2019-09-14 18:36:23 -04:00
|
|
|
<!DOCTYPE html>
|
|
|
|
|
<html lang="en">
|
|
|
|
|
<head>
|
|
|
|
|
<title>Buckler</title>
|
2019-09-25 12:51:36 -04:00
|
|
|
<link rel="stylesheet" type="text/css" href="/static/buckler.css">
|
2019-09-20 19:24:12 -04:00
|
|
|
<script>
|
2020-11-20 19:32:32 -05:00
|
|
|
var user_perms = {{ user_perms_json|safe }};
|
2019-09-20 19:24:12 -04:00
|
|
|
</script>
|
|
|
|
|
<script type="text/javascript" src="/static/buckler.js"></script>
|
2019-09-25 12:51:36 -04:00
|
|
|
<script>window.onload = load;</script>
|
2019-09-25 15:12:58 -04:00
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=0.8">
|
|
|
|
|
<meta name="description" content="A small shield for web applications.">
|
2019-09-14 18:36:23 -04:00
|
|
|
</head>
|
|
|
|
|
<body>
|
2019-09-20 19:24:12 -04:00
|
|
|
<header>
|
2019-09-25 15:12:58 -04:00
|
|
|
<object id="logo" title="Buckler logo" data="/static/buckler_icon.svg"></object>
|
2019-09-20 19:24:12 -04:00
|
|
|
<h1>Buckler</h1>
|
2020-11-18 13:09:09 -05:00
|
|
|
<span id="username">Logged in as: <b>{{ request['session']['username'] }}</b> (<a href="./logout">Logout</a>)</span>
|
2019-09-20 19:24:12 -04:00
|
|
|
</header>
|
|
|
|
|
<main>
|
2019-09-24 19:34:20 -04:00
|
|
|
<section>
|
2019-09-25 12:51:36 -04:00
|
|
|
<h2>Available Sites</h2>
|
|
|
|
|
<article>
|
|
|
|
|
<hr>
|
|
|
|
|
<ul id="avail_sites">
|
|
|
|
|
{% for site in avail_sites %}
|
|
|
|
|
<li><a href="{{ site['url'] }}">{{ site['name'] }}</a></li>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</ul>
|
|
|
|
|
</article>
|
2019-09-24 19:34:20 -04:00
|
|
|
</section>
|
2019-09-20 19:24:12 -04:00
|
|
|
{% if request['session']['admin'] %}
|
2019-09-24 19:34:20 -04:00
|
|
|
<section>
|
2019-09-27 13:57:00 -04:00
|
|
|
<h2>Admin Panel</h2>
|
2019-09-25 15:00:29 -04:00
|
|
|
<article style="display: none;">
|
2019-10-17 13:38:40 -04:00
|
|
|
<hr>
|
2019-09-27 13:57:00 -04:00
|
|
|
<section class="sub_section">
|
|
|
|
|
<h3>User Permissions</h3>
|
|
|
|
|
<article style="display: none;">
|
|
|
|
|
<hr>
|
2020-11-20 19:32:32 -05:00
|
|
|
<form id="user_perm_form">
|
2019-10-17 20:58:20 -04:00
|
|
|
<input name="form_name" type="hidden" value="change_user_perms">
|
|
|
|
|
<table id="users">
|
|
|
|
|
<thead>
|
|
|
|
|
<tr>
|
|
|
|
|
<th>User</th>
|
|
|
|
|
{% for app in apps %}
|
2020-11-20 19:32:32 -05:00
|
|
|
<th data-app-id="{{ app['id'] }}">{{ app['name'] }}</th>
|
2019-10-17 20:58:20 -04:00
|
|
|
{% endfor %}
|
|
|
|
|
</tr>
|
|
|
|
|
</thead>
|
|
|
|
|
<tbody>
|
2020-11-20 19:32:32 -05:00
|
|
|
{% for user_id, values in user_perms_dict.items() %}
|
2019-10-17 20:58:20 -04:00
|
|
|
<tr>
|
2020-11-20 19:32:32 -05:00
|
|
|
<td data-user-id="{{ user_id }}">{{ users_dict[user_id] }}</td>
|
|
|
|
|
{% for app_id, value in values.items() %}
|
|
|
|
|
<td><input aria-label="{{ users_dict[user_id] }}-{{ apps_dict[app_id] }}" data-user-id="{{ user_id }}" data-app-id="{{ app_id }}" type="checkbox"{% if value %} checked{% endif %}></td>
|
2019-10-17 20:58:20 -04:00
|
|
|
{% endfor %}
|
|
|
|
|
</tr>
|
2019-09-27 13:57:00 -04:00
|
|
|
{% endfor %}
|
2019-10-17 20:58:20 -04:00
|
|
|
</tbody>
|
|
|
|
|
</table>
|
|
|
|
|
<input type="submit" value="Submit">
|
|
|
|
|
</form>
|
2019-09-27 13:57:00 -04:00
|
|
|
</article>
|
|
|
|
|
</section>
|
2019-10-17 13:38:40 -04:00
|
|
|
<br>
|
2019-09-29 13:25:07 -04:00
|
|
|
<section class="sub_section">
|
|
|
|
|
<h3>Invite New User</h3>
|
|
|
|
|
<article style="display: none;">
|
|
|
|
|
<hr>
|
|
|
|
|
<form method="post" enctype="application/x-www-form-urlencoded">
|
|
|
|
|
<input name="form_name" type="hidden" value="invite_user">
|
|
|
|
|
<label for="new_user_email">Email</label>
|
|
|
|
|
<input id="new_user_email" name="email" type="email">
|
|
|
|
|
<p><input type="submit" value="Submit">
|
2019-10-17 13:47:25 -04:00
|
|
|
</form>
|
|
|
|
|
</article>
|
|
|
|
|
</section>
|
|
|
|
|
<br>
|
|
|
|
|
<section class="sub_section">
|
|
|
|
|
<h3>Add New App</h3>
|
|
|
|
|
<article style="display: none;">
|
|
|
|
|
<hr>
|
|
|
|
|
<form method="post" enctype="application/x-www-form-urlencoded">
|
|
|
|
|
<input name="form_name" type="hidden" value="new_app">
|
|
|
|
|
<table id="new_app" class="no_borders">
|
|
|
|
|
<tr>
|
|
|
|
|
<td><label for="new_app_name">App Name</label></td>
|
|
|
|
|
<td><input id="new_app_name" name="app_name" type="text"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td><label for="new_app_url">App URL</label></td>
|
|
|
|
|
<td><input id="new_app_url" name="app_url" type="text"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td><label for="new_app_key">App Key</label></td>
|
|
|
|
|
<td><input id="new_app_key" name="app_key" type="password"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
</table>
|
|
|
|
|
<input type="submit" value="Submit">
|
2019-09-29 13:25:07 -04:00
|
|
|
</form>
|
|
|
|
|
</article>
|
|
|
|
|
</section>
|
2019-09-25 12:51:36 -04:00
|
|
|
</article>
|
2019-09-24 19:34:20 -04:00
|
|
|
</section>
|
2019-09-20 19:24:12 -04:00
|
|
|
{% endif %}
|
2019-09-24 19:34:20 -04:00
|
|
|
<section>
|
2019-09-25 12:51:36 -04:00
|
|
|
<h2>Change Password</h2>
|
2019-09-25 15:00:29 -04:00
|
|
|
<article style="display: none;">
|
2019-09-25 12:51:36 -04:00
|
|
|
<hr>
|
2019-09-29 13:25:07 -04:00
|
|
|
<form method="post" enctype="application/x-www-form-urlencoded">
|
|
|
|
|
<input name="form_name" type="hidden" value="change_password">
|
|
|
|
|
<table id="change_password" class="no_borders">
|
2019-09-27 13:53:36 -04:00
|
|
|
<tr>
|
|
|
|
|
<td><label for="current_password">Current password</label></td>
|
|
|
|
|
<td><input id="current_password" name="current_password" type="password"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td><label for="new_password">New password</label></td>
|
|
|
|
|
<td><input id="new_password" name="new_password" type="password"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
<tr>
|
|
|
|
|
<td><label for="verify_password">Verify password</label></td>
|
|
|
|
|
<td><input id="verify_password" name="verify_password" type="password"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
</table>
|
2019-09-25 12:51:36 -04:00
|
|
|
<input type="submit" value="Submit">
|
|
|
|
|
</form>
|
|
|
|
|
</article>
|
2019-09-24 19:34:20 -04:00
|
|
|
</section>
|
|
|
|
|
<section>
|
2019-09-25 12:51:36 -04:00
|
|
|
<h2>Security Keys</h2>
|
2019-09-25 15:00:29 -04:00
|
|
|
<article style="display: none;">
|
2019-09-25 12:51:36 -04:00
|
|
|
<hr>
|
|
|
|
|
{% if fido2_keys %}
|
2019-09-29 13:25:07 -04:00
|
|
|
<form method="POST" enctype="application/x-www-form-urlencoded">
|
|
|
|
|
<input name="form_name" type="hidden" value="delete_key">
|
2019-09-26 18:29:39 -04:00
|
|
|
<table id="security_keys">
|
|
|
|
|
<thead>
|
|
|
|
|
<tr>
|
|
|
|
|
<th>Nick</th>
|
|
|
|
|
<th>Delete</th>
|
|
|
|
|
</tr>
|
|
|
|
|
</thead>
|
|
|
|
|
<tbody>
|
|
|
|
|
{% for key in fido2_keys %}
|
|
|
|
|
<tr>
|
|
|
|
|
<td>{{ key['nick'] }}</td>
|
|
|
|
|
<td><input aria-label="Delete {{ key['nick'] }}" id="fido-{{ key['id'] }}" name="fido-{{ key['id'] }}" type="checkbox"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</tbody>
|
|
|
|
|
</table>
|
|
|
|
|
<input type="submit" value="Delete">
|
|
|
|
|
</form>
|
2019-09-25 12:51:36 -04:00
|
|
|
{% else %}
|
|
|
|
|
<span>No registered keys.</span>
|
|
|
|
|
{% endif %}
|
|
|
|
|
<br><a href="./add_key">Add key</a>
|
|
|
|
|
</article>
|
2019-09-24 19:34:20 -04:00
|
|
|
</section>
|
2019-09-25 15:00:29 -04:00
|
|
|
<section>
|
|
|
|
|
<h2>Active Sessions</h2>
|
|
|
|
|
<article style="display: none;">
|
|
|
|
|
<hr>
|
2019-09-29 13:25:07 -04:00
|
|
|
<form method="POST" enctype="application/x-www-form-urlencoded">
|
|
|
|
|
<input name="form_name" type="hidden" value="delete_session">
|
2019-09-26 18:44:00 -04:00
|
|
|
<table id="active_sessions">
|
|
|
|
|
<thead>
|
|
|
|
|
<tr>
|
|
|
|
|
<th>Session ID</th>
|
|
|
|
|
<th>IP Address</th>
|
2019-09-26 19:15:46 -04:00
|
|
|
<th>Created</th>
|
|
|
|
|
<th>Last Used</th>
|
2019-09-26 18:44:00 -04:00
|
|
|
<th>Delete</th>
|
|
|
|
|
</tr>
|
|
|
|
|
</thead>
|
|
|
|
|
<tbody>
|
|
|
|
|
{% for session in active_sessions %}
|
|
|
|
|
<tr>
|
|
|
|
|
<td><code>{{ session['id'][:5] }}...{{ session['id'][-5:] }}</code></td>
|
|
|
|
|
<td>{{ session['ip_address'] }}</td>
|
2019-09-26 19:15:46 -04:00
|
|
|
<td>{{ session['date_created'].strftime('%Y-%m-%d %H:%M') }}</td>
|
|
|
|
|
<td>{{ session['last_used'].strftime('%Y-%m-%d %H:%M') }}</td>
|
2019-09-26 18:44:00 -04:00
|
|
|
<td><input aria-label="Delete {{ session['id'][:5] }}...{{ session['id'][-5:] }}" id="session-{{ session['id'] }}" name="session-{{ session['id'] }}" type="checkbox"></td>
|
|
|
|
|
</tr>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</tbody>
|
|
|
|
|
</table>
|
|
|
|
|
<input type="submit" value="Delete">
|
|
|
|
|
</form>
|
2019-09-25 15:00:29 -04:00
|
|
|
</article>
|
|
|
|
|
</section>
|
2019-09-20 19:24:12 -04:00
|
|
|
</main>
|
2019-09-14 18:36:23 -04:00
|
|
|
</body>
|
|
|
|
|
</html>
|
