Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-13 16:56:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

complete https://feedback.cyberpanel.net/b/requests/p/2fa-support-in-login

Browse Source
This commit is contained in:
Usman Nasir
2020-08-10 23:55:46 +05:00
parent e047da10b8
commit 6810ff1b87
9 changed files with 231 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
loginSystem/static/loginSystem/login-systen.js
View File

@@ -33,23 +33,24 @@ var application = angular.module('loginSystem', []);
application.config(['$interpolateProvider', application.config(['$interpolateProvider',
function($interpolateProvider) { function ($interpolateProvider) {
$interpolateProvider.startSymbol('{$'); $interpolateProvider.startSymbol('{$');
$interpolateProvider.endSymbol('$}'); $interpolateProvider.endSymbol('$}');
} }
]); ]);
application.controller('loginSystem', function($scope,$http,$window) { application.controller('loginSystem', function ($scope, $http, $window) {
$scope.verifyCode = true;
$scope.verifyLoginCredentials = function() { $scope.verifyLoginCredentials = function () {
$("#verifyingLogin").show(); $("#verifyingLogin").show();
var username = $scope.username; var username = $scope.username;
var password= $scope.password; var password = $scope.password;
var languageSelection= $scope.languageSelection; var languageSelection = $scope.languageSelection;
url = "/verifyLogin"; url = "/verifyLogin";
@@ -57,42 +58,43 @@ application.controller('loginSystem', function($scope,$http,$window) {
var data = { var data = {
username: username, username: username,
password: password, password: password,
languageSelection:languageSelection, languageSelection: languageSelection,
twofa: $scope.twofa
}; };
var config = { var config = {
headers : { headers: {
'X-CSRFToken': getCookie('csrftoken') 'X-CSRFToken': getCookie('csrftoken')
} }
}; };
$http.post(url, data,config).then(ListInitialData, cantLoadInitialData); $http.post(url, data, config).then(ListInitialData, cantLoadInitialData);
function ListInitialData(response) { function ListInitialData(response) {
if (response.data.loginStatus === 0) if (response.data.loginStatus === 0) {
{
$scope.errorMessage = response.data.error_message; $scope.errorMessage = response.data.error_message;
$("#loginFailed").fadeIn(); $("#loginFailed").fadeIn();
}else if(response.data.loginStatus === 2){
$scope.verifyCode = false;
} }
else{ else {
$("#loginFailed").hide(); $("#loginFailed").hide();
$window.location.href = '/base/'; $window.location.href = '/base/';
} }
$("#verifyingLogin").hide(); $("#verifyingLogin").hide();
} }
function cantLoadInitialData(response) {}
function cantLoadInitialData(response) {
}
}; };
$scope.initiateLogin = function($event){ $scope.initiateLogin = function ($event) {
var keyCode = $event.which || $event.keyCode; var keyCode = $event.which || $event.keyCode;
if (keyCode === 13) { if (keyCode === 13) {
$scope.verifyLoginCredentials(); $scope.verifyLoginCredentials();

10
loginSystem/templates/loginSystem/login.html
View File

@@ -191,6 +191,16 @@
src="{% static 'images/loading.gif' %}"> src="{% static 'images/loading.gif' %}">
</div> </div>
<div ng-hide="verifyCode" class="form-group">
<div class="input-group">
<input ng-model="twofa" type="text" class="form-control" name="twofa"
placeholder="Enter code from Google Authenticator" required style="height: 45px;">
<span class="input-group-addon bg-blue">
<i class="glyph-icon icon-unlock-alt"></i>
</span>
</div>
</div>
<div class="form-group"> <div class="form-group">
<div class="input-group"> <div class="input-group">

24
loginSystem/views.py
View File

@@ -91,8 +91,32 @@ def verifyLogin(request):
json_data = json.dumps(data) json_data = json.dumps(data)
return HttpResponse(json_data) return HttpResponse(json_data)
if admin.twoFA:
try:
twoinit = request.session['twofa']
except:
request.session['twofa'] = 0
data = {'userID': admin.pk, 'loginStatus': 2, 'error_message': "None"}
json_data = json.dumps(data)
response.write(json_data)
return response
if hashPassword.check_password(admin.password, password): if hashPassword.check_password(admin.password, password):
if admin.twoFA:
if request.session['twofa'] == 0:
import pyotp
totp = pyotp.TOTP(admin.secretKey)
del request.session['twofa']
logging.writeToFile(str(totp.now()))
if totp.verify(data['twofa']):
data = {'userID': 0, 'loginStatus': 0, 'error_message': "Invalid verification code."}
json_data = json.dumps(data)
response.write(json_data)
return response
request.session['userID'] = admin.pk request.session['userID'] = admin.pk
ipAddr = request.META.get('REMOTE_ADDR') ipAddr = request.META.get('REMOTE_ADDR')

2
plogical/upgrade.py
View File

@@ -534,7 +534,7 @@ $cfg['Servers'][$i]['SignonURL'] = 'phpmyadminsignin.php';
pass pass
try: try:
cursor.execute("ALTER TABLE loginSystem_administrator ADD secretKey varchar(50) DEFAULT 'ACTIVE'") cursor.execute("ALTER TABLE loginSystem_administrator ADD secretKey varchar(50) DEFAULT 'None'")
except: except:
pass pass

32
static/loginSystem/login-systen.js
View File

@@ -33,23 +33,24 @@ var application = angular.module('loginSystem', []);
application.config(['$interpolateProvider', application.config(['$interpolateProvider',
function($interpolateProvider) { function ($interpolateProvider) {
$interpolateProvider.startSymbol('{$'); $interpolateProvider.startSymbol('{$');
$interpolateProvider.endSymbol('$}'); $interpolateProvider.endSymbol('$}');
} }
]); ]);
application.controller('loginSystem', function($scope,$http,$window) { application.controller('loginSystem', function ($scope, $http, $window) {
$scope.verifyCode = true;
$scope.verifyLoginCredentials = function() { $scope.verifyLoginCredentials = function () {
$("#verifyingLogin").show(); $("#verifyingLogin").show();
var username = $scope.username; var username = $scope.username;
var password= $scope.password; var password = $scope.password;
var languageSelection= $scope.languageSelection; var languageSelection = $scope.languageSelection;
url = "/verifyLogin"; url = "/verifyLogin";
@@ -57,42 +58,43 @@ application.controller('loginSystem', function($scope,$http,$window) {
var data = { var data = {
username: username, username: username,
password: password, password: password,
languageSelection:languageSelection, languageSelection: languageSelection,
twofa: $scope.twofa
}; };
var config = { var config = {
headers : { headers: {
'X-CSRFToken': getCookie('csrftoken') 'X-CSRFToken': getCookie('csrftoken')
} }
}; };
$http.post(url, data,config).then(ListInitialData, cantLoadInitialData); $http.post(url, data, config).then(ListInitialData, cantLoadInitialData);
function ListInitialData(response) { function ListInitialData(response) {
if (response.data.loginStatus === 0) if (response.data.loginStatus === 0) {
{
$scope.errorMessage = response.data.error_message; $scope.errorMessage = response.data.error_message;
$("#loginFailed").fadeIn(); $("#loginFailed").fadeIn();
}else if(response.data.loginStatus === 2){
$scope.verifyCode = false;
} }
else{ else {
$("#loginFailed").hide(); $("#loginFailed").hide();
$window.location.href = '/base/'; $window.location.href = '/base/';
} }
$("#verifyingLogin").hide(); $("#verifyingLogin").hide();
} }
function cantLoadInitialData(response) {}
function cantLoadInitialData(response) {
}
}; };
$scope.initiateLogin = function($event){ $scope.initiateLogin = function ($event) {
var keyCode = $event.which || $event.keyCode; var keyCode = $event.which || $event.keyCode;
if (keyCode === 13) { if (keyCode === 13) {
$scope.verifyLoginCredentials(); $scope.verifyLoginCredentials();

28
static/userManagment/userManagment.js
View File

@@ -127,6 +127,13 @@ app.controller('createUserCtr', function ($scope, $http) {
/* Java script code to modify user account */ /* Java script code to modify user account */
app.controller('modifyUser', function ($scope, $http) { app.controller('modifyUser', function ($scope, $http) {
var qrCode = window.qr = new QRious({
element: document.getElementById('qr'),
size: 200,
value: 'QRious'
});
$scope.userModificationLoading = true; $scope.userModificationLoading = true;
$scope.acctDetailsFetched = true; $scope.acctDetailsFetched = true;
$scope.userAccountsLimit = true; $scope.userAccountsLimit = true;
@@ -137,6 +144,15 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.detailsFetched = true; $scope.detailsFetched = true;
$scope.accountTypeView = true; $scope.accountTypeView = true;
$scope.websitesLimit = true; $scope.websitesLimit = true;
$scope.qrHidden = true;
$scope.decideQRShow = function(){
if($scope.twofa === true){
$scope.qrHidden = false;
}else{
$scope.qrHidden = true;
}
};
$scope.fetchUserDetails = function () { $scope.fetchUserDetails = function () {
@@ -173,6 +189,12 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.lastName = userDetails.lastName; $scope.lastName = userDetails.lastName;
$scope.email = userDetails.email; $scope.email = userDetails.email;
$scope.secLevel = userDetails.securityLevel; $scope.secLevel = userDetails.securityLevel;
$scope.twofa = Boolean(userDetails.twofa);
qrCode.set({
value: userDetails.otpauth
});
$scope.userModificationLoading = true; $scope.userModificationLoading = true;
$scope.acctDetailsFetched = false; $scope.acctDetailsFetched = false;
@@ -220,7 +242,6 @@ app.controller('modifyUser', function ($scope, $http) {
}; };
$scope.modifyUser = function () { $scope.modifyUser = function () {
@@ -252,7 +273,8 @@ app.controller('modifyUser', function ($scope, $http) {
lastName: lastName, lastName: lastName,
email: email, email: email,
passwordByPass: password, passwordByPass: password,
securityLevel: $scope.securityLevel securityLevel: $scope.securityLevel,
twofa: $scope.twofa
}; };
var config = { var config = {
@@ -1693,7 +1715,7 @@ app.controller('listTableUsers', function ($scope, $http) {
var data = { var data = {
accountUsername: userName, accountUsername: userName,
state : state state: state
}; };
var config = { var config = {

28
userManagment/static/userManagment/userManagment.js
View File

@@ -127,6 +127,13 @@ app.controller('createUserCtr', function ($scope, $http) {
/* Java script code to modify user account */ /* Java script code to modify user account */
app.controller('modifyUser', function ($scope, $http) { app.controller('modifyUser', function ($scope, $http) {
var qrCode = window.qr = new QRious({
element: document.getElementById('qr'),
size: 200,
value: 'QRious'
});
$scope.userModificationLoading = true; $scope.userModificationLoading = true;
$scope.acctDetailsFetched = true; $scope.acctDetailsFetched = true;
$scope.userAccountsLimit = true; $scope.userAccountsLimit = true;
@@ -137,6 +144,15 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.detailsFetched = true; $scope.detailsFetched = true;
$scope.accountTypeView = true; $scope.accountTypeView = true;
$scope.websitesLimit = true; $scope.websitesLimit = true;
$scope.qrHidden = true;
$scope.decideQRShow = function(){
if($scope.twofa === true){
$scope.qrHidden = false;
}else{
$scope.qrHidden = true;
}
};
$scope.fetchUserDetails = function () { $scope.fetchUserDetails = function () {
@@ -173,6 +189,12 @@ app.controller('modifyUser', function ($scope, $http) {
$scope.lastName = userDetails.lastName; $scope.lastName = userDetails.lastName;
$scope.email = userDetails.email; $scope.email = userDetails.email;
$scope.secLevel = userDetails.securityLevel; $scope.secLevel = userDetails.securityLevel;
$scope.twofa = Boolean(userDetails.twofa);
qrCode.set({
value: userDetails.otpauth
});
$scope.userModificationLoading = true; $scope.userModificationLoading = true;
$scope.acctDetailsFetched = false; $scope.acctDetailsFetched = false;
@@ -220,7 +242,6 @@ app.controller('modifyUser', function ($scope, $http) {
}; };
$scope.modifyUser = function () { $scope.modifyUser = function () {
@@ -252,7 +273,8 @@ app.controller('modifyUser', function ($scope, $http) {
lastName: lastName, lastName: lastName,
email: email, email: email,
passwordByPass: password, passwordByPass: password,
securityLevel: $scope.securityLevel securityLevel: $scope.securityLevel,
twofa: $scope.twofa
}; };
var config = { var config = {
@@ -1693,7 +1715,7 @@ app.controller('listTableUsers', function ($scope, $http) {
var data = { var data = {
accountUsername: userName, accountUsername: userName,
state : state state: state
}; };
var config = { var config = {

20
userManagment/templates/userManagment/modifyUser.html
View File

@@ -80,6 +80,23 @@
</div> </div>
</div> </div>
<div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label">{% trans "Additional Features" %}</label>
<label class="col-sm-3 control-label"></label>
<div class="col-sm-9">
<div class="checkbox">
<label>
<input ng-change="decideQRShow()" ng-model="twofa" type="checkbox" value="">
2FA
</label>
</div>
</div>
<label ng-hide="qrHidden" class="col-sm-3 control-label"></label>
<div ng-hide="qrHidden" class="col-sm-9">
<canvas id="qr"></canvas>
</div>
</div>
<div ng-hide="acctDetailsFetched" class="form-group"> <div ng-hide="acctDetailsFetched" class="form-group">
<label class="col-sm-3 control-label">{% trans "Security Level" %}</label> <label class="col-sm-3 control-label">{% trans "Security Level" %}</label>
@@ -143,9 +160,6 @@
</div> </div>
</div> </div>
</div> </div>
</div> </div>
{% endblock %} {% endblock %}

18
userManagment/views.py
View File

@@ -288,6 +288,14 @@ def fetchUserDetails(request):
else: else:
securityLevel = 'High' securityLevel = 'High'
import pyotp
if user.secretKey == 'None':
user.secretKey = pyotp.random_base32()
user.save()
otpauth = pyotp.totp.TOTP(user.secretKey).provisioning_uri(email, issuer_name="CyberPanel")
userDetails = { userDetails = {
"id": user.id, "id": user.id,
"firstName": firstName, "firstName": firstName,
@@ -295,7 +303,9 @@ def fetchUserDetails(request):
"email": email, "email": email,
"acl": user.acl.name, "acl": user.acl.name,
"websitesLimit": websitesLimit, "websitesLimit": websitesLimit,
"securityLevel": securityLevel "securityLevel": securityLevel,
"otpauth": otpauth,
'twofa': user.twoFA
} }
data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails} data_ret = {'fetchStatus': 1, 'error_message': 'None', "userDetails": userDetails}
@@ -333,6 +343,11 @@ def saveModifications(request):
except: except:
securityLevel = 'HIGH' securityLevel = 'HIGH'
try:
twofa = int(data['twofa'])
except:
twofa = 0
user = Administrator.objects.get(userName=accountUsername) user = Administrator.objects.get(userName=accountUsername)
currentACL = ACLManager.loadedACL(val) currentACL = ACLManager.loadedACL(val)
@@ -358,6 +373,7 @@ def saveModifications(request):
user.password = password user.password = password
user.token = token user.token = token
user.type = 0 user.type = 0
user.twoFA = twofa
if securityLevel == 'LOW': if securityLevel == 'LOW':
user.securityLevel = secMiddleware.LOW user.securityLevel = secMiddleware.LOW