Commit 1adb85b8 authored by clerie's avatar clerie
Browse files

Init repository


Signed-off-by: default avatarclerie <git@clerie.de>
parents
# Vereinewlan 2
Ein weiterer Versuch für ein management Frontend für das FeM Vereine Wlan.
## Deelopment
Anhängigkeiten installieren
```
pip3 install -r requirements.txt
```
Datenbank initialisieren
```
./app.py init
```
Dev Server starten
```
./app.py
```
## Api Docs
### GET `/api/user/`
```
curl --user admin:admin "http://127.0.0.1:5000/api/user/"
```
```
[
{
"admin": true,
"name": "admin"
}
]
```
### POST `/api/user/`
```
curl --user admin:admin -X POST -d 'name=user' -d 'password=user' "http://127.0.0.1:5000/api/user/"
```
### GET `/api/user/<name>/`
```
curl --user admin:admin "http://127.0.0.1:5000/api/user/"
```
```
{
"admin": true,
"name": "admin"
}
```
### POST `/api/user/<name>/`
```
curl --user admin:admin -X POST -d 'name=user' -d 'password=user' -d 'admin=false' "http://127.0.0.1:5000/api/user/user/"
```
```
{
"admin": false,
"name": "user"
}
```
## Radius Docs
### GET `/radius/authorize/<name>/`
```
curl -H "X-Api-Key: test1234" "http://127.0.0.1:5000/radius/authorize/user/"
```
- On success HTTP 204.
- On error HTTP 401.
- On wrong api key HTTP 500.
### GET `/radius/authenticate/<name>/<password>/`
```
curl -H "X-Api-Key: test1234" "http://127.0.0.1:5000/radius/authenticate/admin/admin/"
```
```
{
"Cleartext-Password": {
"op": ":=",
"value": "admin"
}
}
```
- On success HTTP 201.
- On error HTTP 401.
- On wrong api key HTTP 500.
#!/usr/bin/env python3
from vereinewlan2 import app, db
from vereinewlan2.models import User
import sys
if __name__ == "__main__":
if len(sys.argv) == 2 and sys.argv[1] == "init":
db.create_all()
admin = User(name="admin", password="admin", admin=True)
db.session.add(admin)
db.session.commit()
else:
app.run(debug=True)
#!/usr/bin/env python3
from flask import Flask
from flask_sqlalchemy import SQLAlchemy
import os
app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///./test.db'
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['RADIUS_API_KEY'] = "test1234"
if "VW2_CONFIG" in os.environ:
app.config.from_envvar("VW2_CONFIG")
db = SQLAlchemy(app)
from .views import *
#!/usr/bin/env python3
from . import db
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(64), unique=True, nullable=False)
password = db.Column(db.String(128), nullable=False)
admin = db.Column(db.Boolean, default=False)
def __repr__(self):
return "<User {}>".format(self.name)
#!/usr/bin/env python3
from .models import User
import base64
from flask import abort, request
from functools import wraps
def require_auth():
def decorator(f):
@wraps(f)
def wrapper(*args, **kwargs):
try:
basic_auth = request.headers["Authorization"]
print(basic_auth)
except KeyError:
abort(401)
if not basic_auth.startswith("Basic "):
abort(401)
basic_auth = basic_auth[6:]
name, password = base64.b64decode(basic_auth).decode("UTF-8").split(":")
login_user = User.query.filter_by(name=name, password=password).first()
if not login_user:
abort(401)
kwargs["login_user"] = login_user
return f(*args, **kwargs)
return wrapper
return decorator
#!/usr/bin/env python3
from . import app, db
from .models import User
from .utils import require_auth
from flask import abort, request, jsonify
import json
@app.route("/api/user/", methods=["GET", "POST"])
@require_auth()
def users(login_user=None):
if not login_user.admin:
abort(403)
if request.method == "POST":
name = request.form.get("name")
if not name:
abort(400)
if len(User.query.filter_by(name=name).all()) != 0:
abort(409)
new_user = User(name=name, password="")
db.session.add(new_user)
db.session.commit()
return "ok"
all_users = User.query.order_by(User.name.asc()).all()
return jsonify([{"name": user.name, "admin": user.admin} for user in all_users])
@app.route("/api/user/<string:name>/", methods=["GET", "POST"])
@require_auth()
def user(name, login_user=None):
if not login_user.admin and name != login_user.name:
abort(403)
user = User.query.filter_by(name=name).first_or_404()
if request.method == "POST":
if request.form.get("password"):
password = request.form.get("password")
user.password = password
if request.form.get("admin"):
if login_user.admin:
if request.form.get("admin") == "true":
user.admin = True
else:
user.admin = False
db.session.add(user)
db.session.commit()
return jsonify({
"name": user.name,
#"password": user.password,
"admin": user.admin,
})
@app.route("/radius/authorize/<string:name>/")
def radius_authorize(name):
if request.headers["X-Api-Key"] != app.config["RADIUS_API_KEY"]:
abort(500)
user = User.query.filter_by(name=name).first()
if user is None:
return jsonify({"Reply-Message": "Login invalid"}), 401
return "", 204
@app.route("/radius/authenticate/<string:name>/<string:password>/")
def radius_authenticate(name, password):
if request.headers["X-Api-Key"] != app.config["RADIUS_API_KEY"]:
abort(500)
user = User.query.filter_by(name=name).first()
if user is None or password != user.password:
return jsonify({"Reply-Message": "Login invalid"}), 401
return jsonify({
"Cleartext-Password": {
"op": ":=",
"value": user.password,
},
}), 201
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment