chg: [UI] add basic user management

pull/359/head
Terrtia 2019-05-02 17:31:14 +02:00
parent 1bf752fbfc
commit 1ab1a55a4f
No known key found for this signature in database
GPG Key ID: 1E1B1F50D84613D0
16 changed files with 293 additions and 2 deletions

36
bin/packages/User.py Executable file
View File

@ -0,0 +1,36 @@
#!/usr/bin/env python3
# -*-coding:UTF-8 -*
import redis
from flask_login import UserMixin
class User(UserMixin):
def __init__(self, id):
self.id = 'abcdef'
# return True or False
#def is_authenticated():
# return True or False
#def is_active():
# return True or False
#def is_anonymous():
@classmethod
def get(self_class, id):
print(id)
return self_class(id)
def check_password(self, password):
print(self.id)
if password=='admin':
print('password ok')
return True
else:
return False
def set_password(self):
return True

View File

@ -43,9 +43,11 @@ psutil
phonenumbers
ipython
flask
texttable
flask
flask-login
#DomainClassifier
DomainClassifier
#Indexer requirements

View File

@ -3,11 +3,14 @@
import redis
import configparser
import random
import json
import datetime
import time
import calendar
from flask import Flask, render_template, jsonify, request, Request
from flask import Flask, render_template, jsonify, request, Request, session, redirect, url_for
from flask_login import LoginManager, current_user, login_user, logout_user, login_required
import flask
import importlib
import os
@ -18,6 +21,8 @@ sys.path.append('./modules/')
import Paste
from Date import Date
from User import User
from pytaxonomies import Taxonomies
# Import config
@ -34,6 +39,18 @@ Flask_config.app = Flask(__name__, static_url_path=baseUrl+'/static/')
app = Flask_config.app
app.config['MAX_CONTENT_LENGTH'] = 900 * 1024 * 1024
# ========= session ========
app.secret_key = str(random.getrandbits(256))
login_manager = LoginManager()
login_manager.login_view = 'login'
login_manager.init_app(app)
# ========= LOGIN MANAGER ========
@login_manager.user_loader
def load_user(user_id):
return User.get(user_id)
# ========= HEADER GENERATION ========
# Get headers items that should be ignored (not displayed)
@ -118,6 +135,41 @@ def add_header(response):
return response
# ========== ROUTES ============
@app.route('/login', methods=['POST', 'GET'])
def login():
if request.method == 'POST':
username = request.form.get('username')
password = request.form.get('password')
next_page = request.form.get('next_page')
print(username)
print(password)
if username is not None:
user = User.get(username)
#print(user.is_anonymous)
#print('auth') # TODO: overwrite
#print(user.is_authenticated)
if user and user.check_password(password):
login_user(user) ## TODO: use remember me ?
return redirect(url_for('dashboard.index'))
else:
return 'incorrect password'
return 'none'
else:
next_page = request.args.get('next')
print(next_page)
return render_template("login.html", next_page=next_page)
@app.route('/logout')
@login_required
def logout():
logout_user()
return redirect(url_for('dashboard.index'))
@app.route('/searchbox/')
def searchbox():
return render_template("searchbox.html")

View File

@ -6,6 +6,7 @@
'''
import redis
from flask import Flask, render_template, jsonify, request, Blueprint, url_for, redirect
from flask_login import login_required
import unicodedata
import string
@ -273,6 +274,7 @@ def hive_create_case(hive_tlp, threat_level, hive_description, hive_case_title,
# ============= ROUTES ==============
@PasteSubmit.route("/PasteSubmit/", methods=['GET'])
@login_required
def PasteSubmit_page():
#active taxonomies
active_taxonomies = r_serv_tags.smembers('active_taxonomies')
@ -285,6 +287,7 @@ def PasteSubmit_page():
active_galaxies = active_galaxies)
@PasteSubmit.route("/PasteSubmit/submit", methods=['POST'])
@login_required
def submit():
#paste_name = request.form['paste_name']
@ -385,6 +388,7 @@ def submit():
return PasteSubmit_page()
@PasteSubmit.route("/PasteSubmit/submit_status", methods=['GET'])
@login_required
def submit_status():
UUID = request.args.get('UUID')
@ -451,6 +455,7 @@ def submit_status():
@PasteSubmit.route("/PasteSubmit/create_misp_event", methods=['POST'])
@login_required
def create_misp_event():
distribution = int(request.form['misp_data[Event][distribution]'])
@ -473,6 +478,7 @@ def create_misp_event():
return 'error0'
@PasteSubmit.route("/PasteSubmit/create_hive_case", methods=['POST'])
@login_required
def create_hive_case():
hive_tlp = int(request.form['hive_tlp'])
@ -495,6 +501,7 @@ def create_hive_case():
return 'error'
@PasteSubmit.route("/PasteSubmit/edit_tag_export")
@login_required
def edit_tag_export():
misp_auto_events = r_serv_db.get('misp:auto-events')
hive_auto_alerts = r_serv_db.get('hive:auto-alerts')
@ -559,6 +566,7 @@ def edit_tag_export():
flag_hive=flag_hive)
@PasteSubmit.route("/PasteSubmit/tag_export_edited", methods=['POST'])
@login_required
def tag_export_edited():
tag_enabled_misp = request.form.getlist('tag_enabled_misp')
tag_enabled_hive = request.form.getlist('tag_enabled_hive')
@ -583,26 +591,31 @@ def tag_export_edited():
return redirect(url_for('PasteSubmit.edit_tag_export'))
@PasteSubmit.route("/PasteSubmit/enable_misp_auto_event")
@login_required
def enable_misp_auto_event():
r_serv_db.set('misp:auto-events', 1)
return edit_tag_export()
@PasteSubmit.route("/PasteSubmit/disable_misp_auto_event")
@login_required
def disable_misp_auto_event():
r_serv_db.set('misp:auto-events', 0)
return edit_tag_export()
@PasteSubmit.route("/PasteSubmit/enable_hive_auto_alert")
@login_required
def enable_hive_auto_alert():
r_serv_db.set('hive:auto-alerts', 1)
return edit_tag_export()
@PasteSubmit.route("/PasteSubmit/disable_hive_auto_alert")
@login_required
def disable_hive_auto_alert():
r_serv_db.set('hive:auto-alerts', 0)
return edit_tag_export()
@PasteSubmit.route("/PasteSubmit/add_push_tag")
@login_required
def add_push_tag():
tag = request.args.get('tag')
if tag is not None:
@ -620,6 +633,7 @@ def add_push_tag():
return 'None args', 400
@PasteSubmit.route("/PasteSubmit/delete_push_tag")
@login_required
def delete_push_tag():
tag = request.args.get('tag')

View File

@ -6,6 +6,7 @@
'''
import redis
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for
from flask_login import login_required
import json
import datetime
@ -218,6 +219,7 @@ def update_tag_last_seen(tag, tag_first_seen, tag_last_seen):
# ============= ROUTES ==============
@Tags.route("/tags/", methods=['GET'])
@login_required
def Tags_page():
date_from = request.args.get('date_from')
date_to = request.args.get('date_to')
@ -351,6 +353,7 @@ def Tags_page():
@Tags.route("/Tags/get_all_tags")
@login_required
def get_all_tags():
all_tags = r_serv_tags.smembers('list_tags')
@ -373,6 +376,7 @@ def get_all_tags():
return jsonify(list_tags)
@Tags.route("/Tags/get_all_tags_taxonomies")
@login_required
def get_all_tags_taxonomies():
taxonomies = Taxonomies()
@ -390,6 +394,7 @@ def get_all_tags_taxonomies():
return jsonify(list_tags)
@Tags.route("/Tags/get_all_tags_galaxies")
@login_required
def get_all_tags_galaxy():
active_galaxies = r_serv_tags.smembers('active_galaxies')
@ -403,6 +408,7 @@ def get_all_tags_galaxy():
return jsonify(list_tags)
@Tags.route("/Tags/get_tags_taxonomie")
@login_required
def get_tags_taxonomie():
taxonomie = request.args.get('taxonomie')
@ -429,6 +435,7 @@ def get_tags_taxonomie():
return 'INCORRECT INPUT'
@Tags.route("/Tags/get_tags_galaxy")
@login_required
def get_tags_galaxy():
galaxy = request.args.get('galaxy')
@ -449,6 +456,7 @@ def get_tags_galaxy():
return 'this galaxy is disable'
@Tags.route("/Tags/remove_tag")
@login_required
def remove_tag():
#TODO verify input
@ -460,6 +468,7 @@ def remove_tag():
return redirect(url_for('showsavedpastes.showsavedpaste', paste=path))
@Tags.route("/Tags/confirm_tag")
@login_required
def confirm_tag():
#TODO verify input
@ -478,6 +487,7 @@ def confirm_tag():
return 'incompatible tag'
@Tags.route("/Tags/tag_validation")
@login_required
def tag_validation():
path = request.args.get('paste')
@ -498,6 +508,7 @@ def tag_validation():
return 'input error'
@Tags.route("/Tags/addTags")
@login_required
def addTags():
tags = request.args.get('tags')
@ -547,6 +558,7 @@ def addTags():
@Tags.route("/Tags/taxonomies")
@login_required
def taxonomies():
active_taxonomies = r_serv_tags.smembers('active_taxonomies')
@ -583,6 +595,7 @@ def taxonomies():
n_tags=n_tags)
@Tags.route("/Tags/edit_taxonomie")
@login_required
def edit_taxonomie():
taxonomies = Taxonomies()
@ -631,6 +644,7 @@ def edit_taxonomie():
return 'INVALID TAXONOMIE'
@Tags.route("/Tags/disable_taxonomie")
@login_required
def disable_taxonomie():
taxonomies = Taxonomies()
@ -651,6 +665,7 @@ def disable_taxonomie():
@Tags.route("/Tags/active_taxonomie")
@login_required
def active_taxonomie():
taxonomies = Taxonomies()
@ -670,6 +685,7 @@ def active_taxonomie():
return "INCORRECT INPUT"
@Tags.route("/Tags/edit_taxonomie_tag")
@login_required
def edit_taxonomie_tag():
taxonomies = Taxonomies()
@ -712,6 +728,7 @@ def edit_taxonomie_tag():
return "INCORRECT INPUT"
@Tags.route("/Tags/galaxies")
@login_required
def galaxies():
active_galaxies = r_serv_tags.smembers('active_galaxies')
@ -758,6 +775,7 @@ def galaxies():
@Tags.route("/Tags/edit_galaxy")
@login_required
def edit_galaxy():
id = request.args.get('galaxy')
@ -825,6 +843,7 @@ def edit_galaxy():
@Tags.route("/Tags/active_galaxy")
@login_required
def active_galaxy():
id = request.args.get('galaxy')
@ -869,6 +888,7 @@ def active_galaxy():
@Tags.route("/Tags/disable_galaxy")
@login_required
def disable_galaxy():
id = request.args.get('galaxy')
@ -889,6 +909,7 @@ def disable_galaxy():
@Tags.route("/Tags/edit_galaxy_tag")
@login_required
def edit_galaxy_tag():
arg1 = request.args.getlist('tag_enabled')
@ -961,6 +982,7 @@ def edit_galaxy_tag():
return "INCORRECT INPUT"
@Tags.route("/Tags/tag_galaxy_info")
@login_required
def tag_galaxy_info():
galaxy = request.args.get('galaxy')

View File

@ -15,6 +15,7 @@ import zipfile
import requests
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, send_file
from flask_login import login_required
# ============ VARIABLES ============
import Flask_config
@ -97,6 +98,7 @@ def one():
# ============= ROUTES ==============
@hashDecoded.route("/hashDecoded/all_hash_search", methods=['POST'])
@login_required
def all_hash_search():
date_from = request.form.get('date_from')
date_to = request.form.get('date_to')
@ -107,6 +109,7 @@ def all_hash_search():
@hashDecoded.route("/hashDecoded/", methods=['GET'])
@login_required
def hashDecoded_page():
date_from = request.args.get('date_from')
date_to = request.args.get('date_to')
@ -224,6 +227,7 @@ def hashDecoded_page():
@hashDecoded.route('/hashDecoded/hash_by_type')
@login_required
def hash_by_type():
type = request.args.get('type')
type = 'text/plain'
@ -231,12 +235,14 @@ def hash_by_type():
@hashDecoded.route('/hashDecoded/hash_hash')
@login_required
def hash_hash():
hash = request.args.get('hash')
return render_template('hash_hash.html')
@hashDecoded.route('/hashDecoded/showHash')
@login_required
def showHash():
hash = request.args.get('hash')
#hash = 'e02055d3efaad5d656345f6a8b1b6be4fe8cb5ea'
@ -290,6 +296,7 @@ def showHash():
@hashDecoded.route('/hashDecoded/downloadHash')
@login_required
def downloadHash():
hash = request.args.get('hash')
# sanitize hash
@ -326,6 +333,7 @@ def downloadHash():
@hashDecoded.route('/hashDecoded/hash_by_type_json')
@login_required
def hash_by_type_json():
type = request.args.get('type')
@ -359,6 +367,7 @@ def hash_by_type_json():
@hashDecoded.route('/hashDecoded/decoder_type_json')
@login_required
def decoder_type_json():
date_from = request.args.get('date_from')
date_to = request.args.get('date_to')
@ -414,6 +423,7 @@ def decoder_type_json():
@hashDecoded.route('/hashDecoded/top5_type_json')
@login_required
def top5_type_json():
date_from = request.args.get('date_from')
date_to = request.args.get('date_to')
@ -472,6 +482,7 @@ def top5_type_json():
@hashDecoded.route('/hashDecoded/daily_type_json')
@login_required
def daily_type_json():
date = request.args.get('date')
@ -491,6 +502,7 @@ def daily_type_json():
@hashDecoded.route('/hashDecoded/range_type_json')
@login_required
def range_type_json():
date_from = request.args.get('date_from')
date_to = request.args.get('date_to')
@ -547,6 +559,7 @@ def range_type_json():
@hashDecoded.route('/hashDecoded/hash_graph_line_json')
@login_required
def hash_graph_line_json():
hash = request.args.get('hash')
date_from = request.args.get('date_from')
@ -576,6 +589,7 @@ def hash_graph_line_json():
@hashDecoded.route('/hashDecoded/hash_graph_node_json')
@login_required
def hash_graph_node_json():
hash = request.args.get('hash')
@ -643,6 +657,7 @@ def hash_graph_node_json():
@hashDecoded.route('/hashDecoded/hash_types')
@login_required
def hash_types():
date_from = 20180701
date_to = 20180706
@ -650,6 +665,7 @@ def hash_types():
@hashDecoded.route('/hashDecoded/send_file_to_vt_js')
@login_required
def send_file_to_vt_js():
hash = request.args.get('hash')
@ -673,6 +689,7 @@ def send_file_to_vt_js():
@hashDecoded.route('/hashDecoded/update_vt_result')
@login_required
def update_vt_result():
hash = request.args.get('hash')

View File

@ -12,6 +12,7 @@ import time
import json
from pyfaup.faup import Faup
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for
from flask_login import login_required
from Date import Date
from HiddenServices import HiddenServices
@ -232,6 +233,7 @@ def delete_auto_crawler(url):
# ============= ROUTES ==============
@hiddenServices.route("/crawlers/", methods=['GET'])
@login_required
def dashboard():
crawler_metadata_onion = get_crawler_splash_status('onion')
crawler_metadata_regular = get_crawler_splash_status('regular')
@ -246,14 +248,17 @@ def dashboard():
statDomains_onion=statDomains_onion, statDomains_regular=statDomains_regular)
@hiddenServices.route("/hiddenServices/2", methods=['GET'])
@login_required
def hiddenServices_page_test():
return render_template("Crawler_index.html")
@hiddenServices.route("/crawlers/manual", methods=['GET'])
@login_required
def manual():
return render_template("Crawler_Splash_manual.html")
@hiddenServices.route("/crawlers/crawler_splash_onion", methods=['GET'])
@login_required
def crawler_splash_onion():
type = 'onion'
last_onions = get_last_domains_crawled(type)
@ -271,6 +276,7 @@ def crawler_splash_onion():
crawler_metadata=crawler_metadata, date_from=date_string, date_to=date_string)
@hiddenServices.route("/crawlers/Crawler_Splash_last_by_type", methods=['GET'])
@login_required
def Crawler_Splash_last_by_type():
type = request.args.get('type')
# verify user input
@ -293,6 +299,7 @@ def Crawler_Splash_last_by_type():
crawler_metadata=crawler_metadata, date_from=date_string, date_to=date_string)
@hiddenServices.route("/crawlers/blacklisted_domains", methods=['GET'])
@login_required
def blacklisted_domains():
blacklist_domain = request.args.get('blacklist_domain')
unblacklist_domain = request.args.get('unblacklist_domain')
@ -327,6 +334,7 @@ def blacklisted_domains():
return 'Incorrect Type'
@hiddenServices.route("/crawler/blacklist_domain", methods=['GET'])
@login_required
def blacklist_domain():
domain = request.args.get('domain')
type = request.args.get('type')
@ -348,6 +356,7 @@ def blacklist_domain():
return 'Incorrect type'
@hiddenServices.route("/crawler/unblacklist_domain", methods=['GET'])
@login_required
def unblacklist_domain():
domain = request.args.get('domain')
type = request.args.get('type')
@ -369,6 +378,7 @@ def unblacklist_domain():
return 'Incorrect type'
@hiddenServices.route("/crawlers/create_spider_splash", methods=['POST'])
@login_required
def create_spider_splash():
url = request.form.get('url_to_crawl')
automatic = request.form.get('crawler_type')
@ -444,6 +454,7 @@ def create_spider_splash():
return redirect(url_for('hiddenServices.manual'))
@hiddenServices.route("/crawlers/auto_crawler", methods=['GET'])
@login_required
def auto_crawler():
nb_element_to_display = 100
try:
@ -495,6 +506,7 @@ def auto_crawler():
auto_crawler_domain_regular_metadata=auto_crawler_domain_regular_metadata)
@hiddenServices.route("/crawlers/remove_auto_crawler", methods=['GET'])
@login_required
def remove_auto_crawler():
url = request.args.get('url')
page = request.args.get('page')
@ -504,6 +516,7 @@ def remove_auto_crawler():
return redirect(url_for('hiddenServices.auto_crawler', page=page))
@hiddenServices.route("/crawlers/crawler_dashboard_json", methods=['GET'])
@login_required
def crawler_dashboard_json():
crawler_metadata_onion = get_crawler_splash_status('onion')
@ -520,6 +533,7 @@ def crawler_dashboard_json():
# # TODO: refractor
@hiddenServices.route("/hiddenServices/last_crawled_domains_with_stats_json", methods=['GET'])
@login_required
def last_crawled_domains_with_stats_json():
last_onions = r_serv_onion.lrange('last_onion', 0 ,-1)
list_onion = []
@ -569,6 +583,7 @@ def last_crawled_domains_with_stats_json():
return jsonify({'last_onions': list_onion, 'statDomains': statDomains, 'crawler_metadata':crawler_metadata})
@hiddenServices.route("/hiddenServices/get_onions_by_daterange", methods=['POST'])
@login_required
def get_onions_by_daterange():
date_from = request.form.get('date_from')
date_to = request.form.get('date_to')
@ -580,6 +595,7 @@ def get_onions_by_daterange():
return redirect(url_for('hiddenServices.show_domains_by_daterange', date_from=date_from, date_to=date_to, service_type=service_type, domains_up=domains_up, domains_down=domains_down, domains_tags=domains_tags))
@hiddenServices.route("/hiddenServices/show_domains_by_daterange", methods=['GET'])
@login_required
def show_domains_by_daterange():
date_from = request.args.get('date_from')
date_to = request.args.get('date_to')
@ -684,6 +700,7 @@ def show_domains_by_daterange():
domains_tags=domains_tags, type=service_type, bootstrap_label=bootstrap_label)
@hiddenServices.route("/crawlers/show_domain", methods=['GET'])
@login_required
def show_domain():
domain = request.args.get('domain')
epoch = request.args.get('epoch')
@ -754,6 +771,7 @@ def show_domain():
domain_tags=domain_tags, screenshot=screenshot)
@hiddenServices.route("/hiddenServices/onion_son", methods=['GET'])
@login_required
def onion_son():
onion_domain = request.args.get('onion_domain')
@ -764,6 +782,7 @@ def onion_son():
# ============= JSON ==============
@hiddenServices.route("/hiddenServices/domain_crawled_7days_json", methods=['GET'])
@login_required
def domain_crawled_7days_json():
type = 'onion'
## TODO: # FIXME: 404 error
@ -782,6 +801,7 @@ def domain_crawled_7days_json():
return jsonify(json_domain_stats)
@hiddenServices.route('/hiddenServices/domain_crawled_by_type_json')
@login_required
def domain_crawled_by_type_json():
current_date = request.args.get('date')
type = request.args.get('type')

View File

@ -6,6 +6,7 @@
'''
import redis
from flask import Flask, render_template, jsonify, request, Blueprint
from flask_login import login_required
# ============ VARIABLES ============
import Flask_config
@ -22,6 +23,7 @@ def one():
# ============= ROUTES ==============
@rawSkeleton.route("/rawSkeleton/", methods=['GET'])
@login_required
def skeleton_page():
return render_template("rawSkeleton.html")

View File

@ -10,6 +10,7 @@ import os
import datetime
import flask
from flask import Flask, render_template, jsonify, request, Blueprint
from flask_login import login_required
import Paste
from whoosh import index
@ -93,6 +94,7 @@ def to_iso_date(timestamp):
# ============ ROUTES ============
@searches.route("/search", methods=['POST'])
@login_required
def search():
query = request.form['query']
q = []
@ -180,6 +182,7 @@ def search():
@searches.route("/get_more_search_result", methods=['POST'])
@login_required
def get_more_search_result():
query = request.form['query']
q = []

View File

@ -10,6 +10,7 @@ import calendar
from Date import Date
import flask
from flask import Flask, render_template, jsonify, request, Blueprint
from flask_login import login_required
import Paste
@ -39,11 +40,13 @@ def get_date_range(num_day):
# ============ ROUTES ============
@sentiments.route("/sentiment_analysis_trending/")
@login_required
def sentiment_analysis_trending():
return render_template("sentiment_analysis_trending.html")
@sentiments.route("/sentiment_analysis_getplotdata/", methods=['GET'])
@login_required
def sentiment_analysis_getplotdata():
# Get the top providers based on number of pastes
oneHour = 60*60
@ -94,12 +97,14 @@ def sentiment_analysis_getplotdata():
@sentiments.route("/sentiment_analysis_plot_tool/")
@login_required
def sentiment_analysis_plot_tool():
return render_template("sentiment_analysis_plot_tool.html")
@sentiments.route("/sentiment_analysis_plot_tool_getdata/", methods=['GET'])
@login_required
def sentiment_analysis_plot_tool_getdata():
getProviders = request.args.get('getProviders')

View File

@ -5,6 +5,7 @@
Flask functions and routes for the settings modules page
'''
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for
from flask_login import login_required
import json
import datetime
@ -74,6 +75,7 @@ def get_update_metadata():
# ============= ROUTES ==============
@settings.route("/settings/", methods=['GET'])
@login_required
def settings_page():
git_metadata = get_git_metadata()
current_version = r_serv_db.get('ail:version')
@ -85,6 +87,7 @@ def settings_page():
@settings.route("/settings/get_background_update_stats_json", methods=['GET'])
@login_required
def get_background_update_stats_json():
# handle :end, error
update_stats = {}

View File

@ -9,6 +9,8 @@ import json
import os
import flask
from flask import Flask, render_template, jsonify, request, Blueprint, make_response, Response, send_from_directory, redirect, url_for
from flask_login import login_required
import difflib
import ssdeep
@ -378,16 +380,19 @@ def show_item_min(requested_path , content_range=0):
# ============ ROUTES ============
@showsavedpastes.route("/showsavedpaste/") #completely shows the paste in a new tab
@login_required
def showsavedpaste():
requested_path = request.args.get('paste', '')
return showpaste(0, requested_path)
@showsavedpastes.route("/showsaveditem_min/") #completely shows the paste in a new tab
@login_required
def showsaveditem_min():
requested_path = request.args.get('paste', '')
return show_item_min(requested_path)
@showsavedpastes.route("/showsavedrawpaste/") #shows raw
@login_required
def showsavedrawpaste():
requested_path = request.args.get('paste', '')
paste = Paste.Paste(requested_path)
@ -395,6 +400,7 @@ def showsavedrawpaste():
return Response(content, mimetype='text/plain')
@showsavedpastes.route("/showpreviewpaste/")
@login_required
def showpreviewpaste():
num = request.args.get('num', '')
requested_path = request.args.get('paste', '')
@ -402,6 +408,7 @@ def showpreviewpaste():
@showsavedpastes.route("/getmoredata/")
@login_required
def getmoredata():
requested_path = request.args.get('paste', '')
paste = Paste.Paste(requested_path)
@ -410,6 +417,7 @@ def getmoredata():
return to_return
@showsavedpastes.route("/showDiff/")
@login_required
def showDiff():
s1 = request.args.get('s1', '')
s2 = request.args.get('s2', '')
@ -426,10 +434,12 @@ def showDiff():
return the_html
@showsavedpastes.route('/screenshot/<path:filename>')
@login_required
def screenshot(filename):
return send_from_directory(SCREENSHOT_FOLDER, filename+'.png', as_attachment=True)
@showsavedpastes.route('/send_file_to_vt/', methods=['POST'])
@login_required
def send_file_to_vt():
b64_path = request.form['b64_path']
paste = request.form['paste']

View File

@ -11,6 +11,8 @@ import datetime
import calendar
import flask
from flask import Flask, render_template, jsonify, request, Blueprint, url_for, redirect
from flask_login import login_required
import re
import Paste
from pprint import pprint
@ -143,6 +145,7 @@ def save_tag_to_auto_push(list_tag):
# ============ ROUTES ============
@terms.route("/terms_management/")
@login_required
def terms_management():
per_paste = request.args.get('per_paste')
if per_paste == "1" or per_paste is None:
@ -261,6 +264,7 @@ def terms_management():
@terms.route("/terms_management_query_paste/")
@login_required
def terms_management_query_paste():
term = request.args.get('term')
paste_info = []
@ -293,6 +297,7 @@ def terms_management_query_paste():
@terms.route("/terms_management_query/")
@login_required
def terms_management_query():
TrackedTermsDate_Name = "TrackedTermDate"
BlackListTermsDate_Name = "BlackListTermDate"
@ -315,6 +320,7 @@ def terms_management_query():
@terms.route("/terms_management_action/", methods=['GET'])
@login_required
def terms_management_action():
today = datetime.datetime.now()
today = today.replace(microsecond=0)
@ -440,6 +446,7 @@ def terms_management_action():
return jsonify(to_return)
@terms.route("/terms_management/delete_terms_tags", methods=['POST'])
@login_required
def delete_terms_tags():
term = request.form.get('term')
tags_to_delete = request.form.getlist('tags_to_delete')
@ -452,6 +459,7 @@ def delete_terms_tags():
return 'None args', 400
@terms.route("/terms_management/delete_terms_email", methods=['GET'])
@login_required
def delete_terms_email():
term = request.args.get('term')
email = request.args.get('email')
@ -464,6 +472,7 @@ def delete_terms_email():
@terms.route("/terms_plot_tool/")
@login_required
def terms_plot_tool():
term = request.args.get('term')
if term is not None:
@ -473,6 +482,7 @@ def terms_plot_tool():
@terms.route("/terms_plot_tool_data/")
@login_required
def terms_plot_tool_data():
oneDay = 60*60*24
range_start = datetime.datetime.utcfromtimestamp(int(float(request.args.get('range_start')))) if request.args.get('range_start') is not None else 0;
@ -503,6 +513,7 @@ def terms_plot_tool_data():
@terms.route("/terms_plot_top/")
@login_required
def terms_plot_top():
per_paste = request.args.get('per_paste')
per_paste = per_paste if per_paste is not None else 1
@ -510,6 +521,7 @@ def terms_plot_top():
@terms.route("/terms_plot_top_data/")
@login_required
def terms_plot_top_data():
oneDay = 60*60*24
today = datetime.datetime.now()
@ -556,10 +568,12 @@ def terms_plot_top_data():
@terms.route("/credentials_tracker/")
@login_required
def credentials_tracker():
return render_template("credentials_tracker.html")
@terms.route("/credentials_management_query_paste/", methods=['GET', 'POST'])
@login_required
def credentials_management_query_paste():
cred = request.args.get('cred')
allPath = request.json['allPath']
@ -583,6 +597,7 @@ def credentials_management_query_paste():
return jsonify(paste_info)
@terms.route("/credentials_management_action/", methods=['GET'])
@login_required
def cred_management_action():
supplied = request.args.get('term')

View File

@ -9,6 +9,7 @@ import datetime
from Date import Date
import flask
from flask import Flask, render_template, jsonify, request, Blueprint
from flask_login import login_required
# ============ VARIABLES ============
import Flask_config
@ -36,6 +37,7 @@ def get_date_range(num_day):
# ============ ROUTES ============
@trendings.route("/_progressionCharts", methods=['GET'])
@login_required
def progressionCharts():
attribute_name = request.args.get('attributeName')
trending_name = request.args.get('trendingName')
@ -61,18 +63,21 @@ def progressionCharts():
return jsonify(keyw_value)
@trendings.route("/wordstrending/")
@login_required
def wordstrending():
default_display = cfg.get("Flask", "default_display")
return render_template("Wordstrending.html", default_display = default_display)
@trendings.route("/protocolstrending/")
@login_required
def protocolstrending():
default_display = cfg.get("Flask", "default_display")
return render_template("Protocolstrending.html", default_display = default_display)
@trendings.route("/trending/")
@login_required
def trending():
default_display = cfg.get("Flask", "default_display")
return render_template("Trending.html", default_display = default_display)

View File

@ -9,6 +9,7 @@ import datetime
from Date import Date
import flask
from flask import Flask, render_template, jsonify, request, Blueprint
from flask_login import login_required
# ============ VARIABLES ============
import Flask_config
@ -49,6 +50,7 @@ def get_date_range(num_day):
# ============ ROUTES ============
@trendingmodules.route("/_moduleCharts", methods=['GET'])
@login_required
def modulesCharts():
keyword_name = request.args.get('keywordName')
module_name = request.args.get('moduleName')
@ -75,6 +77,7 @@ def modulesCharts():
@trendingmodules.route("/_providersChart", methods=['GET'])
@login_required
def providersChart():
keyword_name = request.args.get('keywordName')
module_name = request.args.get('moduleName')
@ -121,6 +124,7 @@ def providersChart():
@trendingmodules.route("/moduletrending/")
@login_required
def moduletrending():
return render_template("Moduletrending.html")

View File

@ -0,0 +1,81 @@
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>AIL-Framework</title>
<link rel="icon" href="{{ url_for('static', filename='image/ail-icon.png')}}">
<!-- Core CSS -->
<link href="{{ url_for('static', filename='css/bootstrap4.min.css') }}" rel="stylesheet">
<link href="{{ url_for('static', filename='css/font-awesome.min.css') }}" rel="stylesheet">
<!-- JS -->
<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
<script src="{{ url_for('static', filename='js/bootstrap4.min.js')}}"></script>
<style>
html,
body {
height: 100%;
}
body {
display: -ms-flexbox;
display: flex;
-ms-flex-align: center;
align-items: center;
padding-top: 40px;
padding-bottom: 40px;
background-color: #f5f5f5;
}
.form-signin {
width: 100%;
max-width: 330px;
padding: 15px;
margin: auto;
}
.form-signin .checkbox {
font-weight: 400;
}
.form-signin .form-control {
position: relative;
box-sizing: border-box;
height: auto;
padding: 10px;
font-size: 16px;
}
.form-signin .form-control:focus {
z-index: 2;
}
.form-signin input[type="email"] {
margin-bottom: -1px;
border-bottom-right-radius: 0;
border-bottom-left-radius: 0;
}
.form-signin input[type="password"] {
margin-bottom: 10px;
border-top-left-radius: 0;
border-top-right-radius: 0;
}
</style>
</head>
<body class="text-center">
<form class="form-signin" action="{{ url_for('login')}}" method="post">
<img class="mb-4" src="{{ url_for('static', filename='image/AIL.png')}}" width="300">
<h1 class="h3 mb-3 text-secondary">Please sign in</h1>
<label for="inputEmail" class="sr-only">Email address</label>
<input type="email" id="inputEmail" name="username" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" id="inputPassword" name="password" class="form-control" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
<input type="text" name="next_page" hidden>{{next_page}}</input>
</form>
</body>