moonq/flees
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

passwords are now longer separate entities. added description field.

Browse Source
This commit is contained in:
Ville Rantanen
2018-02-15 23:05:15 +02:00
parent 0ff3f59c03
commit 46e9cea720
4 changed files with 76 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
code/app.py
View File

@@ -40,7 +40,7 @@ def index():
authenticated_share = get_share(share['name'])
password_set = False
if authenticated_share[0]:
password_set = authenticated_share[1]['authenticated'] in ('hash', 'plain')
password_set = authenticated_share[1]['authenticated'] == 'hash'
if not expired:
if public or password_set:
public_shares.append({
@@ -130,7 +130,8 @@ def list_view(name, password = None):
upload = get_or_none(share,'upload'),
overwrite = get_or_none(share,'overwrite'),
direct = allow_direct,
expire = get_or_none(share,'expire')
expire = get_or_none(share,'expire'),
description = get_or_none(share,'description',"")
)
@app.route('/logout/<name>', methods=['GET'])
@@ -275,11 +276,11 @@ def get_folder_size(path):
return total_size
def get_or_none(d,key):
def get_or_none(d,key,none = None):
if key in d:
return d[key]
else:
return None
return none
def get_share(name, require_auth = True):
@@ -291,11 +292,6 @@ def get_share(name, require_auth = True):
return (False, 'Share has expired')
authenticated = "no-pass"
if require_auth:
if 'pass_plain' in share:
authenticated = False
if name in session:
if session[name] == hashlib.sha1(share['pass_plain'].encode('utf-8')).hexdigest():
authenticated = "plain"
if 'pass_hash' in share:
authenticated = False
if name in session:

5
code/static/css/styles.css
View File

@@ -57,7 +57,10 @@ tr:nth-child(even) {
#list_title {
margin-left: 5em;
}
#list_description {
margin-left: 2em;
margin-bottom: 1em;
}
#list_menu {
float:right;
padding: 8px;

1
code/templates/list.html
View File

@@ -40,6 +40,7 @@
</div>
<div id=list_left>
<div id=list_title><h1>{{ name }}</h1></div>
<div id=list_description>{{ description }}</div>
<table class="sortable" id="list_table">
<thead>
<tr>

100
utils/flees-manager.py
View File

@@ -47,30 +47,36 @@ def file_size_human(num):
def list_shares(shares,opts):
table = []
table.append(('Name', 'Path','Public','Password','Upload','Overwrite','Direct','Expire'))
table.append(('Name', 'Path','Public','Password','PassHash','Upload','Overwrite','Direct','Expire','Description'))
for share in shares:
public = get_or_no('public',share, False)
password = 'pass_hash' in share or 'pass_plain' in share
passhash = '-'
password = 'pass_hash' in share
if opts.show_password:
if not password:
password = ""
if 'pass_plain' in share:
password = hashlib.sha1(share['pass_plain'].encode('utf-8')).hexdigest()
password = share['pass_plain']
else:
password = ""
if 'pass_hash' in share:
password = share['pass_hash']
passhash = share['pass_hash']
else:
passhash = "-"
upload = get_or_no('upload',share, False)
overwrite = get_or_no('overwrite',share, True)
direct = get_or_no('direct_links',share, False) if password else False
expire = get_or_no('expire',share, "-")
description = get_or_no('description',share, "")[0:20]
table.append((
share['name'],
share['path']+"/",
public,
password,
passhash,
upload,
overwrite,
direct,
expire
expire,
description
))
print(tabulate(table, headers = "firstrow"))
@@ -115,15 +121,13 @@ def add_share(shares, config, opts):
'upload': opts.upload,
'overwrite': opts.overwrite,
'direct_links': opts.direct,
'description': opts.description
}
if opts.plain:
share.update({
'pass_plain': opts.plain
})
if opts.hashed:
share.update({
'pass_hash': hashlib.sha1(opts.hashed).hexdigest()
})
if opts.password:
if opts.plain:
share['pass_plain'] = opts.password
share['pass_hash'] = hashlib.sha1(opts.password).hexdigest()
if opts.expire:
try:
date_object = datetime.strptime(opts.expire,"%Y-%m-%d %H:%M")
@@ -172,18 +176,35 @@ def modify_share(shares, config, opts):
for attr in ('public','upload','direct_links','overwrite'):
if getattr(opts,attr) != None:
share[attr] = getattr(opts,attr) == 'true'
if opts.plain:
share['pass_plain'] = opts.plain
if opts.hashed:
share['pass_hash'] = hashlib.sha1(opts.hashed).hexdigest()
if opts.description != None:
share['description'] = opts.description
# REMOVE password
if opts.password == "":
if 'pass_plain' in share:
del share['pass_plain']
if 'pass_hash' in share:
del share['pass_hash']
if opts.password:
# ADD/Change a password
if opts.plain:
share['pass_plain'] = opts.password
share['pass_hash'] = hashlib.sha1(opts.password).hexdigest()
if opts.expire:
try:
date_object = datetime.strptime(opts.expire,"%Y-%m-%d %H:%M")
except ValueError as e:
print(e)
print("Date format error")
sys.exit(1)
share['expire'] = opts.expire
if opts.expire == "":
# REMOVE EXPIRATION
if 'expire' in share:
del share['expire']
else:
# ADD/CHANGE EXPIRATION
try:
date_object = datetime.strptime(opts.expire,"%Y-%m-%d %H:%M")
except ValueError as e:
print(e)
print("Date format error")
sys.exit(1)
share['expire'] = opts.expire
if opts.insert:
shares[i] = share
@@ -207,6 +228,9 @@ def modify_share(shares, config, opts):
if orig_share[key] != share[key]:
modified.append(key)
continue
for key in orig_share:
if not key in share:
modified.append(key)
print("Modified values: %s"%(", ".join(modified)))
print(json.dumps(share, indent = 2, sort_keys = True))
@@ -353,38 +377,46 @@ def parse_options():
parser_add.add_argument('-p','--path', action="store", dest="path", required = True,
help= "path relative to data folder"
)
parser_add.add_argument('-D','--description', action="store", dest="description", default = "",
help= "Describe the contents"
)
parser_add.add_argument('-P','--public', action="store_true", dest="public", default = False)
parser_add.add_argument('-u','--upload', action="store_true", dest="upload", default = False)
parser_add.add_argument('-o','--overwrite', action="store_false", dest="overwrite", default = True,
help = "Disable file overwrites")
parser_add.add_argument('-d','--direct', action="store_true", dest="direct", default = False,
help = "Allow direct file sharing (password hash included in URL)")
parser_add.add_argument('--pass-plain', action="store", dest="plain", default = False)
parser_add.add_argument('--pass-hash', action="store", dest="hashed", default = False,
help = "Hashed password enables use of login links and direct downloads")
parser_add.add_argument('--pass-plain', action="store_true", dest="plain", default = False,
help = "Save the password as plain text")
parser_add.add_argument('--password', action="store", dest="password", default = False,
help = "Setting a password enables use of login links and direct downloads")
parser_add.add_argument('-e','--expire', action="store", dest="expire", default = False,
help = "expire date in format '%%Y-%%m-%%d %%H:%%M' ex. '2018-12-24 21:00'"
)
parser_add.add_argument('-i','--insert', action="store_true", dest="insert", default = False,
help = "Insert new share directly in the shares.json file"
)
## Modify
## Modify
parser_add = subparsers.add_parser('modify', help = "Modify share")
parser_add.add_argument('-n','--name', action="store", dest="name", required = True)
parser_add.add_argument('-p','--path', action="store", dest="path", default = None,
help= "path relative to data folder"
)
parser_add.add_argument('-D','--description', action="store", dest="description", default = None,
help= "Describe the contents"
)
parser_add.add_argument('-P','--public', action="store", dest="public", default = None, choices = ['true','false'])
parser_add.add_argument('-u','--upload', action="store", dest="upload", default = None, choices = ['true','false'])
parser_add.add_argument('-o','--overwrite', action="store", dest="overwrite", default = None, choices = ['true','false'],
help = "Disable file overwrites")
parser_add.add_argument('-d','--direct', action="store", dest="direct_links", default = None, choices = ['true','false'],
help = "Allow direct file sharing (password hash included in URL)")
parser_add.add_argument('--pass-plain', action="store", dest="plain", default = False)
parser_add.add_argument('--pass-hash', action="store", dest="hashed", default = False,
help = "Hashed password enables use of login links and direct downloads")
parser_add.add_argument('--pass-plain', action="store_true", dest="plain", default = False,
help = "Save the password as plain text")
parser_add.add_argument('--password', action="store", dest="password", default = False,
help = "Setting a password enables use of login links and direct downloads. Set as empty string to remove password protection.")
parser_add.add_argument('-e','--expire', action="store", dest="expire", default = False,
help = "expire date in format '%%Y-%%m-%%d %%H:%%M' ex. '2018-12-24 21:00'"
help = "expire date in format '%%Y-%%m-%%d %%H:%%M' ex. '2018-12-24 21:00'. Set as empty string to remove expiration."
)
parser_add.add_argument('-i','--insert', action="store_true", dest="insert", default = False,
help = "Insert new share directly in the shares.json file"