Add cookie secret to DB

Allow users to reset cookie and api secret
Add Crafty row to table on fresh install
Change inserts to updates for crafty settings table.
This commit is contained in:
amcmanu3 2023-01-29 16:54:02 -05:00
parent aa2ba4f8cf
commit 2d9529ba0c
7 changed files with 79 additions and 8 deletions

View File

@ -46,6 +46,14 @@ class ManagementController:
def get_crafty_api_key(): def get_crafty_api_key():
return HelpersManagement.get_secret_api_key() return HelpersManagement.get_secret_api_key()
@staticmethod
def set_cookie_secret(key):
HelpersManagement.set_cookie_secret(key)
@staticmethod
def add_crafty_row():
HelpersManagement.create_crafty_row()
# ********************************************************************************** # **********************************************************************************
# Commands Methods # Commands Methods
# ********************************************************************************** # **********************************************************************************

View File

@ -43,6 +43,7 @@ class AuditLog(BaseModel):
# ********************************************************************************** # **********************************************************************************
class CraftySettings(BaseModel): class CraftySettings(BaseModel):
secret_api_key = CharField(default="") secret_api_key = CharField(default="")
cookie_secret = CharField(default="")
login_photo = CharField(default="login_1.jpg") login_photo = CharField(default="login_1.jpg")
login_opacity = IntegerField(default=100) login_opacity = IntegerField(default=100)
@ -204,9 +205,22 @@ class HelpersManagement:
else: else:
return return
@staticmethod
def create_crafty_row():
CraftySettings.insert(
{
CraftySettings.secret_api_key: "",
CraftySettings.cookie_secret: "",
CraftySettings.login_photo: "login_1.jpg",
CraftySettings.login_opacity: 100,
}
).execute()
@staticmethod @staticmethod
def set_secret_api_key(key): def set_secret_api_key(key):
CraftySettings.insert(secret_api_key=key).execute() CraftySettings.update({CraftySettings.secret_api_key: key}).where(
CraftySettings.id == 1
).execute()
@staticmethod @staticmethod
def get_secret_api_key(): def get_secret_api_key():
@ -215,6 +229,19 @@ class HelpersManagement:
) )
return settings[0].secret_api_key return settings[0].secret_api_key
@staticmethod
def get_cookie_secret():
settings = CraftySettings.select(CraftySettings.cookie_secret).where(
CraftySettings.id == 1
)
return settings[0].cookie_secret
@staticmethod
def set_cookie_secret(key):
CraftySettings.update({CraftySettings.cookie_secret: key}).where(
CraftySettings.id == 1
).execute()
# ********************************************************************************** # **********************************************************************************
# Config Methods # Config Methods
# ********************************************************************************** # **********************************************************************************

View File

@ -403,8 +403,6 @@ class Helpers:
"https_port": 8443, "https_port": 8443,
"language": "en_EN", "language": "en_EN",
"cookie_expire": 30, "cookie_expire": 30,
"cookie_secret": "random",
"apikey_secret": "random",
"show_errors": True, "show_errors": True,
"history_max_age": 7, "history_max_age": 7,
"stats_update_frequency": 30, "stats_update_frequency": 30,
@ -418,6 +416,7 @@ class Helpers:
"keywords": ["help", "chunk"], "keywords": ["help", "chunk"],
"allow_nsfw_profile_pictures": False, "allow_nsfw_profile_pictures": False,
"enable_user_self_delete": False, "enable_user_self_delete": False,
"reset_secrets_on_boot": False,
} }
def get_all_settings(self): def get_all_settings(self):

View File

@ -8,9 +8,10 @@ logger = logging.getLogger(__name__)
class DatabaseBuilder: class DatabaseBuilder:
def __init__(self, database, helper, users_helper): def __init__(self, database, helper, users_helper, management_helper):
self.database = database self.database = database
self.helper = helper self.helper = helper
self.management_helper = management_helper
self.users_helper = users_helper self.users_helper = users_helper
def default_settings(self): def default_settings(self):
@ -29,6 +30,8 @@ class DatabaseBuilder:
manager=None, manager=None,
) )
self.management_helper.create_crafty_row()
def is_fresh_install(self): def is_fresh_install(self):
try: try:
num_user = self.users_helper.get_user_total() num_user = self.users_helper.get_user_total()

View File

@ -11,6 +11,7 @@ import tornado.escape
import tornado.locale import tornado.locale
import tornado.httpserver import tornado.httpserver
from app.classes.models.management import HelpersManagement
from app.classes.shared.console import Console from app.classes.shared.console import Console
from app.classes.shared.helpers import Helpers from app.classes.shared.helpers import Helpers
from app.classes.shared.main_controller import Controller from app.classes.shared.main_controller import Controller
@ -110,10 +111,13 @@ class Webserver:
https_port = self.helper.get_setting("https_port") https_port = self.helper.get_setting("https_port")
debug_errors = self.helper.get_setting("show_errors") debug_errors = self.helper.get_setting("show_errors")
cookie_secret = self.helper.get_setting("cookie_secret") try:
cookie_secret = HelpersManagement.get_cookie_secret()
if cookie_secret is False: except:
cookie_secret = False
if cookie_secret is False or cookie_secret == "":
cookie_secret = self.helper.random_string_generator(32) cookie_secret = self.helper.random_string_generator(32)
HelpersManagement.set_cookie_secret(cookie_secret)
if not http_port: if not http_port:
http_port = 8000 http_port = 8000

View File

@ -0,0 +1,16 @@
# Generated by database migrator
import peewee
def migrate(migrator, database, **kwargs):
migrator.add_columns("crafty_settings", cookie_secret=peewee.CharField(default=""))
"""
Write your migrations here.
"""
def rollback(migrator, database, **kwargs):
migrator.drop_columns("crafty_settings", ["cookie_secret"])
"""
Write your rollback migrations here.
"""

16
main.py
View File

@ -14,6 +14,7 @@ from app.classes.shared.import3 import Import3
from app.classes.shared.console import Console from app.classes.shared.console import Console
from app.classes.shared.helpers import Helpers from app.classes.shared.helpers import Helpers
from app.classes.models.users import HelperUsers from app.classes.models.users import HelperUsers
from app.classes.models.management import HelpersManagement
from app.classes.shared.import_helper import ImportHelpers from app.classes.shared.import_helper import ImportHelpers
console = Console() console = Console()
@ -124,7 +125,8 @@ if __name__ == "__main__":
# do our installer stuff # do our installer stuff
user_helper = HelperUsers(database, helper) user_helper = HelperUsers(database, helper)
installer = DatabaseBuilder(database, helper, user_helper) management_helper = HelpersManagement(database, helper)
installer = DatabaseBuilder(database, helper, user_helper, management_helper)
FRESH_INSTALL = installer.is_fresh_install() FRESH_INSTALL = installer.is_fresh_install()
if FRESH_INSTALL: if FRESH_INSTALL:
@ -145,6 +147,18 @@ if __name__ == "__main__":
Console.info("Checking for remote changes to config.json") Console.info("Checking for remote changes to config.json")
controller.get_config_diff() controller.get_config_diff()
Console.info("Remote change complete.") Console.info("Remote change complete.")
Console.info("Checking for reset secret flag")
if helper.get_setting("reset_secrets_on_boot"):
Console.info("Found Reset")
controller.management.set_crafty_api_key(
str(helper.random_string_generator(64))
)
controller.management.set_cookie_secret(str(helper.random_string_generator(32)))
helper.set_setting("reset_secrets_on_boot", False)
else:
Console.info("No flag found. Secrets are staying")
import3 = Import3(helper, controller) import3 = Import3(helper, controller)
tasks_manager = TasksManager(helper, controller) tasks_manager = TasksManager(helper, controller)
tasks_manager.start_webserver() tasks_manager.start_webserver()