mirror of https://github.com/Aidaho12/haproxy-wi
Pavel Loginov
parent
1109ebab11
commit
c71322f5c5
|
|
@ -241,7 +241,11 @@ def ssh_connect(serv, **kwargs):
|
|||
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||
try:
|
||||
if ssh_enable == 1:
|
||||
k = paramiko.RSAKey.from_private_key_file(ssh_key_name)
|
||||
cloud = sql.is_cloud()
|
||||
if cloud != '':
|
||||
k = paramiko.pkey.load_private_key_file(ssh_key_name, password=cloud)
|
||||
else:
|
||||
k = paramiko.pkey.load_private_key_file(ssh_key_name)
|
||||
ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, pkey=k, timeout=11)
|
||||
else:
|
||||
ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, password=ssh_user_password, timeout=11)
|
||||
|
|
@ -252,6 +256,9 @@ def ssh_connect(serv, **kwargs):
|
|||
except paramiko.SSHException as sshException:
|
||||
return 'error: Unable to establish SSH connection: %s ' % sshException
|
||||
pass
|
||||
except paramiko.PasswordRequiredException as e:
|
||||
return 'error: %s ' % e
|
||||
pass
|
||||
except paramiko.BadHostKeyException as badHostKeyException:
|
||||
return 'error: Unable to verify server\'s host key: %s ' % badHostKeyException
|
||||
pass
|
||||
|
|
|
|||
44
app/login.py
44
app/login.py
|
|
@ -23,6 +23,7 @@ db_create = ""
|
|||
error_log = ""
|
||||
error = ""
|
||||
|
||||
|
||||
def send_cookie(login):
|
||||
session_ttl = sql.get_setting('session_ttl')
|
||||
session_ttl = int(session_ttl)
|
||||
|
|
@ -37,7 +38,7 @@ def send_cookie(login):
|
|||
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
user_group_id = cookie.get('group')
|
||||
user_group_id = user_group_id.value
|
||||
if sql.check_user_group(id,user_group_id):
|
||||
if sql.check_user_group(id, user_group_id):
|
||||
user_groups = user_group_id
|
||||
else:
|
||||
user_groups = sql.select_user_groups(id, limit=1)
|
||||
|
|
@ -66,7 +67,8 @@ def send_cookie(login):
|
|||
user_group = ''
|
||||
|
||||
try:
|
||||
funct.logging('locahost', ' user: '+sql.get_user_name_by_uuid(user_uuid)+', group: '+user_group+' log in', haproxywi=1)
|
||||
user_name = sql.get_user_name_by_uuid(user_uuid)
|
||||
funct.logging('localhost', ' user: ' + user_name + ', group: ' + user_group + ' log in', haproxywi=1)
|
||||
except:
|
||||
pass
|
||||
print("Content-type: text/html\n")
|
||||
|
|
@ -77,15 +79,15 @@ def send_cookie(login):
|
|||
def ban():
|
||||
c = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=10)
|
||||
c["ban"] = 1
|
||||
c["ban"] = "1"
|
||||
c["ban"]["path"] = "/"
|
||||
# c["ban"]["samesite"] = "Strict"
|
||||
c["ban"]["Secure"] = "True"
|
||||
c["ban"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT")
|
||||
try:
|
||||
funct.logging('locahost', login+' failed log in', haproxywi=1, login=1)
|
||||
funct.logging('localhost', login+' failed log in', haproxywi=1, login=1)
|
||||
except:
|
||||
funct.logging('locahost', ' Failed log in. Wrong username', haproxywi=1)
|
||||
funct.logging('localhost', ' Failed log in. Wrong username', haproxywi=1)
|
||||
print(c.output())
|
||||
print("Content-type: text/html\n")
|
||||
print('ban')
|
||||
|
|
@ -106,7 +108,7 @@ def check_in_ldap(user, password):
|
|||
|
||||
ldap_proto = 'ldap' if ldap_type == "0" else 'ldaps'
|
||||
|
||||
l = ldap.initialize('{}://{}:{}/'.format(ldap_proto,server, port))
|
||||
l = ldap.initialize('{}://{}:{}/'.format(ldap_proto, server, port))
|
||||
try:
|
||||
l.protocol_version = ldap.VERSION3
|
||||
l.set_option(ldap.OPT_REFERRALS, 0)
|
||||
|
|
@ -127,7 +129,7 @@ def check_in_ldap(user, password):
|
|||
print('<center><div class="alert alert-danger">Server down</div><br /><br />')
|
||||
sys.exit()
|
||||
except ldap.LDAPError as e:
|
||||
if type(e.message) == dict and e.message.has_key('desc'):
|
||||
if type(e.message) == dict and 'desc' in e.message:
|
||||
print("Content-type: text/html\n")
|
||||
print('<center><div class="alert alert-danger">Other LDAP error: %s</div><br /><br />' % e.message['desc'])
|
||||
sys.exit()
|
||||
|
|
@ -143,13 +145,14 @@ if ref is None:
|
|||
ref = "/index.html"
|
||||
|
||||
if form.getvalue('error'):
|
||||
error_log = '<div class="alert alert-danger">Somthing wrong :( I\'m sad about this, but try again!</div><br /><br />'
|
||||
error_log = '<div class="alert alert-danger">Something wrong. Try again</div><br /><br />'
|
||||
|
||||
try:
|
||||
if sql.get_setting('session_ttl'):
|
||||
session_ttl = sql.get_setting('session_ttl')
|
||||
except:
|
||||
error = '<center><div class="alert alert-danger">Can not find "session_ttl" parametr. Check into settings, "main" section</div>'
|
||||
error = '<center><div class="alert alert-danger">Cannot find "session_ttl" parameter. ' \
|
||||
'Check it into settings, "main" section</div>'
|
||||
pass
|
||||
|
||||
try:
|
||||
|
|
@ -195,21 +198,14 @@ if login is not None and password is not None:
|
|||
sys.exit()
|
||||
print("Content-type: text/html\n")
|
||||
|
||||
if login is None:
|
||||
print("Content-type: text/html\n")
|
||||
if create_db.check_db():
|
||||
if create_db.create_table():
|
||||
create_db.update_all()
|
||||
db_create = '<div class="alert alert-success">DB was created<br /><br />Now you can login, default: admin/admin</div>'
|
||||
|
||||
create_db.update_all_silent()
|
||||
|
||||
output_from_parsed_template = template.render(h2 = 0, title = "Login page",
|
||||
role = role,
|
||||
user = user,
|
||||
error_log = error_log,
|
||||
error = error,
|
||||
ref = ref,
|
||||
versions = funct.versions(),
|
||||
db_create = db_create)
|
||||
output_from_parsed_template = template.render(h2=0, title="Login page",
|
||||
role=role,
|
||||
user=user,
|
||||
error_log=error_log,
|
||||
error=error,
|
||||
ref=ref,
|
||||
versions=funct.versions(),
|
||||
db_create=db_create)
|
||||
print(output_from_parsed_template)
|
||||
|
|
|
|||
|
|
@ -1839,8 +1839,11 @@ if form.getvalue('updatessh'):
|
|||
funct.logging('the SSH ' + name, ' has updated credentials ', haproxywi=1, login=1)
|
||||
|
||||
if form.getvalue('ssh_cert'):
|
||||
import paramiko
|
||||
|
||||
user_group = funct.get_user_group()
|
||||
name = form.getvalue('name')
|
||||
key = paramiko.pkey.load_private_key(form.getvalue('ssh_cert'))
|
||||
ssh_keys = os.path.dirname(os.getcwd()) + '/keys/' + name + '.pem'
|
||||
|
||||
if not os.path.isfile(ssh_keys):
|
||||
|
|
@ -1852,8 +1855,11 @@ if form.getvalue('ssh_cert'):
|
|||
ssh_keys = os.path.dirname(os.getcwd()) + '/keys/' + name + '.pem'
|
||||
|
||||
try:
|
||||
with open(ssh_keys, "w") as conf:
|
||||
conf.write(form.getvalue('ssh_cert'))
|
||||
cloud = sql.is_cloud()
|
||||
if cloud != '':
|
||||
key.write_private_key_file(ssh_keys, password=cloud)
|
||||
else:
|
||||
key.write_private_key_file(ssh_keys)
|
||||
except IOError:
|
||||
print('error: Cannot save SSH key file. Check SSH keys path in config')
|
||||
else:
|
||||
|
|
|
|||
102
app/sql.py
102
app/sql.py
|
|
@ -34,20 +34,24 @@ def get_cur():
|
|||
def add_user(user, email, password, role, activeuser):
|
||||
con, cur = get_cur()
|
||||
if password != 'aduser':
|
||||
sql = """INSERT INTO user (username, email, password, role, activeuser) VALUES ('%s', '%s', '%s', '%s', '%s')""" % (user, email, funct.get_hash(password), role, activeuser)
|
||||
sql = """INSERT INTO user (username, email, password, role, activeuser)
|
||||
VALUES ('%s', '%s', '%s', '%s', '%s')""" % (user, email, funct.get_hash(password), role, activeuser)
|
||||
else:
|
||||
sql = """INSERT INTO user (username, email, role, ldap_user, activeuser) VALUES ('%s', '%s', '%s', '1', '%s')""" % (user, email, role, activeuser)
|
||||
sql = """INSERT INTO user (username, email, role, ldap_user, activeuser)
|
||||
VALUES ('%s', '%s', '%s', '1', '%s')""" % (user, email, role, activeuser)
|
||||
try:
|
||||
cur.execute(sql)
|
||||
con.commit()
|
||||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_user(user, email, role, id, activeuser):
|
||||
|
|
@ -63,11 +67,13 @@ def update_user(user, email, role, id, activeuser):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_user_groups(groups, id):
|
||||
|
|
@ -79,11 +85,13 @@ def update_user_groups(groups, id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def delete_user_groups(id):
|
||||
|
|
@ -96,11 +104,13 @@ def delete_user_groups(id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_user_password(password, id):
|
||||
|
|
@ -113,11 +123,13 @@ def update_user_password(password, id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def delete_user(id):
|
||||
|
|
@ -129,11 +141,14 @@ def delete_user(id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def add_group(name, description):
|
||||
con, cur = get_cur()
|
||||
|
|
@ -158,11 +173,10 @@ def add_group(name, description):
|
|||
group_id = g[0]
|
||||
add_setting_for_new_group(group_id)
|
||||
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def add_setting_for_new_group(group_id):
|
||||
con, cur = get_cur()
|
||||
|
|
@ -215,9 +229,9 @@ def add_setting_for_new_group(group_id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def delete_group_settings(group_id):
|
||||
|
|
@ -230,6 +244,8 @@ def delete_group_settings(group_id):
|
|||
funct.out_error(e)
|
||||
con.rollback()
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
|
@ -244,11 +260,14 @@ def delete_group(id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
delete_group_settings(id)
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_group(name, descript, id):
|
||||
|
|
@ -264,11 +283,13 @@ def update_group(name, descript, id):
|
|||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx):
|
||||
|
|
@ -279,13 +300,15 @@ def add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, ha
|
|||
try:
|
||||
cur.execute(sql)
|
||||
con.commit()
|
||||
cur.close()
|
||||
con.close()
|
||||
return True
|
||||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
return False
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def delete_server(id):
|
||||
|
|
@ -371,7 +394,8 @@ def select_users(**kwargs):
|
|||
if kwargs.get("id") is not None:
|
||||
sql = """select * from user where id='%s' """ % kwargs.get("id")
|
||||
if kwargs.get("group") is not None:
|
||||
sql = """ select user.* from user left join user_groups as groups on user.id = groups.user_id where groups.user_group_id = '%s' group by id;
|
||||
sql = """ select user.* from user left
|
||||
join user_groups as groups on user.id = groups.user_id where groups.user_group_id = '%s' group by id;
|
||||
""" % kwargs.get("group")
|
||||
try:
|
||||
cur.execute(sql)
|
||||
|
|
@ -413,11 +437,9 @@ def check_user_group(user_id, group_id):
|
|||
print(str(e))
|
||||
else:
|
||||
for g in cur.fetchall():
|
||||
#print(str(g[0]))
|
||||
if g[0] != '':
|
||||
return True
|
||||
else:
|
||||
#print('Atata!')
|
||||
return False
|
||||
|
||||
cur.close()
|
||||
|
|
@ -512,6 +534,7 @@ def select_servers(**kwargs):
|
|||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def write_user_uuid(login, user_uuid):
|
||||
con, cur = get_cur()
|
||||
session_ttl = get_setting('session_ttl')
|
||||
|
|
@ -535,6 +558,7 @@ def write_user_uuid(login, user_uuid):
|
|||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def write_user_token(login, user_token):
|
||||
con, cur = get_cur()
|
||||
token_ttl = get_setting('token_ttl')
|
||||
|
|
@ -557,6 +581,7 @@ def write_user_token(login, user_token):
|
|||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def get_token(uuid):
|
||||
con, cur = get_cur()
|
||||
sql = """ select token.token from token left join uuid as uuid on uuid.user_id = token.user_id where uuid.uuid = '%s' """ % uuid
|
||||
|
|
@ -1911,13 +1936,13 @@ def check_token_exists(token):
|
|||
return True
|
||||
else:
|
||||
try:
|
||||
funct.logging('localhost', ' tried do action with wrong token', haproxywi=1, login=1)
|
||||
funct.logging('localhost', ' Tried do action with wrong token', haproxywi=1, login=1)
|
||||
except:
|
||||
funct.logging('localhost', ' An action with wrong token', haproxywi=1)
|
||||
return False
|
||||
except:
|
||||
try:
|
||||
funct.logging('localhost', ' cannot check token', haproxywi=1, login=1)
|
||||
funct.logging('localhost', ' Cannot check token', haproxywi=1, login=1)
|
||||
except:
|
||||
funct.logging('localhost', ' Cannot check token', haproxywi=1)
|
||||
return False
|
||||
|
|
@ -2222,6 +2247,23 @@ def select_alerts(user_group):
|
|||
return cur.fetchall()
|
||||
|
||||
|
||||
def is_cloud():
|
||||
con, cur = get_cur()
|
||||
sql = """ select * from cloud_uuid """
|
||||
try:
|
||||
cur.execute(sql)
|
||||
except sqltool.Error as e:
|
||||
print("An error occurred:", e)
|
||||
cur.close()
|
||||
con.close()
|
||||
return ""
|
||||
else:
|
||||
cur.close()
|
||||
con.close()
|
||||
for cloud_uuid in cur.fetchall():
|
||||
return cloud_uuid[0]
|
||||
|
||||
|
||||
form = funct.form
|
||||
error_mess = 'error: All fields must be completed'
|
||||
|
||||
|
|
|
|||
|
|
@ -2,4 +2,4 @@ pyTelegramBotAPI==3.6.3
|
|||
networkx==2.1
|
||||
matplotlib==2.1.2
|
||||
mysql-connector-python==8.0.11
|
||||
paramiko>=2.5.0
|
||||
paramiko-ng>=2.5.0
|
||||
|
|
@ -3,3 +3,4 @@ pyTelegramBotAPI==3.6.3
|
|||
networkx==2.1
|
||||
matplotlib==2.1.2
|
||||
mysql-connector-python==8.0.11
|
||||
paramiko-ng>=2.5.0
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
configparser>=3.5.0
|
||||
paramiko>=2.5.0
|
||||
paramiko-ng>=2.5.0
|
||||
pytz>=2017.3
|
||||
requests>=2.22.0
|
||||
pyTelegramBotAPI>=3.6.3
|
||||
|
|
|
|||
Loading…
Reference in New Issue