piair/MsRewards-Reborn
2
2
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

implemented different secret and password for each instances

Browse Source
This commit is contained in:
piair 2023-06-18 15:55:45 +02:00
parent d49c8031a1
commit 2b849ca0ca
2 changed files with 93 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
Flask/app.py
View File

@ -5,12 +5,25 @@ from apscheduler.schedulers.background import BackgroundScheduler
from apscheduler.triggers.cron import CronTrigger from apscheduler.triggers.cron import CronTrigger
from flask_login import LoginManager, UserMixin, login_required, login_user, logout_user from flask_login import LoginManager, UserMixin, login_required, login_user, logout_user
import json import json
password = "RandomPassword"
secret = "fe18d16cff64b8124792b8d512cecf90b79c4947707815ecf5c70446fdbc5101"
global password
with open("./user_data/flask.json", "r") as inFile:
data = json.load(inFile)
password = data["password"]
secret = data["secret"]
if secret == "":
import secrets
secret = secrets.token_hex()
with open("./user_data/flask.json", "w") as inFile:
data = {
"password": password,
"secret": secret
}
json.dump(data, inFile)
""" """
Automatic start of MsRewards #Automatic start of MsRewards
""" """
scheduler = BackgroundScheduler() scheduler = BackgroundScheduler()
scheduler.start() scheduler.start()
@ -32,15 +45,14 @@ scheduler.add_job(
""" """
Flask app #Flask app
""" """
app = Flask(__name__) app = Flask(__name__)
""" """
Login stuff #Login stuff
""" """
# TODO : changer le secret
# config # config
app.config.update( app.config.update(
SECRET_KEY = secret SECRET_KEY = secret
@ -61,12 +73,15 @@ class User(UserMixin):
return "%d/%s/%s" % (self.id, self.name, self.password) return "%d/%s/%s" % (self.id, self.name, self.password)
users = [User(1)] users = [User(1)]
@app.route("/login/", methods=["GET", "POST"]) @app.route("/login/", methods=["GET", "POST"])
def login(): def login():
if request.method == 'POST': if request.method == 'POST':
if request.form['password'] == password: if request.form['password'] == password:
user = User(id) user = User(id)
login_user(user) login_user(user)
if password == "ChangeMe":
return(render_template("change_password.html"))
return(render_template("override.html")) return(render_template("override.html"))
else: else:
return abort(401) return abort(401)
@ -74,6 +89,21 @@ def login():
return(render_template("login.html")) return(render_template("login.html"))
@app.route("/change_password/", methods=["GET", "POST"])
@login_required
def change_password():
global password
if request.method == 'POST':
password = request.form["password"]
with open("./user_data/flask.json", "w") as inFile:
data = {
"password": password,
"secret": secret
}
json.dump(data, inFile)
return(render_template("override.html"))
# handle login failed # handle login failed
@app.errorhandler(401) @app.errorhandler(401)
def page_not_found(e): def page_not_found(e):
@ -86,7 +116,7 @@ def load_user(userid):
return User(userid) return User(userid)
""" """
end of login stuff #end of login stuff
""" """
@app.route("/", methods=["post"]) @app.route("/", methods=["post"])

56
Flask/templates/change_password.html Normal file
View File

@ -0,0 +1,56 @@
{% extends "base.html" %}
{% block left_pannel %}
<table>
<tr>
<td>
<button class="unselected" onclick="location.href = '/override';">override</button>
</td>
</tr>
<tr>
<td>
<button class="unselected" onclick="location.href = '/accounts';">accounts</button>
</td>
</tr>
<tr>
<td>
<button class="unselected" onclick="location.href = '/discord';">discord</button>
</td>
</tr>
<tr>
<td>
<button class="unselected" onclick="location.href = '/database';">database</button>
</td>
</tr>
<tr>
<td>
<button class="unselected" onclick="location.href = '/proxy';">proxy</button>
</td>
</tr>
<tr>
<td>
<button class="unselected" onclick="location.href = '/settings';">settings</button>
</td>
</tr>
</table>
{% endblock %}
{% block content %}
{%if not current_user.is_authenticated %}
<h1>Already logged in</h1>
{% else %}
<form method="post" action="/change_password/">
<table>
<tr>
<td class="comlumn-name">Change password</td>
<td><input type="text" name="password"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="NewPassword" value="send" class="button"/></td>
</tr>
</table>
</form>
{% endif %}
{% endblock %}