github
/
teleport
mirror of https://github.com/tp4a/teleport
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

temp

pull/105/head
ApexLiu 2017-11-11 01:10:51 +08:00
parent 1db8db69c6
commit 6e62cafe36
8 changed files with 87 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
server/www/teleport/static/js/teleport.js
View File

@ -49,20 +49,19 @@ var CALLBACK_STACK = {
} }
}; };
// self.check_error = function() {
// if (self.cb_stack.length > 0) {
// console.error('callback stack have '+ self.cb_stack.length + ' function not called.');
// }
// };
return self; return self;
} }
}; };
// console.log(window.location, window.location.protocol+'://'+window.location.host);
// Teleport核心JS // Teleport核心JS
var $tp = { var $tp = {
server_host: window.location.hostname || '', // server_host: window.location.hostname || '',
server_port: (window.location.port === "") ? 80 : parseInt(window.location.port), // server_port: (window.location.port === "") ? 80 : parseInt(window.location.port),
web_server: window.location.protocol+'://'+window.location.host,
// Teleport页面应用对象放置页面自身特有的属性和函数 // Teleport页面应用对象放置页面自身特有的属性和函数
app: { app: {

4
server/www/teleport/static/js/user/user-list.js
View File

@ -991,7 +991,7 @@ $app.create_dlg_reset_password = function () {
$tp.ajax_post_json('/user/reset-password', { $tp.ajax_post_json('/user/reset-password', {
id: dlg.field_id, id: dlg.field_id,
mode: 1, mode: 1,
email: dlg.field_email, // email: dlg.field_email,
password: '' password: ''
}, },
function (ret) { function (ret) {
@ -1022,7 +1022,7 @@ $app.create_dlg_reset_password = function () {
$tp.ajax_post_json('/user/reset-password', { $tp.ajax_post_json('/user/reset-password', {
id: dlg.field_id, id: dlg.field_id,
mode: 2, mode: 2,
email: '', // email: '',
password: dlg.field_password password: dlg.field_password
}, },
function (ret) { function (ret) {

2
server/www/teleport/webroot/app/base/configs.py
View File

@ -455,7 +455,7 @@ class AppConfig(BaseAppConfig):
if conf_data is None: if conf_data is None:
log.w('system default config info is empty.\n') log.w('system default config info is empty.\n')
return True # return True
# ===================================== # =====================================
# 密码策略相关 # 密码策略相关

20
server/www/teleport/webroot/app/base/database/create.py
View File

@ -17,6 +17,7 @@ class DatabaseInit:
self._create_config() self._create_config()
self._create_role() self._create_role()
self._create_user() self._create_user()
self._create_user_rpt()
self._create_host() self._create_host()
self._create_acc() self._create_acc()
self._create_acc_auth() self._create_acc_auth()
@ -160,6 +161,25 @@ class DatabaseInit:
'CREATE TABLE {}user ({});'.format(self.db.table_prefix, ','.join(f)) 'CREATE TABLE {}user ({});'.format(self.db.table_prefix, ','.join(f))
) )
def _create_user_rpt(self):
""" 用户忘记密码时重置需要进行验证的token24小时有效
"""
f = list()
# id: 自增主键
f.append('id integer PRIMARY KEY {}'.format(self.db.auto_increment))
# user_id: user's id
f.append('user_id int(11) DEFAULT 0')
# token: token
f.append('token varchar(48) DEFAULT ""')
# create_time: 创建时间
f.append('create_time int(11) DEFAULT 0')
self._db_exec(
'创建用户找回密码表 user_rpt',
'CREATE TABLE {}user_rpt ({});'.format(self.db.table_prefix, ','.join(f))
)
def _create_group(self): def _create_group(self):
""" 组信息(各种组,包括用户组、主机组、账号组等) """ 组信息(各种组,包括用户组、主机组、账号组等)
""" """

1
server/www/teleport/webroot/app/base/webapp.py
View File

@ -74,6 +74,7 @@ class WebApp:
if _db.need_create or _db.need_upgrade: if _db.need_create or _db.need_upgrade:
cfg.app_mode = APP_MODE_MAINTENANCE cfg.app_mode = APP_MODE_MAINTENANCE
get_cfg().update_sys(None)
else: else:
cfg.app_mode = APP_MODE_NORMAL cfg.app_mode = APP_MODE_NORMAL
_db.load_system_config() _db.load_system_config()

15
server/www/teleport/webroot/app/controller/user.py
View File

@ -19,6 +19,7 @@ from app.base.controller import TPBaseHandler, TPBaseJsonHandler
class UserListHandler(TPBaseHandler): class UserListHandler(TPBaseHandler):
def get(self): def get(self):
ret = self.check_privilege(TP_PRIVILEGE_USER_CREATE) ret = self.check_privilege(TP_PRIVILEGE_USER_CREATE)
if ret != TPE_OK: if ret != TPE_OK:
return return
@ -446,7 +447,7 @@ class DoResetPasswordHandler(TPBaseJsonHandler):
try: try:
user_id = int(args['id']) user_id = int(args['id'])
mode = int(args['mode']) mode = int(args['mode'])
email = args['email'].strip() # email = args['email'].strip()
password = args['password'] password = args['password']
except: except:
return self.write_json(TPE_PARAM) return self.write_json(TPE_PARAM)
@ -455,11 +456,17 @@ class DoResetPasswordHandler(TPBaseJsonHandler):
return self.write_json(TPE_PARAM) return self.write_json(TPE_PARAM)
if mode == 1: if mode == 1:
if len(email) == 0: # if len(email) == 0:
return self.write_json(TPE_PARAM) # return self.write_json(TPE_PARAM)
err, email, token = user.generate_reset_password_token(self, user_id)
print(err, email, token)
# 生成一个密码重置链接24小时有效 # 生成一个密码重置链接24小时有效
reset_url = 'http://127.0.0.1/user/validate-password-reset-token?token=G66LXH0EOJ47OXTH7O5KBQ0PHXRSBXBVVFALI6JBJ8HNWUALWI35QECPJ8UV8DEQ' # token = tp_generate_random(16)
reset_url = '{}://{}/user/validate-password-reset-token?token={}'.format(self.request.protocol, self.request.host, token)
# reset_url = 'http://127.0.0.1/user/validate-password-reset-token?token=G66LXH0EOJ47OXTH7O5KBQ0PHXRSBXBVVFALI6JBJ8HNWUALWI35QECPJ8UV8DEQ'
err, msg = yield mail.tp_send_mail( err, msg = yield mail.tp_send_mail(
email, email,

4
server/www/teleport/webroot/app/model/record.py
View File

@ -309,10 +309,6 @@ def cleanup_storage(handler):
msg = [] msg = []
have_error = False have_error = False
# for test.
# sto.keep_log = 5
# sto.keep_record = 5
s = SQL(db) s = SQL(db)
chk_time = _now - sto.keep_log * 24 * 60 * 60 chk_time = _now - sto.keep_log * 24 * 60 * 60

46
server/www/teleport/webroot/app/model/user.py
View File

@ -5,7 +5,7 @@
from app.base.configs import get_cfg from app.base.configs import get_cfg
from app.base.db import get_db, SQL from app.base.db import get_db, SQL
from app.base.logger import log from app.base.logger import log
from app.base.utils import tp_timestamp_utc_now from app.base.utils import tp_timestamp_utc_now, tp_generate_random
from app.const import * from app.const import *
from app.model import syslog from app.model import syslog
@ -246,6 +246,50 @@ def set_password(handler, user_id, password):
return TPE_OK return TPE_OK
def generate_reset_password_token(handler, user_id):
db = get_db()
operator = handler.get_current_user()
s = SQL(db)
_time_now = tp_timestamp_utc_now()
# 0. query user's email by user_id
err = s.select_from('user', ['email'], alt_name='u').where('u.id={user_id}'.format(user_id=user_id)).query()
if err != TPE_OK:
return err, None, None
if len(s.recorder) == 0:
return TPE_DATABASE, None, None
email = s.recorder[0].email
# 1. clean all timed out tokens.
s.reset().delete_from('user_rpt').where('create_time<{}'.format(_time_now - 24 * 60 * 60)).exec()
# 2. find out if this user already have a token.
err = s.reset().select_from('user_rpt', ['id'], alt_name='u').where('u.user_id={}'.format(user_id)).query()
if err != TPE_OK:
return err, None, None
token = tp_generate_random(16)
if len(s.recorder) == 0:
sql = 'INSERT INTO `{dbtp}user_rpt` (user_id, token, create_time) VALUES ' \
'({user_id}, "{token}", {create_time});' \
''.format(dbtp=db.table_prefix, user_id=user_id, token=token, create_time=_time_now)
db_ret = db.exec(sql)
if not db_ret:
return TPE_DATABASE, None, None
else:
sql = 'UPDATE `{dbtp}user_rpt` SET token="{token}", create_time={create_time} WHERE user_id={user_id};' \
''.format(dbtp=db.table_prefix, token=token, create_time=_time_now, user_id=user_id)
db_ret = db.exec(sql)
if not db_ret:
return TPE_DATABASE, None, None
# syslog.sys_log(operator, handler.request.remote_ip, TPE_OK, "为用户 {} 手动重置了密码".format(name))
return TPE_OK, email, token
def update_login_info(handler, user_id): def update_login_info(handler, user_id):
db = get_db() db = get_db()
_time_now = tp_timestamp_utc_now() _time_now = tp_timestamp_utc_now()