iou1name/Buckler
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: iou1name:06cf8161e9ac1244c1b9fb6b837d7a9d10b1afa9
Branches Tags
iou1name:master
...
compare: iou1name:0f8f691a3ec1e0883bdd9e3918882fcca744507b
Branches Tags
iou1name:master

3 Commits
06cf8161e9 ... 0f8f691a3e

Author SHA1 Message Date
iou1name
0f8f691a3e admin panel 2019-09-27 13:57:00 -04:00
iou1name
8daf81ac46 implemented /change_password 2019-09-27 13:53:36 -04:00
iou1name
74cd0713ec sort sessions by last_used 2019-09-26 19:26:29 -04:00
4 changed files with 98 additions and 34 deletions
Show Stats Expand all files Collapse all files

28
buckler.py
View File

@ -45,7 +45,7 @@ async def index(request):
request['session']['id']) request['session']['id'])
active_sessions = await conn.fetch( active_sessions = await conn.fetch(
"SELECT id, ip_address, date_created, last_used FROM user_session " "SELECT id, ip_address, date_created, last_used FROM user_session "
"WHERE user_id = $1", "WHERE user_id = $1 ORDER BY last_used DESC",
request['session']['id']) request['session']['id'])
if request['session']['admin']: if request['session']['admin']:
@ -58,11 +58,33 @@ async def index(request):
return render_template("index.html", request, locals()) return render_template("index.html", request, locals())
@routes.get(config.url_prefix + '/change_password', name='change_password') @routes.post(config.url_prefix + '/change_password', name='change_password')
@auth.auth_required @auth.auth_required
async def change_password(request): async def change_password(request):
"""Allows a user to change their password.""" """Allows a user to change their password."""
pass data = await request.post()
current_pw = data.get('current_password')
new_pw = data.get('new_password')
verify_pw = data.get('verify_password')
if not all(current_pw, new_pw, verify_pw):
return
if not new_pw == verify_pw:
return
async with request.app['pool'].acquire() as conn:
pw_hash = conn.fetchrow(
"SELECT password_hash FROM user_info WHERE id = $1",
request['session']['id'])
if not argon2.verify(current_pw, pw_hash['password_hash']):
return
h = argon2.hash(new_pw)
conn.execute(
"UPDATE user_info SET password_hash = $1 WHERE id = $2",
h, request['session']['id'])
index_url = request.app.router['index'].url_for()
raise web.HTTPFound(location=index_url)
@routes.get(config.url_prefix + '/login', name='login') @routes.get(config.url_prefix + '/login', name='login')

26
static/buckler.css
View File

@ -3,6 +3,7 @@ body {
margin-right: 10%; margin-right: 10%;
background-color: lightgray; background-color: lightgray;
font-family: Helvetica,sans-serif; font-family: Helvetica,sans-serif;
font-size: 14px;
} }
header { header {
@ -29,12 +30,21 @@ main section {
0 1px 5px 0 rgba(0, 0, 0, 0.12); 0 1px 5px 0 rgba(0, 0, 0, 0.12);
} }
h2 { .sub_section {
box-shadow: none;
border: 1px solid lightgray;
}
h2, h3 {
font-size: 16px; font-size: 16px;
margin: 0; margin: 0;
cursor: pointer; cursor: pointer;
} }
h3 {
font-size: 14px;
}
#avail_sites { #avail_sites {
margin: 0; margin: 0;
padding-left: 1em; padding-left: 1em;
@ -54,3 +64,17 @@ tr {
td { td {
text-align: center; text-align: center;
} }
#change_password {
border: none;
border-collapse: separate;
width: auto;
}
#change_password tr {
border: none;
}
#change_password td {
text-align: left;
}

5
static/buckler.js
View File

@ -1,5 +1,10 @@
function load() { function load() {
let headers = document.querySelectorAll('h2'); let headers = document.querySelectorAll('h2');
headers = Array.prototype.slice.call(headers);
let headers3 = document.querySelectorAll('h3');
headers3 = Array.prototype.slice.call(headers3);
headers = headers.concat(headers3);
headers.forEach(function(header) { headers.forEach(function(header) {
header.addEventListener('click', function() { header.addEventListener('click', function() {
let article = this.nextElementSibling; let article = this.nextElementSibling;

27
templates/index.html
View File

@ -30,7 +30,10 @@
</section> </section>
{% if request['session']['admin'] %} {% if request['session']['admin'] %}
<section> <section>
<h2>User Permissions</h2> <h2>Admin Panel</h2>
<article style="display: none;">
<section class="sub_section">
<h3>User Permissions</h3>
<article style="display: none;"> <article style="display: none;">
<hr> <hr>
<table id="users"> <table id="users">
@ -57,18 +60,28 @@
</table> </table>
</article> </article>
</section> </section>
</article>
</section>
{% endif %} {% endif %}
<section> <section>
<h2>Change Password</h2> <h2>Change Password</h2>
<article style="display: none;"> <article style="display: none;">
<hr> <hr>
<form action="{{ request.app.router['change_password'].url_for() }}" method="post" enctype="application/x-www-form-urlencoded"> <form action="{{ request.app.router['change_password'].url_for() }}" method="post" enctype="application/x-www-form-urlencoded">
<label for="current_password">Current password</label> <table id="change_password">
<input id="current_password" name="current_password" type="password"><br> <tr>
<label for="new_password">New password</label> <td><label for="current_password">Current password</label></td>
<input id="new_password" name="new_password" type="password"><br> <td><input id="current_password" name="current_password" type="password"></td>
<label for="verify_password">Verify password</label> </tr>
<input id="verify_password" name="verify_password" type="password"><br> <tr>
<td><label for="new_password">New password</label></td>
<td><input id="new_password" name="new_password" type="password"></td>
</tr>
<tr>
<td><label for="verify_password">Verify password</label></td>
<td><input id="verify_password" name="verify_password" type="password"></td>
</tr>
</table>
<input type="submit" value="Submit"> <input type="submit" value="Submit">
</form> </form>
</article> </article>