Mirrors/WGDashboard
1
0
Fork 0
mirror of https://github.com/donaldzou/WGDashboard.git synced 2025-06-28 01:06:58 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Finished tweaking 2FA

Browse Source
This commit is contained in:
Donald Zou 2025-06-03 23:37:43 +08:00
parent e9730f24a0
commit 3525cd1083
3 changed files with 23 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/client.py
View File

@ -81,7 +81,7 @@ def createClientBlueprint(wireguardConfigurations: dict[WireguardConfiguration],
if session.get('username') is None: if session.get('username') is None:
return ResponseObject(False, "Sign in status is invalid", status_code=401) return ResponseObject(False, "Sign in status is invalid", status_code=401)
session['totpVerified'] = True session['totpVerified'] = True
# return ResponseObject(True, data=)
return ResponseObject(status, msg) return ResponseObject(status, msg)
@client.get(prefix) @client.get(prefix)

13
src/modules/DashboardClients.py
View File

@ -57,6 +57,7 @@ class DashboardClients:
).where( ).where(
self.dashboardClientsTable.c.DeletedDate is None) self.dashboardClientsTable.c.DeletedDate is None)
).mappings().fetchall() ).mappings().fetchall()
def SignIn(self, Email, Password) -> tuple[bool, str]: def SignIn(self, Email, Password) -> tuple[bool, str]:
if not all([Email, Password]): if not all([Email, Password]):
@ -85,6 +86,8 @@ class DashboardClients:
totpMatched = pyotp.TOTP(data.get('TotpKey')).verify(UserProvidedTotp) totpMatched = pyotp.TOTP(data.get('TotpKey')).verify(UserProvidedTotp)
if not totpMatched: if not totpMatched:
return False, "TOTP is does not match" return False, "TOTP is does not match"
else:
self.DashboardClientsTOTP.RevokeToken(Token)
if data.get('TotpKeyVerified') is None: if data.get('TotpKeyVerified') is None:
with self.engine.begin() as conn: with self.engine.begin() as conn:
conn.execute( conn.execute(
@ -94,12 +97,9 @@ class DashboardClients:
self.dashboardClientsTable.c.ClientID == data.get('ClientID') self.dashboardClientsTable.c.ClientID == data.get('ClientID')
) )
) )
return True, None return True, None
def SignUp(self, Email, Password, ConfirmPassword) -> tuple[bool, str] or tuple[bool, None]: def SignUp(self, Email, Password, ConfirmPassword) -> tuple[bool, str] or tuple[bool, None]:
try: try:
if not all([Email, Password, ConfirmPassword]): if not all([Email, Password, ConfirmPassword]):
@ -141,4 +141,7 @@ class DashboardClients:
self.logger.log(Status="false", Message=f"Signed up failed, reason: {str(e)}") self.logger.log(Status="false", Message=f"Signed up failed, reason: {str(e)}")
return False, "Signed up failed." return False, "Signed up failed."
return True, None return True, None
def UpdatePassword(self, CurrentPassword, NewPassword, ConfirmNewPassword):
pass

15
src/modules/DashboardClientsTOTP.py
View File

@ -39,9 +39,22 @@ class DashboardClientsTOTP:
"ExpireTime": datetime.datetime.now() + datetime.timedelta(minutes=10) "ExpireTime": datetime.datetime.now() + datetime.timedelta(minutes=10)
}) })
) )
return token return token
def RevokeToken(self, Token) -> bool:
try:
with self.engine.begin() as conn:
conn.execute(
self.dashboardClientsTOTPTable.update().values({
"ExpireTime": datetime.datetime.now()
}).where(
self.dashboardClientsTOTPTable.c.Token == Token
)
)
except Exception as e:
return False
return True
def GetTotp(self, token: str) -> tuple[bool, dict] or tuple[bool, None]: def GetTotp(self, token: str) -> tuple[bool, dict] or tuple[bool, None]:
with self.engine.connect() as conn: with self.engine.connect() as conn:
totp = conn.execute( totp = conn.execute(