diff options
-rw-r--r-- | guard/application.py | 2 | ||||
-rw-r--r-- | guard/templates.py | 11 | ||||
-rwxr-xr-x | run.py | 3 | ||||
-rw-r--r-- | static/main.js | 7 |
4 files changed, 12 insertions, 11 deletions
diff --git a/guard/application.py b/guard/application.py index 4782bac..45261ec 100644 --- a/guard/application.py +++ b/guard/application.py @@ -23,7 +23,7 @@ def make_app(app, config): Access.create(token=request.form["token"], pattern=request.form["pattern"], comment=request.form["comment"]) - return templates.index(config['port'], cookiename) + return templates.index(config) @app.route("/delete", methods=["POST"]) def delete(): diff --git a/guard/templates.py b/guard/templates.py index 3cc1373..d1baa7e 100644 --- a/guard/templates.py +++ b/guard/templates.py @@ -38,19 +38,20 @@ def _index_access(accesses: Iterable[model.Access]): ), accesses) -def index(serverport: str, cookiename: str) -> str: +def index(config: type) -> str: return _html( E.head( E.title("Manage access tokens"), + E.script("const TOKEN_LENGTH = {};".format(config['gen_token_len'])), E.script("", src="static/main.js") ), E.body(E.div( E.p(E.a("Logout", href=url_for("logout"))), E.p("Call the write-service like: ", - E.pre("http://thisMachine:{}/write".format(serverport)), - "with the token in a cookie named {}".format(cookiename)), + E.pre("http://thisMachine:{}/write".format(config['port'])), + "with the token in a cookie named {}".format(config['cookiename'])), E.p("Or directly in the url: ", - E.pre("http://thisMachine:{}/write/<token>".format(serverport))), + E.pre("http://thisMachine:{}/write/<token>".format(config['port']))), E.form( E.input(type="hidden", name="action", value="create"), E.input(name="token", placeholder="Token secret", id="tokenField"), @@ -62,7 +63,7 @@ def index(serverport: str, cookiename: str) -> str: E.hr(), E.table( E.tr( - E.th("cookie: " + cookiename + " value"), E.th("Pattern"), + E.th("cookie: " + config['cookiename'] + " value"), E.th("Pattern"), E.th("Create Date"), E.th("Comment"), E.th() ), border="1", style="width: 100%", *_index_access(model.Access.select().order_by(model.Access.create_date)) @@ -38,7 +38,8 @@ def get_config(path: str = None) -> ConfigParser: "port": "8001", "cookiename": "token", "adminsecret": "changeme", - "debug": "false" + "gen_token_len": 22, + "debug": "false", } if path is not None: config.read(path) diff --git a/static/main.js b/static/main.js index e00efd4..d03c1b9 100644 --- a/static/main.js +++ b/static/main.js @@ -1,10 +1,9 @@ -// Generate random token string - -const KEY_LENGTH = 20; +// Generate random token string +// TOKEN_LENGTH is provided by a inline script const ALPHABET_BASE58 = '123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ'; function genToken() { - const rand_buffer = Array.from(window.crypto.getRandomValues(new Uint32Array(KEY_LENGTH))); + const rand_buffer = Array.from(window.crypto.getRandomValues(new Uint32Array(TOKEN_LENGTH))); const rand_chars = rand_buffer.map(elem => ALPHABET_BASE58.charAt(Math.round(elem/4294967295*58))); const token = rand_chars.join(""); |