diff --git a/server/LAUNCH.sh b/server/LAUNCH.sh index 80c7044..22ed83f 100755 --- a/server/LAUNCH.sh +++ b/server/LAUNCH.sh @@ -11,10 +11,10 @@ CYAN="\\033[1;36m" . ./D4ENV/bin/activate -isredis=`screen -ls | egrep '[0-9]+.Redis_D4' | cut -d. -f1` -isd4server=`screen -ls | egrep '[0-9]+.Server_D4' | cut -d. -f1` -isworker=`screen -ls | egrep '[0-9]+.Workers_D4' | cut -d. -f1` -isflask=`screen -ls | egrep '[0-9]+.Flask_D4' | cut -d. -f1` +isredis=`screen -ls | egrep '[0-9]+.Redis_D4 ' | cut -d. -f1` +isd4server=`screen -ls | egrep '[0-9]+.Server_D4 ' | cut -d. -f1` +isworker=`screen -ls | egrep '[0-9]+.Workers_D4 ' | cut -d. -f1` +isflask=`screen -ls | egrep '[0-9]+.Flask_D4 ' | cut -d. -f1` function helptext { echo -e $YELLOW" @@ -109,6 +109,18 @@ function checking_redis { return $flag_redis; } +function wait_until_redis_is_ready { + redis_not_ready=true + while $redis_not_ready; do + if checking_redis; then + redis_not_ready=false; + else + sleep 1 + fi + done + echo -e $YELLOW"\t* Redis Launched"$DEFAULT +} + function launch_redis { if [[ ! $isredis ]]; then launching_redis; @@ -275,16 +287,19 @@ function launch_all { while [ "$1" != "" ]; do case $1 in - -l | --launchAuto ) launch_all; - ;; - -k | --killAll ) helptext; - killall; - ;; - -h | --help ) helptext; - exit - ;; - * ) helptext - exit 1 + -l | --launchAuto ) launch_all; + ;; + -k | --killAll ) helptext; + killall; + ;; + -lrv | --launchRedisVerify ) launch_redis; + wait_until_redis_is_ready; + ;; + -h | --help ) helptext; + exit + ;; + * ) helptext + exit 1 esac shift done diff --git a/server/documentation/README.md b/server/documentation/README.md index ed0b20e..ac15f83 100644 --- a/server/documentation/README.md +++ b/server/documentation/README.md @@ -4,7 +4,7 @@ ### Automation key -The authentication of the automation is performed via a secure key available in the D4 UI interface. Make sure you keep that key secret. It gives access to the entire database! The API key is available in the ``Server Management`` menu under ``My Profile``. +The authentication of the automation is performed via a secure key available in the D4 UI interface. Make sure you keep that key secret. It gives access to the entire database! The API key is available in the ``Settings`` menu under ``My Profile``. The authorization is performed by using the following header: @@ -22,15 +22,15 @@ Content-Type: application/json Example: ~~~~ -curl --header "Authorization: YOUR_API_KEY" --header "Content-Type: application/json" https://AIL_URL/ +curl --header "Authorization: YOUR_API_KEY" --header "Content-Type: application/json" https://D4_URL/ ~~~~ -## Item management +## Sensor Registration -### Get item: `api/v1/get/item/default` +### Register a sensor: `api/v1/add/sensor/register` #### Description -Get item default info. +Register a sensor. **Method** : `POST` @@ -49,6 +49,10 @@ Get item default info. - sensor description - *str* +- `mail` + - user mail + - *str* + #### JSON response - `uuid` - sensor uuid @@ -62,8 +66,8 @@ curl https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization: #### input.json Example ```json { - "uuid": "", - "hmac_key": "" + "uuid": "ff7ba400-e76c-4053-982d-feec42bdef38", + "hmac_key": "...HMAC_KEY..." } ``` @@ -72,7 +76,7 @@ curl https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization: ```json { - "uuid": "", + "uuid": "ff7ba400-e76c-4053-982d-feec42bdef38", } ``` @@ -81,4 +85,10 @@ curl https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization: **HTTP Status Code** : `400` ```json {"status": "error", "reason": "Mandatory parameter(s) not provided"} + {"status": "error", "reason": "Invalid uuid"} +``` + +**HTTP Status Code** : `409` +```json + {"status": "error", "reason": "Sensor already registred"} ``` diff --git a/server/install_server.sh b/server/install_server.sh index 24f1cd5..8aa7aa0 100755 --- a/server/install_server.sh +++ b/server/install_server.sh @@ -26,6 +26,16 @@ git checkout 5.0 make popd +# LAUNCH Redis +bash ${AIL_BIN}LAUNCH.sh -lrv & +wait +echo "" + +# create default users pushd web/ ./create_default_user.py popd + +bash LAUNCH.sh -k & +wait +echo "" diff --git a/server/web/Flask_server.py b/server/web/Flask_server.py index b7343a2..f8ea51b 100755 --- a/server/web/Flask_server.py +++ b/server/web/Flask_server.py @@ -31,6 +31,7 @@ from User import User # Import Blueprint from blueprints.restApi import restApi +from blueprints.settings import settings baseUrl = '' if baseUrl != '': @@ -112,6 +113,7 @@ login_manager.init_app(app) # ========= BLUEPRINT =========# app.register_blueprint(restApi) +app.register_blueprint(settings) # ========= =========# # ========= LOGIN MANAGER ======== diff --git a/server/web/Role_Manager.py b/server/web/Role_Manager.py index 8ac76ba..4772be8 100644 --- a/server/web/Role_Manager.py +++ b/server/web/Role_Manager.py @@ -158,7 +158,7 @@ def get_role_level(role): def get_all_user_role(user_role): current_role_val = get_role_level(user_role) - return r_serv_db.zrangebyscore('d4:all_role', current_role_val -1, 50) + return r_serv_db.zrangebyscore('d4:all_role', current_role_val, 50) def get_all_user_upper_role(user_role): current_role_val = get_role_level(user_role) diff --git a/server/web/blueprints/settings.py b/server/web/blueprints/settings.py new file mode 100644 index 0000000..abd63c4 --- /dev/null +++ b/server/web/blueprints/settings.py @@ -0,0 +1,192 @@ +#!/usr/bin/env python3 +# -*-coding:UTF-8 -* + +''' + Flask functions and routes for the rest api +''' + +import os +import re +import sys +import redis + +from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response +from flask_login import login_required, current_user + +from Role_Manager import login_admin, login_user_basic +from Role_Manager import create_user_db, edit_user_db, delete_user_db, check_password_strength, generate_new_token, gen_password, get_all_role + +# ============ BLUEPRINT ============ + +settings = Blueprint('settings', __name__, template_folder='templates') + +# ============ VARIABLES ============ + +email_regex = r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}' +email_regex = re.compile(email_regex) +host_redis_metadata = os.getenv('D4_REDIS_METADATA_HOST', "localhost") +port_redis_metadata = int(os.getenv('D4_REDIS_METADATA_PORT', 6380)) + +r_serv_metadata = redis.StrictRedis( + host=host_redis_metadata, + port=port_redis_metadata, + db=0, + decode_responses=True) + +r_serv_db = redis.StrictRedis( + host=host_redis_metadata, + port=port_redis_metadata, + db=1, + decode_responses=True) + +# ============ FUNCTIONS ============ + +def one(): + return 1 + +def check_email(email): + result = email_regex.match(email) + if result: + return True + else: + return False + +def get_user_metadata(user_id): + user_metadata = {} + user_metadata['email'] = user_id + user_metadata['role'] = r_serv_db.hget('user_metadata:{}'.format(user_id), 'role') + user_metadata['api_key'] = r_serv_db.hget('user_metadata:{}'.format(user_id), 'token') + return user_metadata + +def get_users_metadata(list_users): + users = [] + for user in list_users: + users.append(get_user_metadata(user)) + return users + +def get_all_users(): + return r_serv_db.hkeys('user:all') + + +# ============= ROUTES ============== + +@settings.route("/settings/", methods=['GET']) +@login_required +@login_user_basic +def settings_page(): + return redirect(url_for('settings.edit_profile')) + +@settings.route("/settings/edit_profile", methods=['GET']) +@login_required +@login_user_basic +def edit_profile(): + user_metadata = get_user_metadata(current_user.get_id()) + admin_level = current_user.is_in_role('admin') + return render_template("edit_profile.html", user_metadata=user_metadata, + admin_level=admin_level) + +@settings.route("/settings/new_token", methods=['GET']) +@login_required +@login_user_basic +def new_token(): + generate_new_token(current_user.get_id()) + return redirect(url_for('settings.edit_profile')) + +@settings.route("/settings/new_token_user", methods=['GET']) +@login_required +@login_admin +def new_token_user(): + user_id = request.args.get('user_id') + if r_serv_db.exists('user_metadata:{}'.format(user_id)): + generate_new_token(user_id) + return redirect(url_for('settings.users_list')) + +@settings.route("/settings/create_user", methods=['GET']) +@login_required +@login_admin +def create_user(): + user_id = request.args.get('user_id') + error = request.args.get('error') + error_mail = request.args.get('error_mail') + role = None + if r_serv_db.exists('user_metadata:{}'.format(user_id)): + role = r_serv_db.hget('user_metadata:{}'.format(user_id), 'role') + else: + user_id = None + all_roles = get_all_role() + return render_template("create_user.html", all_roles=all_roles, user_id=user_id, user_role=role, + error=error, error_mail=error_mail, + admin_level=True) + +@settings.route("/settings/create_user_post", methods=['POST']) +@login_required +@login_admin +def create_user_post(): + email = request.form.get('username') + role = request.form.get('user_role') + password1 = request.form.get('password1') + password2 = request.form.get('password2') + + all_roles = get_all_role() + + if email and len(email)< 300 and check_email(email) and role: + if role in all_roles: + # password set + if password1 and password2: + if password1==password2: + if check_password_strength(password1): + password = password1 + else: + return render_template("create_user.html", all_roles=all_roles, error="Incorrect Password", admin_level=True) + else: + return render_template("create_user.html", all_roles=all_roles, error="Passwords don't match", admin_level=True) + # generate password + else: + password = gen_password() + + if current_user.is_in_role('admin'): + # edit user + if r_serv_db.exists('user_metadata:{}'.format(email)): + if password1 and password2: + edit_user_db(email, password=password, role=role) + return redirect(url_for('settings.users_list', new_user=email, new_user_password=password, new_user_edited=True)) + else: + edit_user_db(email, role=role) + return redirect(url_for('settings.users_list', new_user=email, new_user_password='Password not changed', new_user_edited=True)) + # create user + else: + create_user_db(email, password, default=True, role=role) + return redirect(url_for('settings.users_list', new_user=email, new_user_password=password, new_user_edited=False)) + + else: + return render_template("create_user.html", all_roles=all_roles, admin_level=True) + else: + return render_template("create_user.html", all_roles=all_roles, error_mail=True, admin_level=True) + +@settings.route("/settings/users_list", methods=['GET']) +@login_required +@login_admin +def users_list(): + all_users = get_users_metadata(get_all_users()) + new_user = request.args.get('new_user') + new_user_dict = {} + if new_user: + new_user_dict['email'] = new_user + new_user_dict['edited'] = request.args.get('new_user_edited') + new_user_dict['password'] = request.args.get('new_user_password') + return render_template("users_list.html", all_users=all_users, new_user=new_user_dict, admin_level=True) + +@settings.route("/settings/edit_user", methods=['GET']) +@login_required +@login_admin +def edit_user(): + user_id = request.args.get('user_id') + return redirect(url_for('settings.create_user', user_id=user_id)) + +@settings.route("/settings/delete_user", methods=['GET']) +@login_required +@login_admin +def delete_user(): + user_id = request.args.get('user_id') + delete_user_db(user_id) + return redirect(url_for('settings.users_list')) diff --git a/server/web/templates/403.html b/server/web/templates/403.html index ed335bf..38a9132 100644 --- a/server/web/templates/403.html +++ b/server/web/templates/403.html @@ -12,22 +12,7 @@ - + {% include 'navbar.html' %}

@@ -64,4 +49,10 @@ + + diff --git a/server/web/templates/404.html b/server/web/templates/404.html index 432b906..ad03d45 100644 --- a/server/web/templates/404.html +++ b/server/web/templates/404.html @@ -23,22 +23,7 @@ - + {% include 'navbar.html' %} 
@@ -68,3 +53,11 @@
 
 	{% include 'navfooter.html' %}
 
+
+
+
+
diff --git a/server/web/templates/blacklisted_ip.html b/server/web/templates/blacklisted_ip.html
index 49c880d..9043bea 100644
--- a/server/web/templates/blacklisted_ip.html
+++ b/server/web/templates/blacklisted_ip.html
@@ -23,22 +23,7 @@
 
 
 
-	
+	{% include 'navbar.html' %}
 
 	

 		

diff --git a/server/web/templates/blacklisted_uuid.html b/server/web/templates/blacklisted_uuid.html
index 22eb5fa..022ede3 100644
--- a/server/web/templates/blacklisted_uuid.html
+++ b/server/web/templates/blacklisted_uuid.html
@@ -23,22 +23,7 @@
 
 
 
-	
+	{% include 'navbar.html' %}
 
 	

 		

diff --git a/server/web/templates/create_user.html b/server/web/templates/create_user.html
new file mode 100644
index 0000000..9edc2ad
--- /dev/null
+++ b/server/web/templates/create_user.html
@@ -0,0 +1,156 @@
+
+
+
+
+  D4-Project
+	
+
+  
+	
+	
+	
+
+  
+	
+	
+	
+	
+	
+
+
+
+
+  {% include 'navbar.html' %}
+
+	

+		

+
+			{% include 'sidebar_settings.html' %}
+
+      

+
+        
+
+    	

+		

+	

+
+  {% include 'navfooter.html' %}
+
+
+
+
+
+
diff --git a/server/web/templates/edit_profile.html b/server/web/templates/edit_profile.html
new file mode 100644
index 0000000..ef17486
--- /dev/null
+++ b/server/web/templates/edit_profile.html
@@ -0,0 +1,99 @@
+
+
+
+
+  D4-Project
+	
+
+  
+	
+	
+	
+
+  
+	
+	
+	
+	
+	
+
+
+
+
+  {% include 'navbar.html' %}
+
+	

+		

+
+			{% include 'sidebar_settings.html' %}
+
+			

+
+				

+					

+						
My Profile :

+					

+					

+
+            

+              

+                

+                  

+                    
+                      
+                        
+                          
+                          
+                        
+                        
+                          
+                          
+                        
+                        
+                          
+                          
+                        
+                      
+                    
Email{{user_metadata['email']}}
Role{{user_metadata['role']}}
API Key
+                            {{user_metadata['api_key']}}
+                            
+                          

+                  

+                

+              

+            

+
+					

+				

+
+    	

+		

+	

+
+  {% include 'navfooter.html' %}
+
+
+
+
+
+
diff --git a/server/web/templates/index.html b/server/web/templates/index.html
index 20d88bf..d8ae487 100644
--- a/server/web/templates/index.html
+++ b/server/web/templates/index.html
@@ -58,22 +58,7 @@
 
 
 
-	
+	{% include 'navbar.html' %}
 
 
 		

@@ -109,6 +94,9 @@
 
 
 
+	
+	
+	
+	
+
+  
+
+
+
+
+  {% include 'navbar.html' %}
+
+	

+		

+
+			{% include 'sidebar_settings.html' %}
+
+			

+
+        {% if new_user %}
+        

+          

+            

+              {% if new_user['edited']=='True' %}
+                
User Edited

+              {% else %}
+                
User Created

+              {% endif %}
+            

+            

+              
User: {{new_user['email']}}

+              
Password: {{new_user['password']}}

+               Hide
+            

+          

+        

+        {% endif %}
+
+        

+          
+            
+                
+                  
+                  
+                  
+                  
+                
+            
+            
+                {% for user in all_users %}
+                  
+                    
+                    
+                    
+                    
+                  
+                {% endfor %}
+            
+          
EmailRoleApi KeyActions
{{user['email']}}{{user['role']}}
+                      {{user['api_key']}}
+                      
+                    
+                      
+                          
+											
+                      
+                          
+											
+                    

+        

+
+    	

+		

+	

+
+  {% include 'navfooter.html' %}
+
+
+
+
+
+
diff --git a/server/web/templates/uuid_management.html b/server/web/templates/uuid_management.html
index d0a8113..8ed7974 100644
--- a/server/web/templates/uuid_management.html
+++ b/server/web/templates/uuid_management.html
@@ -28,22 +28,7 @@
 
 
 
-	
+	{% include 'navbar.html' %}