kamp/WGDashboard
1
0
Fork 0
mirror of https://github.com/donaldzou/WGDashboard.git synced 2024-11-06 16:00:28 +01:00
Code

New build

Browse Source
This commit is contained in:
Donald Zou 2024-07-31 02:27:44 -04:00
parent 881d62d69d
commit 85970f8c96
4 changed files with 62 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/dashboard.py
View File

@ -22,6 +22,7 @@ import psutil
import pyotp import pyotp
from flask import Flask, request, render_template, session from flask import Flask, request, render_template, session
from json import JSONEncoder from json import JSONEncoder
from flask_cors import CORS
from icmplib import ping, traceroute from icmplib import ping, traceroute
@ -46,7 +47,7 @@ UPDATE = None
app = Flask("WGDashboard") app = Flask("WGDashboard")
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 5206928 app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 5206928
app.secret_key = secrets.token_urlsafe(32) app.secret_key = secrets.token_urlsafe(32)
cors = CORS(app, resources={r"/api/*": {"origins": "*"}})
class ModelEncoder(JSONEncoder): class ModelEncoder(JSONEncoder):
def default(self, o: Any) -> Any: def default(self, o: Any) -> Any:
@ -1209,21 +1210,35 @@ API Routes
@app.before_request @app.before_request
def auth_req(): def auth_req():
authenticationRequired = DashboardConfig.GetConfig("Server", "auth_req")[1] authenticationRequired = DashboardConfig.GetConfig("Server", "auth_req")[1]
d = request.args
if authenticationRequired: if authenticationRequired:
apiKey = d.get('apiKey')
if ('/static/' not in request.path and "username" not in session and "/" != request.path apiKeyEnabled = DashboardConfig.GetConfig("Server", "dashboard_api_key")[1]
and "validateAuthentication" not in request.path and "authenticate" not in request.path if apiKey is not None and len(apiKey) > 0 and apiKeyEnabled:
and "getDashboardConfiguration" not in request.path and "getDashboardTheme" not in request.path apiKeyExist = len(list(filter(lambda x : x.Key == apiKey, DashboardConfig.DashboardAPIKeys))) == 1
and "isTotpEnabled" not in request.path if not apiKeyExist:
): response = Flask.make_response(app, {
response = Flask.make_response(app, { "status": False,
"status": False, "message": "API Key does not exist",
"message": None, "data": None
"data": None })
}) response.content_type = "application/json"
response.content_type = "application/json" response.status_code = 401
response.status_code = 401 return response
return response else:
if ('/static/' not in request.path and "username" not in session and "/" != request.path
and "validateAuthentication" not in request.path and "authenticate" not in request.path
and "getDashboardConfiguration" not in request.path and "getDashboardTheme" not in request.path
and "isTotpEnabled" not in request.path
):
response = Flask.make_response(app, {
"status": False,
"message": "Unauthorized access.",
"data": None
})
response.content_type = "application/json"
response.status_code = 401
return response
@app.route('/api/validateAuthentication', methods=["GET"]) @app.route('/api/validateAuthentication', methods=["GET"])

2
src/requirements.txt
View File

@ -6,4 +6,4 @@ flask
icmplib icmplib
sqlalchemy sqlalchemy
flask[async] flask[async]
aiosqlite flask-cors

6
src/static/app/dist/assets/index.css vendored
View File

File diff suppressed because one or more lines are too long

56
src/static/app/dist/assets/index.js vendored
View File

File diff suppressed because one or more lines are too long