chg: [UI] add users management

2019-09-02 16:06:46 +02:00 · 2019-09-02 16:06:46 +02:00 · eb6ff228e8
parent 450f5860e4
commit eb6ff228e8
19 changed files with 728 additions and 151 deletions
--- a/server/LAUNCH.sh
+++ b/server/LAUNCH.sh
@ -11,10 +11,10 @@ CYAN="\\033[1;36m"

 . ./D4ENV/bin/activate

-isredis=`screen -ls | egrep '[0-9]+.Redis_D4' | cut -d. -f1`
-isd4server=`screen -ls | egrep '[0-9]+.Server_D4' | cut -d. -f1`
-isworker=`screen -ls | egrep '[0-9]+.Workers_D4' | cut -d. -f1`
-isflask=`screen -ls | egrep '[0-9]+.Flask_D4' | cut -d. -f1`
+isredis=`screen -ls | egrep '[0-9]+.Redis_D4	' | cut -d. -f1`
+isd4server=`screen -ls | egrep '[0-9]+.Server_D4	' | cut -d. -f1`
+isworker=`screen -ls | egrep '[0-9]+.Workers_D4	' | cut -d. -f1`
+isflask=`screen -ls | egrep '[0-9]+.Flask_D4	' | cut -d. -f1`

 function helptext {
    echo -e $YELLOW"
@ -109,6 +109,18 @@ function checking_redis {
    return $flag_redis;
 }

+function wait_until_redis_is_ready {
+    redis_not_ready=true
+    while $redis_not_ready; do
+        if checking_redis; then
+            redis_not_ready=false;
+        else
+            sleep 1
+        fi
+    done
+    echo -e $YELLOW"\t* Redis Launched"$DEFAULT
+}
+
 function launch_redis {
    if [[ ! $isredis ]]; then
        launching_redis;
@ -275,16 +287,19 @@ function launch_all {

 while [ "$1" != "" ]; do
    case $1 in
-        -l | --launchAuto )         launch_all;
-                                    ;;
-        -k | --killAll )            helptext;
-                                    killall;
-                                    ;;
-        -h | --help )               helptext;
-                                    exit
-                                    ;;
-        * )                         helptext
-                                    exit 1
+        -l | --launchAuto )           launch_all;
+                                      ;;
+        -k | --killAll )              helptext;
+                                      killall;
+                                      ;;
+        -lrv | --launchRedisVerify )  launch_redis;
+                                      wait_until_redis_is_ready;
+                                      ;;
+        -h | --help )                 helptext;
+                                      exit
+                                      ;;
+        * )                           helptext
+                                      exit 1
    esac
    shift
 done
--- a/server/documentation/README.md
+++ b/server/documentation/README.md
@ -4,7 +4,7 @@

 ### Automation key

-The authentication of the automation is performed via a secure key available in the D4 UI interface. Make sure you keep that key secret. It gives access to the entire database! The API key is available in the ``Server Management`` menu under ``My Profile``.
+The authentication of the automation is performed via a secure key available in the D4 UI interface. Make sure you keep that key secret. It gives access to the entire database! The API key is available in the ``Settings`` menu under ``My Profile``.

 The authorization is performed by using the following header:

@ -22,15 +22,15 @@ Content-Type: application/json
 Example:

 ~~~~
-curl --header "Authorization: YOUR_API_KEY" --header "Content-Type: application/json" https://AIL_URL/
+curl --header "Authorization: YOUR_API_KEY" --header "Content-Type: application/json" https://D4_URL/
 ~~~~

-## Item management
+## Sensor Registration

-### Get item: `api/v1/get/item/default`<a name="get_item_default"></a>
+### Register a sensor: `api/v1/add/sensor/register`<a name="add_sensor_register"></a>

 #### Description
-Get item default info.
+Register a sensor.

 **Method** : `POST`

@ -49,6 +49,10 @@ Get item default info.
  - sensor description
  - *str*

+- `mail`
+  - user mail
+  - *str*
+
 #### JSON response
 - `uuid`
  - sensor uuid
@ -62,8 +66,8 @@ curl https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization:
 #### input.json Example
 ```json
  {
-    "uuid": "",
-    "hmac_key": ""
+    "uuid": "ff7ba400-e76c-4053-982d-feec42bdef38",
+    "hmac_key": "...HMAC_KEY..."
  }
 ```

@ -72,7 +76,7 @@ curl https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization:

 ```json
  {
-    "uuid": "",
+    "uuid": "ff7ba400-e76c-4053-982d-feec42bdef38",
  }
 ```

@ -81,4 +85,10 @@ curl https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization:
 **HTTP Status Code** : `400`
 ```json
  {"status": "error", "reason": "Mandatory parameter(s) not provided"}
+  {"status": "error", "reason": "Invalid uuid"}
+```
+
+**HTTP Status Code** : `409`
+```json
+  {"status": "error", "reason": "Sensor already registred"}
 ```
--- a/server/install_server.sh
+++ b/server/install_server.sh
@ -26,6 +26,16 @@ git checkout 5.0
 make
 popd

+# LAUNCH Redis
+bash ${AIL_BIN}LAUNCH.sh -lrv &
+wait
+echo ""
+
+# create default users
 pushd web/
 ./create_default_user.py
 popd
+
+bash LAUNCH.sh -k &
+wait
+echo ""
--- a/server/web/Flask_server.py
+++ b/server/web/Flask_server.py
@ -31,6 +31,7 @@ from User import User

 # Import Blueprint
 from blueprints.restApi import restApi
+from blueprints.settings import settings

 baseUrl = ''
 if baseUrl != '':
@ -112,6 +113,7 @@ login_manager.init_app(app)

 # =========  BLUEPRINT  =========#
 app.register_blueprint(restApi)
+app.register_blueprint(settings)
 # =========       =========#

 # ========= LOGIN MANAGER ========
--- a/server/web/Role_Manager.py
+++ b/server/web/Role_Manager.py
@ -158,7 +158,7 @@ def get_role_level(role):

 def get_all_user_role(user_role):
    current_role_val = get_role_level(user_role)
-    return r_serv_db.zrangebyscore('d4:all_role', current_role_val -1, 50)
+    return r_serv_db.zrangebyscore('d4:all_role', current_role_val, 50)

 def get_all_user_upper_role(user_role):
    current_role_val = get_role_level(user_role)
--- a/server/web/blueprints/settings.py
+++ b/server/web/blueprints/settings.py
@ -0,0 +1,192 @@
+#!/usr/bin/env python3
+# -*-coding:UTF-8 -*
+
+'''
+    Flask functions and routes for the rest api
+'''
+
+import os
+import re
+import sys
+import redis
+
+from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response
+from flask_login import login_required, current_user
+
+from Role_Manager import login_admin, login_user_basic
+from Role_Manager import create_user_db, edit_user_db, delete_user_db, check_password_strength, generate_new_token, gen_password, get_all_role
+
+# ============ BLUEPRINT ============
+
+settings = Blueprint('settings', __name__, template_folder='templates')
+
+# ============ VARIABLES ============
+
+email_regex = r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}'
+email_regex = re.compile(email_regex)
+host_redis_metadata = os.getenv('D4_REDIS_METADATA_HOST', "localhost")
+port_redis_metadata = int(os.getenv('D4_REDIS_METADATA_PORT', 6380))
+
+r_serv_metadata = redis.StrictRedis(
+                host=host_redis_metadata,
+                port=port_redis_metadata,
+                db=0,
+                decode_responses=True)
+
+r_serv_db = redis.StrictRedis(
+                host=host_redis_metadata,
+                port=port_redis_metadata,
+                db=1,
+                decode_responses=True)
+
+# ============ FUNCTIONS ============
+
+def one():
+    return 1
+
+def check_email(email):
+    result = email_regex.match(email)
+    if result:
+        return True
+    else:
+        return False
+
+def get_user_metadata(user_id):
+    user_metadata = {}
+    user_metadata['email'] = user_id
+    user_metadata['role'] = r_serv_db.hget('user_metadata:{}'.format(user_id), 'role')
+    user_metadata['api_key'] = r_serv_db.hget('user_metadata:{}'.format(user_id), 'token')
+    return user_metadata
+
+def get_users_metadata(list_users):
+    users = []
+    for user in list_users:
+        users.append(get_user_metadata(user))
+    return users
+
+def get_all_users():
+    return r_serv_db.hkeys('user:all')
+
+
+# ============= ROUTES ==============
+
+@settings.route("/settings/", methods=['GET'])
+@login_required
+@login_user_basic
+def settings_page():
+    return redirect(url_for('settings.edit_profile'))
+
+@settings.route("/settings/edit_profile", methods=['GET'])
+@login_required
+@login_user_basic
+def edit_profile():
+    user_metadata = get_user_metadata(current_user.get_id())
+    admin_level = current_user.is_in_role('admin')
+    return render_template("edit_profile.html", user_metadata=user_metadata,
+                            admin_level=admin_level)
+
+@settings.route("/settings/new_token", methods=['GET'])
+@login_required
+@login_user_basic
+def new_token():
+    generate_new_token(current_user.get_id())
+    return redirect(url_for('settings.edit_profile'))
+
+@settings.route("/settings/new_token_user", methods=['GET'])
+@login_required
+@login_admin
+def new_token_user():
+    user_id = request.args.get('user_id')
+    if r_serv_db.exists('user_metadata:{}'.format(user_id)):
+        generate_new_token(user_id)
+    return redirect(url_for('settings.users_list'))
+
+@settings.route("/settings/create_user", methods=['GET'])
+@login_required
+@login_admin
+def create_user():
+    user_id = request.args.get('user_id')
+    error = request.args.get('error')
+    error_mail = request.args.get('error_mail')
+    role = None
+    if r_serv_db.exists('user_metadata:{}'.format(user_id)):
+        role = r_serv_db.hget('user_metadata:{}'.format(user_id), 'role')
+    else:
+        user_id = None
+    all_roles = get_all_role()
+    return render_template("create_user.html", all_roles=all_roles, user_id=user_id, user_role=role,
+                                        error=error, error_mail=error_mail,
+                                        admin_level=True)
+
+@settings.route("/settings/create_user_post", methods=['POST'])
+@login_required
+@login_admin
+def create_user_post():
+    email = request.form.get('username')
+    role = request.form.get('user_role')
+    password1 = request.form.get('password1')
+    password2 = request.form.get('password2')
+
+    all_roles = get_all_role()
+
+    if email and len(email)< 300 and check_email(email) and role:
+        if role in all_roles:
+            # password set
+            if password1 and password2:
+                if password1==password2:
+                    if check_password_strength(password1):
+                        password = password1
+                    else:
+                        return render_template("create_user.html", all_roles=all_roles, error="Incorrect Password", admin_level=True)
+                else:
+                    return render_template("create_user.html", all_roles=all_roles, error="Passwords don't match", admin_level=True)
+            # generate password
+            else:
+                password = gen_password()
+
+            if current_user.is_in_role('admin'):
+                # edit user
+                if r_serv_db.exists('user_metadata:{}'.format(email)):
+                    if password1 and password2:
+                        edit_user_db(email, password=password, role=role)
+                        return redirect(url_for('settings.users_list', new_user=email, new_user_password=password, new_user_edited=True))
+                    else:
+                        edit_user_db(email, role=role)
+                        return redirect(url_for('settings.users_list', new_user=email, new_user_password='Password not changed', new_user_edited=True))
+                # create user
+                else:
+                    create_user_db(email, password, default=True, role=role)
+                    return redirect(url_for('settings.users_list', new_user=email, new_user_password=password, new_user_edited=False))
+
+        else:
+            return render_template("create_user.html", all_roles=all_roles, admin_level=True)
+    else:
+        return render_template("create_user.html", all_roles=all_roles, error_mail=True, admin_level=True)
+
+@settings.route("/settings/users_list", methods=['GET'])
+@login_required
+@login_admin
+def users_list():
+    all_users = get_users_metadata(get_all_users())
+    new_user = request.args.get('new_user')
+    new_user_dict = {}
+    if new_user:
+        new_user_dict['email'] = new_user
+        new_user_dict['edited'] = request.args.get('new_user_edited')
+        new_user_dict['password'] = request.args.get('new_user_password')
+    return render_template("users_list.html", all_users=all_users, new_user=new_user_dict, admin_level=True)
+
+@settings.route("/settings/edit_user", methods=['GET'])
+@login_required
+@login_admin
+def edit_user():
+    user_id = request.args.get('user_id')
+    return redirect(url_for('settings.create_user', user_id=user_id))
+
+@settings.route("/settings/delete_user", methods=['GET'])
+@login_required
+@login_admin
+def delete_user():
+    user_id = request.args.get('user_id')
+    delete_user_db(user_id)
+    return redirect(url_for('settings.users_list'))
--- a/server/web/templates/403.html
+++ b/server/web/templates/403.html
@ -12,22 +12,7 @@

 <body>

-  <nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-    <a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-    <ul class="navbar-nav">
-      <li class="nav-item">
-        <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-      </li>
-        <li class="nav-item" mr-3>
-          <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-        </li>
-        <li class="nav-item mr-3">
-          <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-        </li>
-      </ul>
-  </nav>
+  {% include 'navbar.html' %}

 <div>
  <br>
@ -64,4 +49,10 @@

 <body>

+<script>
+$(document).ready(function(){
+  $("#nav-home").addClass("active");
+} );
+</script>
+
 </html>
--- a/server/web/templates/404.html
+++ b/server/web/templates/404.html
@ -23,22 +23,7 @@

 <body>

-	<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	      <li class="nav-item" mr-3>
-	        <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	      </li>
-	      <li class="nav-item mr-3">
-	        <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	      </li>
-	    </ul>
-	</nav>
+	{% include 'navbar.html' %}

 	<div class="d-flex justify-content-center">
 	<pre>
@ -68,3 +53,11 @@

 	{% include 'navfooter.html' %}
 </body>
+
+<script>
+$(document).ready(function(){
+  $("#nav-home").addClass("active");
+} );
+</script>
+
+</html>
--- a/server/web/templates/blacklisted_ip.html
+++ b/server/web/templates/blacklisted_ip.html
@ -23,22 +23,7 @@

 <body>

-	<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	      <li class="nav-item" mr-3>
-	        <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	      </li>
-	      <li class="nav-item mr-3">
-	        <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	      </li>
-	    </ul>
-	</nav>
+	{% include 'navbar.html' %}

 	<div class="card-deck justify-content-center ml-0 mr-0">
 		<div class="card border-dark mt-3 ml-4 mr-4">
--- a/server/web/templates/blacklisted_uuid.html
+++ b/server/web/templates/blacklisted_uuid.html
@ -23,22 +23,7 @@

 <body>

-	<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	      <li class="nav-item" mr-3>
-	        <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	      </li>
-	      <li class="nav-item mr-3">
-	        <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	      </li>
-	    </ul>
-	</nav>
+	{% include 'navbar.html' %}

 	<div class="card-deck justify-content-center ml-0 mr-0">
 		<div class="card border-dark mt-3 ml-4 mr-4">
--- a/server/web/templates/create_user.html
+++ b/server/web/templates/create_user.html
@ -0,0 +1,156 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <title>D4-Project</title>
+	<link rel="icon" href="{{ url_for('static', filename='img/d4-logo.png') }}">
+
+  <!-- Core CSS -->
+	<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='font-awesome/css/font-awesome.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
+
+  <!-- JS -->
+	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/bootstrap.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
+
+</head>
+<body>
+
+  {% include 'navbar.html' %}
+
+	<div class="container-fluid">
+		<div class="row">
+
+			{% include 'sidebar_settings.html' %}
+
+      <div class="col-12 col-lg-10" id="core_content">
+
+        <form class="form-signin" action="{{ url_for('settings.create_user_post')}}" autocomplete="off" method="post">
+
+          <h1 class="h3 mt-1 mb-3 text-center text-secondary">Create User</h1>
+          <label for="inputEmail" class="sr-only">Email address</label>
+          <input type="email" id="inputEmail" name="username" class="form-control {% if error_mail %}is-invalid{% endif %}" placeholder="Email address" autocomplete="off" required {% if user_id %}value="{{user_id}}"{% else %}{% endif %}>
+          {% if error_mail %}
+            <div class="invalid-feedback">
+              Please provide a valid email address
+            </div>
+          {% endif %}
+
+          <label  class="mt-3" for="role_selector">User Role</label>
+          <select class="custom-select" id="role_selector" name="user_role">
+            {% for role in all_roles %}
+              {% if role ==  user_role %}
+                <option value="{{role}}" selected>{{role}}</option>
+              {% else %}
+                <option value="{{role}}">{{role}}</option>
+              {% endif %}
+            {% endfor %}
+          </select>
+
+          <div class="custom-control custom-switch mt-4 mb-3">
+  				  <input type="checkbox" class="custom-control-input" id="set_manual_password" value="" onclick="toggle_password_fields();">
+  				  <label class="custom-control-label" for="set_manual_password">Set Password</label>
+				  </div>
+
+          <div id="password-section">
+    	      <h1 class="h3 mb-3 text-center text-secondary">Create Password</h1>
+    	      <label for="inputPassword1" class="sr-only">Password</label>
+    	      <input type="password" id="inputPassword1" name="password1" class="form-control {% if error %}is-invalid{% endif %}" placeholder="Password" autocomplete="new-password">
+    	      <label for="inputPassword2" class="sr-only">Confirm Password</label>
+    	      <input type="password" id="inputPassword2" name="password2" class="form-control {% if error %}is-invalid{% endif %}" placeholder="Confirm Password"  value="" autocomplete="new-password">
+            {% if error %}
+  						<div class="invalid-feedback">
+  							{{error}}
+  						</div>
+  					{% endif %}
+
+          </div>
+          <button class="btn btn-lg btn-primary btn-block mt-3" type="submit">Submit</button>
+
+          <div id="password-section-info">
+    				<br>
+    				<br>
+    				<br>
+    				<h5 class="h3 mb-3 text-center text-secondary">Password Requirements</h5>
+    				<ul class="list-group">
+    				 <li class="list-group-item d-flex justify-content-between align-items-center">
+    					 Minimal length
+    					 <span class="badge badge-primary badge-pill">10</span>
+    				 </li>
+    				 <li class="list-group-item d-flex justify-content-between align-items-center">
+    					 Upper characters: A-Z
+    					 <span class="badge badge-primary badge-pill">1</span>
+    				 </li>
+    				 <li class="list-group-item d-flex justify-content-between align-items-center">
+    					 Lower characters: a-z
+    					 <span class="badge badge-primary badge-pill">1</span>
+    				 </li>
+    				 <li class="list-group-item d-flex justify-content-between align-items-center">
+    					 Digits: 0-9
+    					 <span class="badge badge-primary badge-pill">2</span>
+    				 </li>
+             <li class="list-group-item d-flex justify-content-between align-items-center">
+  						 Maximum length
+  						 <span class="badge badge-primary badge-pill">100</span>
+  					 </li>
+    				</ul>
+          </div>
+
+  		  </form>
+
+    	</div>
+		</div>
+	</div>
+
+  {% include 'navfooter.html' %}
+
+</body>
+
+<script>
+$(document).ready(function(){
+  $("#password-section").hide();
+  $("#password-section-info").hide();
+  $("#nav-settings").addClass("active");
+  $("#nav_create_user").addClass("active");
+	$("#nav_user_management").removeClass("text-muted");
+
+  {% if error %}
+    toggle_password_fields();
+  {% endif %}
+} );
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+
+function toggle_password_fields() {
+  var password_div = $("#password-section");
+  if(password_div.is(":visible")){
+    $("#password-section").hide();
+    $("#password-section-info").hide();
+    $("#inputPassword1").prop('required',false);
+    $("#inputPassword2").prop('required',false);
+  } else {
+    $("#password-section").show();
+    $("#password-section-info").show();
+    $("#inputPassword1").prop('required',true);
+    $("#inputPassword2").prop('required',true);
+  }
+}
+</script>
+
+</html>
--- a/server/web/templates/edit_profile.html
+++ b/server/web/templates/edit_profile.html
@ -0,0 +1,99 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <title>D4-Project</title>
+	<link rel="icon" href="{{ url_for('static', filename='img/d4-logo.png') }}">
+
+  <!-- Core CSS -->
+	<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='font-awesome/css/font-awesome.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
+
+  <!-- JS -->
+	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/bootstrap.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
+
+</head>
+<body>
+
+  {% include 'navbar.html' %}
+
+	<div class="container-fluid">
+		<div class="row">
+
+			{% include 'sidebar_settings.html' %}
+
+			<div class="col-12 col-lg-10" id="core_content">
+
+				<div class="card mb-3 mt-1">
+					<div class="card-header text-white bg-dark pb-1">
+						<h5 class="card-title">My Profile :</h5>
+					</div>
+					<div class="card-body">
+
+            <div class="row">
+              <div class="col-xl-6">
+                <div class="card text-center border-secondary">
+                  <div class="card-body px-1 py-0">
+                    <table class="table table-sm">
+                      <tbody>
+                        <tr>
+                          <td>Email</td>
+                          <td>{{user_metadata['email']}}</td>
+                        </tr>
+                        <tr>
+                          <td>Role</td>
+                          <td>{{user_metadata['role']}}</td>
+                        </tr>
+                        <tr>
+                          <td>API Key</td>
+                          <td>
+                            {{user_metadata['api_key']}}
+                            <a class="ml-3" href="{{url_for('settings.new_token')}}"><i class="fa fa-random"></i></a>
+                          </td>
+                        </tr>
+                      </tbody>
+                    </table>
+                  </div>
+                </div>
+              </div>
+            </div>
+
+					</div>
+				</div>
+
+    	</div>
+		</div>
+	</div>
+
+  {% include 'navfooter.html' %}
+
+</body>
+
+<script>
+$(document).ready(function(){
+  $("#nav-settings").addClass("active");
+  $("#nav_edit_profile").addClass("active");
+	$("#nav_my_profile").removeClass("text-muted");
+} );
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
+
+</html>
--- a/server/web/templates/index.html
+++ b/server/web/templates/index.html
@ -58,22 +58,7 @@

 <body>

-	<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item active">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	    <li class="nav-item" mr-3>
-	      <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	    </li>
-      <li class="nav-item mr-3">
-	      <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	    </li>
-	  </ul>
-	</nav>
+	{% include 'navbar.html' %}


 		<div class="row mr-0">
@ -109,6 +94,9 @@
 </body>

 <script>
+$(document).ready(function(){
+  $("#nav-home").addClass("active");
+} );

 ////
 //http://bl.ocks.org/charlesdguthrie/11356441, updated and modified
--- a/server/web/templates/navbar.html
+++ b/server/web/templates/navbar.html
@ -0,0 +1,22 @@
+  <nav class="navbar navbar-expand-sm navbar-dark bg-dark">
+    <a class="navbar-brand" href="{{ url_for('index') }}">
+      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
+    </a>
+    <ul class="navbar-nav">
+      <li class="nav-item">
+        <a class="nav-link mr-3" id="nav-home" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
+      </li>
+        <li class="nav-item" mr-3>
+          <a class="nav-link mr-3" id="nav-sensor" href="{{ url_for('sensors_status') }}">Sensors Status</a>
+        </li>
+        <li class="nav-item mr-3">
+          <a class="nav-link" id="nav-server" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
+        </li>
+        <li class="nav-item mr-3">
+          <a class="nav-link" id="nav-settings" href="{{ url_for('settings.settings_page') }}" tabindex="-1" aria-disabled="true">Settings</a>
+        </li>
+        <li class="nav-item mr-3">
+          <a class="nav-link" href="{{ url_for('logout') }}" tabindex="-1" aria-disabled="true"><i class="fa fa-sign-out"></i>Log Out</a>
+        </li>
+      </ul>
+  </nav>
--- a/server/web/templates/sensors_status.html
+++ b/server/web/templates/sensors_status.html
@ -27,22 +27,7 @@

 <body>

-	<nav class="navbar navbar-expand-lg navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	      <li class="nav-item" mr-3>
-	        <a class="nav-link active mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	      </li>
-	      <li class="nav-item mr-3">
-	        <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	      </li>
-	    </ul>
-	</nav>
+	{% include 'navbar.html' %}

 	<div class="card mt-2 mb-2">
 		<div class="card-body bg-dark text-white">
@ -129,6 +114,7 @@

 <script>
 $(document).ready(function(){
+	$("#nav-sensor").addClass("active");
 	table = $('#myTable_1').DataTable(
 		{
 			"aLengthMenu": [[5, 10, 15, 20, -1], [5, 10, 15, 20, "All"]],
--- a/server/web/templates/server_management.html
+++ b/server/web/templates/server_management.html
@ -19,22 +19,7 @@

 <body>

-	<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	      <li class="nav-item" mr-3>
-	        <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	      </li>
-	      <li class="nav-item mr-3">
-	        <a class="nav-link active" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	      </li>
-	    </ul>
-	</nav>
+	{% include 'navbar.html' %}

 	<div class="card-deck ml-0 mr-0">
 		<div class="card text-center mt-3 ml-xl-4">
@ -384,6 +369,7 @@ var table
 $(document).ready(function(){
 	$('#extended_type_name').hide()
 	$('#analyzer_metatype_name').hide()
+	$("#nav-server").addClass("active");

 		table = $('#myTable_').DataTable(
 			{
--- a/server/web/templates/sidebar_settings.html
+++ b/server/web/templates/sidebar_settings.html
@ -0,0 +1,47 @@
+      <div class="col-12 col-lg-2 p-0 bg-light border-right" id="side_menu">
+
+      	<button type="button" class="btn btn-outline-secondary mt-1 ml-3" onclick="toggle_sidebar();">
+          <i class="fa align-left"></i>
+      	  <span>Toggle Sidebar</span>
+      	</button>
+
+      	<nav class="navbar navbar-expand navbar-light bg-light flex-md-column flex-row align-items-start py-2" id="nav_menu">
+          <h5 class="d-flex text-muted w-100 py-2" id="nav_my_profile">
+            <span>My Profile</span>
+          </h5>
+          <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
+      	    <li class="nav-item">
+      	      <a class="nav-link" href="{{url_for('settings.edit_profile')}}" id="nav_edit_profile">
+      	        <i class="fa fa-user"></i>
+      	        <span>My Profile</span>
+      	      </a>
+      	    </li>
+      	    <li class="nav-item">
+      	      <a class="nav-link" href="{{url_for('change_password')}}" id="nav_dashboard">
+      	        <i class="fa fa-key"></i>
+      	        <span>Change Password</span>
+      	      </a>
+      	    </li>
+          </ul>
+        {% if admin_level %}
+        		<h5 class="d-flex text-muted w-100 py-2" id="nav_user_management">
+        		  <span>User Management</span>
+        		</h5>
+            <ul class="nav flex-md-column flex-row navbar-nav justify-content-between w-100"> <!--nav-pills-->
+        	    <li class="nav-item">
+        	      <a class="nav-link" href="{{url_for('settings.create_user')}}" id="nav_create_user">
+        	        <i class="fa fa-user-plus"></i>
+        	        <span>Create User</span>
+        	      </a>
+        	    </li>
+              <li class="nav-item">
+        	      <a class="nav-link" href="{{url_for('settings.users_list')}}" id="nav_users_list">
+        	        <i class="fa fa-users"></i>
+        	        <span>Users List</span>
+        	      </a>
+        	    </li>
+            </ul>
+        {% endif %}
+
+        </nav>
+      </div>
--- a/server/web/templates/users_list.html
+++ b/server/web/templates/users_list.html
@ -0,0 +1,125 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <title>D4-Project</title>
+  <link rel="icon" href="{{ url_for('static', filename='img/d4-logo.png')}}">
+
+  <!-- Core CSS -->
+	<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='font-awesome/css/font-awesome.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
+
+  <!-- JS -->
+	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/popper.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/bootstrap.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
+
+  <style>
+	.edit_icon:hover{
+		cursor: pointer;
+		color: #17a2b8;
+	}
+  .trash_icon:hover{
+		cursor: pointer;
+		color: #c82333;
+	}
+	</style>
+
+</head>
+<body>
+
+  {% include 'navbar.html' %}
+
+	<div class="container-fluid">
+		<div class="row">
+
+			{% include 'sidebar_settings.html' %}
+
+			<div class="col-12 col-lg-10" id="core_content">
+
+        {% if new_user %}
+        <div class="text-center my-3 ">
+          <div class="card">
+            <div class="card-header">
+              {% if new_user['edited']=='True' %}
+                <h5 class="card-title">User Edited</h5>
+              {% else %}
+                <h5 class="card-title">User Created</h5>
+              {% endif %}
+            </div>
+            <div class="card-body">
+              <p>User: {{new_user['email']}}</p>
+              <p>Password: {{new_user['password']}}</p>
+              <a href="{{url_for('settings.users_list')}}" class="btn btn-primary"><i class="fa fa-eye-slash"></i> Hide</a>
+            </div>
+          </div>
+        </div>
+        {% endif %}
+
+        <div class="table-responsive mt-1 table-hover table-borderless table-striped">
+          <table class="table">
+            <thead class="thead-dark">
+                <tr>
+                  <th>Email</th>
+                  <th>Role</th>
+                  <th>Api Key</th>
+                  <th>Actions</th>
+                </tr>
+            </thead>
+            <tbody id="tbody_last_crawled">
+                {% for user in all_users %}
+                  <tr>
+                    <td>{{user['email']}}</td>
+                    <td>{{user['role']}}</td>
+                    <td>
+                      {{user['api_key']}}
+                      <a class="ml-3" href="{{url_for('settings.new_token_user')}}?user_id={{user['email']}}"><i class="fa fa-random"></i></a>
+                    </td>
+                    <td>
+                      <a href="{{ url_for('settings.edit_user')}}?user_id={{user['email']}}">
+                          <i class="fa fa-pencil edit_icon"></i>
+											</a>
+                      <a href="{{ url_for('settings.delete_user')}}?user_id={{user['email']}}" class="ml-4">
+                          <i class="fa fa-trash trash_icon"></i>
+											</a>
+                    </td>
+                  </tr>
+                {% endfor %}
+            </tbody>
+          </table>
+        </div>
+
+    	</div>
+		</div>
+	</div>
+
+  {% include 'navfooter.html' %}
+
+</body>
+
+<script>
+$(document).ready(function(){
+  $("#nav-settings").addClass("active");
+  $("#nav_users_list").addClass("active");
+	$("#nav_user_management").removeClass("text-muted");
+} );
+
+function toggle_sidebar(){
+	if($('#nav_menu').is(':visible')){
+		$('#nav_menu').hide();
+		$('#side_menu').removeClass('border-right')
+		$('#side_menu').removeClass('col-lg-2')
+		$('#core_content').removeClass('col-lg-10')
+	}else{
+		$('#nav_menu').show();
+		$('#side_menu').addClass('border-right')
+		$('#side_menu').addClass('col-lg-2')
+		$('#core_content').addClass('col-lg-10')
+	}
+}
+</script>
+
+</html>
--- a/server/web/templates/uuid_management.html
+++ b/server/web/templates/uuid_management.html
@ -28,22 +28,7 @@

 <body>

-	<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
-		<a class="navbar-brand" href="{{ url_for('index') }}">
-      <img src="{{ url_for('static', filename='img/d4-logo.png')}}" alt="D4 Project" style="width:80px;">
-    </a>
-	  <ul class="navbar-nav">
-	    <li class="nav-item">
-	      <a class="nav-link mr-3" href="{{ url_for('index') }}">Home <span class="sr-only">(current)</span></a>
-	    </li>
-	      <li class="nav-item" mr-3>
-	        <a class="nav-link mr-3" href="{{ url_for('sensors_status') }}">Sensors Status</a>
-	      </li>
-	      <li class="nav-item mr-3">
-	        <a class="nav-link" href="{{ url_for('server_management') }}" tabindex="-1" aria-disabled="true">Server Management</a>
-	      </li>
-	    </ul>
-	</nav>
+	{% include 'navbar.html' %}

 	<div class="card text-center mt-3 ml-2 mr-2">
 		<div class="card-header bg-dark text-white">