mirror of
https://github.com/jackeilles/xygt.git
synced 2024-11-21 22:32:39 +01:00
add idpass reset, finish dashboard functionality
This commit is contained in:
parent
c37a52b2bf
commit
c39495149f
3 changed files with 128 additions and 13 deletions
|
@ -76,8 +76,6 @@ def index():
|
||||||
# Call the function to upload the file, this will return either HTTP Status codes or a 200 with a URL.
|
# Call the function to upload the file, this will return either HTTP Status codes or a 200 with a URL.
|
||||||
result, status = worker.uploadFile(file, ip, userid, filename, id, retention)
|
result, status = worker.uploadFile(file, ip, userid, filename, id, retention)
|
||||||
|
|
||||||
result = "https://xygt.cc/{}".format(result)
|
|
||||||
|
|
||||||
return result, status
|
return result, status
|
||||||
|
|
||||||
elif 'file' in request.form:
|
elif 'file' in request.form:
|
||||||
|
@ -86,8 +84,6 @@ def index():
|
||||||
|
|
||||||
result, status = worker.uploadFile(file, ip, userid, filename, id, retention)
|
result, status = worker.uploadFile(file, ip, userid, filename, id, retention)
|
||||||
|
|
||||||
result = "https://xygt.cc/{}".format(result)
|
|
||||||
|
|
||||||
return result, status
|
return result, status
|
||||||
|
|
||||||
elif 'url' in request.form:
|
elif 'url' in request.form:
|
||||||
|
@ -96,8 +92,6 @@ def index():
|
||||||
|
|
||||||
result, status = worker.shortenURL(url, ip, userid, id, retention)
|
result, status = worker.shortenURL(url, ip, userid, id, retention)
|
||||||
|
|
||||||
result = "https://xygt.cc/{}".format(result)
|
|
||||||
|
|
||||||
return result, status
|
return result, status
|
||||||
|
|
||||||
@app.route('/about')
|
@app.route('/about')
|
||||||
|
@ -128,6 +122,11 @@ def transparency():
|
||||||
def public():
|
def public():
|
||||||
return "Nothing here yet."
|
return "Nothing here yet."
|
||||||
|
|
||||||
|
@app.route('/dashboard')
|
||||||
|
@login_required
|
||||||
|
def dashboard():
|
||||||
|
return render_template('dashboard.html', files=Config.files.find({"userid": current_user.userid}), urls=Config.url.find({"userid": current_user.userid}))
|
||||||
|
|
||||||
@app.route('/<id>')
|
@app.route('/<id>')
|
||||||
def getData(id):
|
def getData(id):
|
||||||
|
|
||||||
|
@ -161,6 +160,28 @@ def getInfo(id):
|
||||||
|
|
||||||
return worker.idInfo(id)
|
return worker.idInfo(id)
|
||||||
|
|
||||||
|
@app.route('/<id>/delete')
|
||||||
|
@login_required
|
||||||
|
def delete(id):
|
||||||
|
if Config.files.find_one({"id": id}) is not None:
|
||||||
|
if Config.files.find_one({"id": id}) is None:
|
||||||
|
return Errors.file404
|
||||||
|
else:
|
||||||
|
data = Config.files.find_one({"id": id})
|
||||||
|
|
||||||
|
if data["userid"] == current_user.userid:
|
||||||
|
Config.files.delete_one({"id": id})
|
||||||
|
os.remove(os.path.join(Config.fileDir, secure_filename(id)))
|
||||||
|
return "File deleted."
|
||||||
|
|
||||||
|
elif data["userid"] == request.form.get("userid") and bcrypt.check_password_hash(Config.user.find_one({"userid": data["userid"]})["idpass"], request.form.get("idpass")):
|
||||||
|
Config.files.delete_one({"id": id})
|
||||||
|
os.remove(os.path.join(Config.fileDir, secure_filename(id)))
|
||||||
|
return "File deleted."
|
||||||
|
|
||||||
|
else:
|
||||||
|
return "You are not the owner of this file."
|
||||||
|
|
||||||
@app.route('/teapot')
|
@app.route('/teapot')
|
||||||
def teapot():
|
def teapot():
|
||||||
return 'I\'m a teapot. 418.', 418
|
return 'I\'m a teapot. 418.', 418
|
||||||
|
@ -201,7 +222,6 @@ def login():
|
||||||
|
|
||||||
if user and bcrypt.check_password_hash(user.password, password):
|
if user and bcrypt.check_password_hash(user.password, password):
|
||||||
login_user(user)
|
login_user(user)
|
||||||
print(current_user.is_authenticated)
|
|
||||||
flash("Successfully logged in!", "success")
|
flash("Successfully logged in!", "success")
|
||||||
return redirect("/")
|
return redirect("/")
|
||||||
else:
|
else:
|
||||||
|
@ -212,3 +232,16 @@ def login():
|
||||||
def logout():
|
def logout():
|
||||||
logout_user()
|
logout_user()
|
||||||
return redirect("/")
|
return redirect("/")
|
||||||
|
|
||||||
|
@app.route('/resetidpass')
|
||||||
|
def resetidpass():
|
||||||
|
idpass = worker.resetIDPass(current_user.userid)
|
||||||
|
if idpass == False:
|
||||||
|
return "Something went wrong, sorry. Please try again."
|
||||||
|
else:
|
||||||
|
return f"Your new IDPass is \n {idpass}\n This will only be shown once, please save it somewhere safe."
|
||||||
|
|
||||||
|
|
||||||
|
@app.errorhandler(404)
|
||||||
|
def page_not_found(e):
|
||||||
|
return random.choice(Errors.file404), 404
|
68
app/templates/dashboard.html
Normal file
68
app/templates/dashboard.html
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
{% extends 'base.html' %}
|
||||||
|
|
||||||
|
{% block content %}
|
||||||
|
<script>
|
||||||
|
function showUserIDandIDPass() {
|
||||||
|
var x = document.getElementById("userid");
|
||||||
|
if (x.style.display === "none") {
|
||||||
|
x.style.display = "block";
|
||||||
|
} else {
|
||||||
|
x.style.display = "none";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
</script>
|
||||||
|
<h1>Dashboard</h1>
|
||||||
|
<p>Hello, {{ current_user.user }}</p>
|
||||||
|
<h3>Files</h3>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>ID</th>
|
||||||
|
<th>Filename</th>
|
||||||
|
<th>Size</th>
|
||||||
|
<th>Retention</th>
|
||||||
|
<th>Uploaded</th>
|
||||||
|
<th>Actions</th>
|
||||||
|
</tr>
|
||||||
|
{% for file in files %}
|
||||||
|
<tr>
|
||||||
|
<td><a href="https://xygt.cc/{{ file['id'] }}">{{ file['id'] }}</a></td>
|
||||||
|
<td>{{ file["filename"] }}</td>
|
||||||
|
<td>{{ file["size"] }}</td>
|
||||||
|
<td>{{ file["retention"] }}</td>
|
||||||
|
<td>{{ file["uploaded"] }}</td>
|
||||||
|
<td><a href="/{{ file.id }}/delete">Delete</a></td>
|
||||||
|
</tr>
|
||||||
|
{% endfor %}
|
||||||
|
</table>
|
||||||
|
<br>
|
||||||
|
<h3>URL's</h3>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>ID</th>
|
||||||
|
<th>URL</th>
|
||||||
|
<th>Retention</th>
|
||||||
|
<th>Uploaded</th>
|
||||||
|
<th>Actions</th>
|
||||||
|
</tr>
|
||||||
|
{% for url in urls %}
|
||||||
|
<tr>
|
||||||
|
<td><a href="https://xygt.cc/{{ url['id'] }}">{{ url['id'] }}</a></td>
|
||||||
|
<td>{{ url["url"] }}</td>
|
||||||
|
<td>{{ url["retention"] }}</td>
|
||||||
|
<td>{{ url["uploaded"] }}</td>
|
||||||
|
<td><a href="/{{ url['id'] }}/delete">Delete</a></td>
|
||||||
|
</tr>
|
||||||
|
{% endfor %}
|
||||||
|
</table>
|
||||||
|
<br>
|
||||||
|
<h3>Forgot your UserID?</h3>
|
||||||
|
<p>Click below to view it.</p>
|
||||||
|
<button onclick="showUserIDandIDPass();">View UserID/IDPass</button>
|
||||||
|
<div id="userid" style="display: none;">
|
||||||
|
<p>Your UserID is: {{ current_user.userid }}</p>
|
||||||
|
</div>
|
||||||
|
<br>
|
||||||
|
<h3>Generate a new IDPass.</h3>
|
||||||
|
<p>If you've just created an account, lost your IDPass, or believe someone else is using your IDPass, you can reset it here.</p>
|
||||||
|
<a href="/resetidpass">Reset IDPass</a>
|
||||||
|
{% endblock %}
|
|
@ -28,7 +28,9 @@ def uploadFile(file, ip, userid, filename, id, retention):
|
||||||
# Calculate retention before the file is written, we'll grab the filesize here as it's needed for the equation.
|
# Calculate retention before the file is written, we'll grab the filesize here as it's needed for the equation.
|
||||||
file.seek(0, os.SEEK_END)
|
file.seek(0, os.SEEK_END)
|
||||||
fileSize = round(float(file.tell()) / 1024, 2)
|
fileSize = round(float(file.tell()) / 1024, 2)
|
||||||
print(fileSize)
|
|
||||||
|
# Set the position back to 0
|
||||||
|
file.seek(0)
|
||||||
|
|
||||||
if retention == None:
|
if retention == None:
|
||||||
retention = (Config.minretention+(-Config.maxretention + Config.minretention)*pow((fileSize / Config.maxFileSize -1), 3))
|
retention = (Config.minretention+(-Config.maxretention + Config.minretention)*pow((fileSize / Config.maxFileSize -1), 3))
|
||||||
|
@ -60,7 +62,7 @@ def uploadFile(file, ip, userid, filename, id, retention):
|
||||||
Config.files.insert_one(data)
|
Config.files.insert_one(data)
|
||||||
print(Config.files.find_one({"id": id}))
|
print(Config.files.find_one({"id": id}))
|
||||||
|
|
||||||
return id, 200
|
return f"https://xygt.cc/{id}", 200
|
||||||
else:
|
else:
|
||||||
return random.choice(Errors.fileTooLarge), 400
|
return random.choice(Errors.fileTooLarge), 400
|
||||||
else:
|
else:
|
||||||
|
@ -96,7 +98,7 @@ def shortenURL(url, ip, userid, id, retention):
|
||||||
Config.url.insert_one(data)
|
Config.url.insert_one(data)
|
||||||
print(Config.url.find_one({"id": data["id"]}))
|
print(Config.url.find_one({"id": data["id"]}))
|
||||||
|
|
||||||
return id, 200
|
return f"https://xygt.cc/{id}", 200
|
||||||
|
|
||||||
def idInfo(id):
|
def idInfo(id):
|
||||||
# Check files and url for the ID
|
# Check files and url for the ID
|
||||||
|
@ -118,8 +120,11 @@ def registerUser(username, password):
|
||||||
# Initialise some values
|
# Initialise some values
|
||||||
try:
|
try:
|
||||||
level = 1
|
level = 1
|
||||||
userid = randomHex()
|
while True:
|
||||||
idpass = bcrypt.generate_password_hash(randomHex()).decode("utf-8")
|
userid = randomHex()
|
||||||
|
if Config.users.find_one({"userid": userid}) is None:
|
||||||
|
break
|
||||||
|
idpass = bcrypt.generate_password_hash(randomHex()).decode("utf-8") # The user will not know this, they'll need to generate a new one.
|
||||||
password = bcrypt.generate_password_hash(password).decode("utf-8")
|
password = bcrypt.generate_password_hash(password).decode("utf-8")
|
||||||
user = User(username, userid, password, idpass, level)
|
user = User(username, userid, password, idpass, level)
|
||||||
Config.users.insert_one(user.__dict__)
|
Config.users.insert_one(user.__dict__)
|
||||||
|
@ -127,3 +132,12 @@ def registerUser(username, password):
|
||||||
return True
|
return True
|
||||||
except:
|
except:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
def resetIDPass(userid):
|
||||||
|
try:
|
||||||
|
idpass = randomHex(8)
|
||||||
|
hashedPass = bcrypt.generate_password_hash(idpass).decode("utf-8")
|
||||||
|
Config.users.update_one({"userid": userid}, {"$set": {"idpass": hashedPass}})
|
||||||
|
return idpass
|
||||||
|
except:
|
||||||
|
return False
|
Loading…
Reference in a new issue