Commit 42a15dcb authored by Cédric de Saint Martin's avatar Cédric de Saint Martin

Merge branch 'slaprunner'

parents f8ab2eaa 1069aead
......@@ -46,6 +46,7 @@ setup(name=name,
'lampconfigure': ["mysql-python"], #needed for MySQL Database access
'zodbpack': ['ZODB3'], # needed to play with ZODB
'agent': ['erp5.util'],
'flask_auth' : ["Flask-Auth"],
},
zip_safe=False, # proxy depends on Flask, which has issues with
# accessing templates
......
......@@ -5,7 +5,7 @@ import logging.handlers
import os
import sys
import subprocess
import hashlib
from datetime import timedelta
class Parser(OptionParser):
"""
......@@ -118,15 +118,10 @@ def serve(config):
workspace = workdir,
instance_profile='instance.cfg',
software_profile='software.cfg',
SECRET_KEY='123',
SECRET_KEY="123456",
PERMANENT_SESSION_LIFETIME=timedelta(days=31),
)
if not os.path.exists(workdir):
os.mkdir(workdir)
if not os.path.exists(os.path.join(config.runner_workdir, '.users')):
#set default user and password
salt = "runner81" #to be changed
pwd = hashlib.md5( salt + "insecure" ).hexdigest()
user = "root;"+pwd+";;Slaprunner Administrator"
open(os.path.join(config.runner_workdir, '.users'), 'w').write(user)
app.run(host=config.runner_host, port=int(config.runner_port),
debug=config.debug, threaded=True)
......@@ -43,7 +43,7 @@ textarea {
}
body {
background: #2281C1;/*url("../images/1307251316-background-stripes.gif") repeat #9C9C9C;*/
background: #1E73BD;/*#1862C4 url("../images/1307251316-background-stripes.gif") repeat #9C9C9C;*/
font-family: 'Helvetica Neue',Tahoma,Helvetica,Arial,sans-serif;
color: #000000;
font-size: 13px;
......@@ -72,6 +72,7 @@ overflow-y: scroll;
text-align: left;
padding-left: 20px;
height: 30px;
position:relative;
}
#header .run{
......@@ -617,6 +618,8 @@ a.lshare img{
border-radius: 0 0 4px 4px;
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.2);
text-align: center;
position: relative;
z-index: 170;
}
#error table{
......@@ -706,8 +709,10 @@ input[type=radio]:hover {
#login-page{width:429px; height:236px; margin:130px auto 0px; background:url(../images/loginBox.png) no-repeat;
padding:10px; font-size:14px; color:#03406A}
#login-page h2{color:#fff; font-size:26px; font-weight:normal; text-indent:50px;}
.login-content{margin:10px; margin-top:40px; margin-bottom:0; height:90px;}
.login-content{position:relative;margin:10px; margin-top:30px; margin-bottom:0;}
.login-button{width:140px; margin:0 auto;}
.login-element{float:left; min-width:120px;}
.login-label{padding:5px; font-size:16px;}
.login-input{width:220px;}
\ No newline at end of file
.login-input{width:220px;}
.information{display:block; float:left; height:16px; margin-top:10px; margin-left:10px; font-weight:bold}
.account{margin-left:60px;}
\ No newline at end of file
......@@ -9,25 +9,17 @@ $(function () {
$('a[rel=tooltip], a[rel=tooltip-min], .popup').mouseover(function () {
var height = $(this).height();
var top = $(this).offset().top + height;
var left = $(this).offset().left - ($(this).width() /2);
var left = $(this).offset().left +($(this).width()/2)-30;
var content = "#tooltip-" + $(this).attr('id');
if (hideDelayTimer) clearTimeout(hideDelayTimer);
if (beingShown || shown) {
return;
} else {
} else {
$('#jqtooltip').empty();
var contentValue = $(content).clone(true, true);
/*$(contentValue).find("*").each(function(index, element) {
if(element.id){element.id = "jqt_" + element.id;}
if($(this).attr('for')){$(this).attr('for', 'jqt_' + $(this).attr('for'))}
//var events = $(content).get[0];
//for (var type in events)
// for (var handler in events[type])
// jQuery.event.add(this, type, events[type][handler], events[type][handler].data);
});*/
$(contentValue).appendTo('#jqtooltip');
$('#jqtooltip ' + content).show();
// reset position of info box
// reset position of info box
beingShown = true;
$('.popup').css({
top: top,
......@@ -49,7 +41,7 @@ $(function () {
$('.popup').animate({
top: '-=' + distance + 'px',
opacity: 0
}, time, 'swing', function () {
}, time, 'swing', function () {
$('.popup').css('display', 'none');
shown = false;
});
......
......@@ -2,10 +2,15 @@ $(document).ready( function() {
var send = false;
$("#update").click(function(){
var haspwd = false;
var hasAccount = !($("input#hasAccount").val() === "");
if($("input#username").val() === "" || !$("input#username").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Invalid user name. Please check it!", {type:'alert', duration:3000});
return false;
}
else if ($("input#username").val().length <6){
$("#error").Popup("Username must have at least 6 characters", {type:'alert', duration:3000});
return false;
}
if($("input#name").val() === ""){
$("#error").Popup("Please enter your name and surname!", {type:'alert', duration:3000});
return false;
......@@ -14,6 +19,14 @@ $(document).ready( function() {
$("#error").Popup("Please enter a valid email adress!", {type:'alert', duration:3000});
return false;
}
if(!hasAccount && !$("input#password").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Please enter your new password!", {type:'alert', duration:3000});
return false;
}
if ($("input#password").val() !== "" && $("input#password").val().length <6){
$("#error").Popup("The password must have at least 6 characters", {type:'alert', duration:3000});
return false;
}
if($("input#password").val() !== ""){
if($("input#password").val() === "" || !$("input#password").val().match(/^[\w\d\._-]+$/)){
$("#error").Popup("Please enter your new password!", {type:'alert', duration:3000});
......@@ -25,16 +38,20 @@ $(document).ready( function() {
}
haspwd = true;
}
if(!$("input#rcode").val().match(/^[\w\d]+$/)){
$("#error").Popup("Please enter your password recovery code.", {type:'alert', duration:3000});
return false;
}
if(send) return false;
send = true;
$.ajax({
type: "POST",
url: $SCRIPT_ROOT + '/updateAccount',
url: $SCRIPT_ROOT + ((hasAccount)? '/updateAccount':'/configAccount'),
data: {name: $("input#name").val(), username:$("input#username").val(), email:$("input#email").val(),
password:((haspwd) ? $("input#password").val():"")},
password:((haspwd) ? $("input#password").val():""), rcode:$("input#rcode").val()},
success: function(data){
if(data.code ==1){
$("#error").Popup("Your account informations has been saved!", {type:'confirm', duration:3000});
location.href = $SCRIPT_ROOT+"/"
}
else{
$("#error").Popup(data.result, {type:'error', duration:5000});
......
......@@ -6,7 +6,7 @@
{% endblock %}
{% block body %}
<h2 class='title'>Your personal informations</h2><br/>
<form>
<form class="account">
<div class='form'>
<label for="name">Your name: </label>
<input type='text' name='name' id='name' value='{{name}}'/>
......@@ -24,12 +24,23 @@
<input type='password' name='cpassword' id='cpassword' value=''/>
<div class='clear'></div>
<br/>
<label for="rcode">Password Recover code:</label>
<input type='password' name='rcode' id='rcode' value=''/>
<span class="information"><a href="#" id="information" rel="tooltip">help?</a></span>
<div class='clear'></div>
<br/>
<label></label>
<input type="submit" name="update" id ="update" value="Update" class="button"/>
<input type="submit" name="update" id ="update" value="Update Account" class="button"/>
<div class='clear'></div>
<br/><br/><br/>
</div>
<div id="file_info" class="file_info">leave passwords blank to preserve your current password...</div>
<br/>
<input type="hidden" name="hasAccount" id="hasAccount" value="{{name}}"/>
</form>
{% if username %}<div id="file_info" class="file_info">leave passwords blank to preserve your current password...
</div><br/>{%endif%}
<div id="tooltip-information" style="display:none; float:left">
<p style="font-size:12px;">
Please find this information in your slaprunner<br/> instance parameters.
</p>
</div>
{% endblock %}
......@@ -18,11 +18,11 @@
<div class="tabDetails">
<div id="tab1" class="tabContents">
<div id="repository" style="margin-left:40px;">
<label for='name'>Project name*: </label>
<label for='name'>Project name: </label>
<input type="text" name="name" id="name" size='20' value="Enter the project name..." />
<label for='repo'>&nbsp;url*: &nbsp;&nbsp;</label>
<label for='repo'>&nbsp;url: &nbsp;&nbsp;</label>
<input type="text" name="repo" id="repo" size='25' value="Enter the url of your repository..." /><br/>
<label for='user'>Your name: &nbsp;&nbsp;&nbsp;&nbsp;</label>
<label for='user'>Your name: &nbsp;&nbsp;&nbsp;</label>
<input type="text" name="user" id="user" size='20' value="{{name}}" />
<label for='email'>Email: </label>
<input type="text" name="email" id="email" size='25' value="{% if not email %}Enter your email adress...{% else %}{{email}}{%endif%}" />
......
......@@ -54,7 +54,7 @@
<div class="line"></div>
<a href="{{ url_for('editCurrentProject') }}" style="float:left" title="Edit your current project"><img alt="" src="{{ url_for('static', filename='images/project.png') }}" /></a>
<div class="line"></div>
<a href="{{ url_for('logout') }}" style="float:left" title="Close your session"><img alt="" src="{{ url_for('static', filename='images/logout.png') }}" /></a>
<a href="{{ url_for('dologout') }}" style="float:left" title="Close your session"><img alt="" src="{{ url_for('static', filename='images/logout.png') }}" /></a>
<div class="line"></div>
<h2 class="info">{% block title %}{% endblock %} - {{session.title}}</h2>
<div class="run"><span id="running" style="display:none"><img alt="" src="{{ url_for('static', filename='images/ajax_roller.gif') }}"
......@@ -97,7 +97,7 @@
</div>
{% if request.path != '/login' %}
<div id="footer">
SlapOs web runner &copy; Vifib SARL 2011 - All right reserved - Creative Commons Shared Alike Non Commercial
SlapOS web runner &copy; Vifib SARL 2011 - All right reserved - Creative Commons Shared Alike Non Commercial
</div>
{%endif%}
</div>
......
......@@ -6,17 +6,26 @@
{% block body %}
<form method="POST" action="">
<h2>Login to Slapos Web Runner</h2>
<div class="login-content">
<div class="login-content"><br/>
<div class="login-element login-label"><label for="clogin">Your login&nbsp; : </label></div>
<div class="login-element"><input type="text" class="login-input" name="clogin" id="clogin" value="Enter login..." /></div><br/><br/>
<div class="clear"></div>
<div class="login-element login-label"><label for="cpwd">Password : </label></div>
<div class="login-element"><input type="password" class="idleField login-input" name="cpwd" id="cpwd" value="******" /></div>
<div class="clear"></div>
<!--<br/><a href="#" id="information" rel="tooltip">do you need help?</a><br/>-->
</div>
<div style="text-align:center">
<div style="text-align:center; margin-top:7px;">
<input type="reset" class="button" value="reset" />
<input type="submit" class="button" id="login" value="login" />
</div>
</form>
<!--
<div id="tooltip-information" style="display:none">
<p style="font-size:12px;">
If it is your first connexion, use default parameters:<br/>
login: <strong>root</strong>, password: <strong>insecure</strong> and set your
one<br/> parameters at <strong>home->Your Account</strong>.
</p>
</div>-->
{% endblock %}
\ No newline at end of file
......@@ -40,46 +40,23 @@ def html_escape(text):
"""Produce entities within text."""
return "".join(html_escape_table.get(c,c) for c in text)
def checkLogin(config, login, pwd):
"""
User authentication method
Args:
config: Slaprunner configuration.
login: username of the user.
pwd: password associate to username.
Returns:
a list of user informations or False if authentication fail.
list=[username, password, email, complete_name]
"""
user = getSession(config)
salt = "runner81" #to be changed
current_pwd = hashlib.md5( salt + pwd ).hexdigest()
if current_pwd == user[1]:
return user
return False
def getSession(config):
"""
Get the session data of current user.
Returns:
a list of user informations or False if fail to read data.
"""
user_path = os.path.join(config['runner_workdir'], '.users')
user_path = os.path.join(config['etc_dir'], '.users')
user = ""
if os.path.exists(user_path):
user = open(user_path, 'r').read().split(';')
f = open(user_path, 'r')
user = f.read().split(';')
f.close()
if type(user) == type(""):
#Error: try to restore data from backup
if os.path.exists(user_path+'.back'):
os.rename(user_path+'.back', user_path)
user = open(user_path, 'r').read().split(';')
else:
return False
return False
return user
def saveSession(config, session, account):
def saveSession(config, account):
"""
Save account information for the current user
......@@ -91,20 +68,20 @@ def saveSession(config, session, account):
Returns:
True if all goes well or str (error message) if fail
"""
user = os.path.join(config['runner_workdir'], '.users')
user = os.path.join(config['etc_dir'], '.users')
backup = False
try:
if account[1]:
salt = "runner81" #to be changed
account[1] = hashlib.md5(salt + account[1]).hexdigest()
else:
account[1] = session['account'][1]
#backup previous data
open(user+'.back', 'w').write(';'.join(session['account']))
backup = True
if os.path.exists(user):
f = open(user, 'r')
#backup previous data
data = f.read()
open(user+'.back', 'w').write(data)
f.close()
backup = True
if not account[1]:
account[1] = data.split(';')[1]
#save new account data
open(user, 'w').write((';'.join(account)).encode("utf-8"))
session['account'] = account
return True
except Exception, e:
try:
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment