fix password protection backend

2025-11-06 21:35:55 +01:00 · 2025-04-08 06:10:15 +05:00
parent ca6bc24135
commit 8ed356e886
1 changed files with 43 additions and 16 deletions
--- a/websiteFunctions/website.py
+++ b/websiteFunctions/website.py
@@ -1990,31 +1990,55 @@ class WebsiteManager:
                path = f'{vhostPassDir}/{siteId}'
                if value:
                    # Enable password protection
-                    if not os.path.exists(path):
-                        os.makedirs(path)
-                        htpasswd = f'{path}/.htpasswd'
-                        htaccess = f'{wpsite.path}/.htaccess'
+                    tempPath = f'/home/cyberpanel/{str(randint(1000, 9999))}'
+                    os.makedirs(tempPath)
+
+                    # Create temporary .htpasswd file
+                    htpasswd = f'{tempPath}/.htpasswd'
+                    htaccess = f'{tempPath}/.htaccess'
                    password = randomPassword.generate_pass(12)
        
                    # Create .htpasswd file
                    command = f"htpasswd -cb {htpasswd} admin {password}"
                    ProcessUtilities.executioner(command)
                    
-                        # Create .htaccess file
-                    htaccess_content = f"""AuthType Basic
+                    # Create .htaccess file content
+                    htaccess_content = f"""
+AuthType Basic
 AuthName "Restricted Access"
-AuthUserFile {htpasswd}
-Require valid-user"""
+AuthUserFile {path}/.htpasswd
+Require valid-user
+"""
+
                    with open(htaccess, 'w') as f:
                        f.write(htaccess_content)
+
+                    # Create final directory and move files
+                    command = f"mkdir -p {path}"
+                    ProcessUtilities.executioner(command, wpsite.owner.externalApp)
+
+                    # Move files to final location
+                    command = f"mv {htpasswd} {path}/.htpasswd"
+                    ProcessUtilities.executioner(command, wpsite.owner.externalApp)
+
+                    command = f"mv {htaccess} {wpsite.path}/.htaccess" 
+                    ProcessUtilities.executioner(command, wpsite.owner.externalApp)
+
+                    # Cleanup temp directory
+                    command = f"rm -rf {tempPath}"
+                    ProcessUtilities.executioner(command)
+
                else:
                    # Disable password protection
                    if os.path.exists(path):
-                        import shutil
-                        shutil.rmtree(path)
+                        command = f"rm -rf {path}"
+                        ProcessUtilities.executioner(command, wpsite.owner.externalApp)
+
                    htaccess = f'{wpsite.path}/.htaccess'
                    if os.path.exists(htaccess):
-                        os.remove(htaccess)
+                        command = f"rm -f {htaccess}"
+                        ProcessUtilities.executioner(command, wpsite.owner.externalApp)
+
                    return JsonResponse({'status': 1, 'error_message': 'None'})
            elif setting == 'maintenance-mode':
                if value:
@@ -2033,6 +2057,9 @@ Require valid-user"""
        except BaseException as msg:
            return JsonResponse({'status': 0, 'error_message': str(msg)})

+
+
+
    def submitWorpressCreation(self, userID=None, data=None):
        try:
            currentACL = ACLManager.loadedACL(userID)