.info(f"web: bad token used: {token}") log.info(f"web: bad token used: {token}, from ip {request.remote_addr}.")
abort(403) abort(403)
return f(*args, **kwargs) return f(*args, **kwargs)