mirror of
https://github.com/eduardogsilva/wireguard_webadmin.git
synced 2025-03-18 18:14:02 +00:00
feat: add public VPN invite view and template
This commit is contained in:
Eduardo Silva
parent
d8b51bf812
commit
d42fae8cf3
168
templates/vpn_invite/public_vpn_invite.html
Normal file
168
templates/vpn_invite/public_vpn_invite.html
Normal file
@ -0,0 +1,168 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<title>{% if authenticated %}VPN Invite{% else %}Authentication Required{% endif %}</title>
|
||||
<style>
|
||||
body {
|
||||
font-family: Arial, sans-serif;
|
||||
background-color: #f2f2f2;
|
||||
margin: 0;
|
||||
padding: 20px;
|
||||
}
|
||||
.container {
|
||||
max-width: 600px;
|
||||
margin: auto;
|
||||
background: #fff;
|
||||
padding: 20px;
|
||||
border-radius: 5px;
|
||||
box-shadow: 0 0 10px rgba(0,0,0,0.1);
|
||||
}
|
||||
h1 {
|
||||
text-align: center;
|
||||
color: #333;
|
||||
}
|
||||
.error {
|
||||
color: red;
|
||||
margin-bottom: 10px;
|
||||
text-align: center;
|
||||
}
|
||||
form {
|
||||
margin-top: 20px;
|
||||
}
|
||||
label {
|
||||
display: block;
|
||||
margin-bottom: 8px;
|
||||
font-weight: bold;
|
||||
color: #555;
|
||||
text-align: center;
|
||||
}
|
||||
input[type="password"] {
|
||||
width: 80%;
|
||||
padding: 8px;
|
||||
margin-bottom: 15px;
|
||||
border: 1px solid #ccc;
|
||||
border-radius: 4px;
|
||||
font-size: 16px;
|
||||
display: block;
|
||||
margin-left: auto;
|
||||
margin-right: auto;
|
||||
}
|
||||
.btn {
|
||||
display: inline-block;
|
||||
padding: 10px 20px;
|
||||
margin: 5px 0;
|
||||
border: none;
|
||||
border-radius: 4px;
|
||||
cursor: pointer;
|
||||
text-decoration: none;
|
||||
font-size: 14px;
|
||||
}
|
||||
.btn-primary {
|
||||
background-color: #007BFF;
|
||||
color: white;
|
||||
}
|
||||
.btn-secondary {
|
||||
background-color: #6c757d;
|
||||
color: white;
|
||||
}
|
||||
.instructions {
|
||||
margin-top: 20px;
|
||||
line-height: 1.6;
|
||||
color: #333;
|
||||
text-align: center;
|
||||
}
|
||||
{% if authenticated %}
|
||||
.download-buttons, .button-group, .qr-code {
|
||||
text-align: center;
|
||||
margin-top: 20px;
|
||||
}
|
||||
.download-buttons a {
|
||||
display: inline-block;
|
||||
margin: 5px;
|
||||
padding: 10px 15px;
|
||||
text-decoration: none;
|
||||
border-radius: 4px;
|
||||
color: white;
|
||||
background-color: #28a745;
|
||||
}
|
||||
.qr-code {
|
||||
display: none;
|
||||
margin-top: 20px;
|
||||
}
|
||||
.qr-code img {
|
||||
max-width: 100%;
|
||||
height: auto;
|
||||
}
|
||||
{% endif %}
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
{% if not authenticated %}
|
||||
<h1>Authentication Required</h1>
|
||||
{% if error %}
|
||||
<div class="error">{{ error }}</div>
|
||||
{% endif %}
|
||||
<form method="post">
|
||||
{% csrf_token %}
|
||||
<label for="password">Enter Password:</label>
|
||||
<input type="password" name="password" id="password" required>
|
||||
<button type="submit" class="btn btn-primary">Submit</button>
|
||||
</form>
|
||||
{% else %}
|
||||
<h1>VPN Configuration</h1>
|
||||
<div class="instructions">
|
||||
{{ invite_settings.download_instructions|safe }}
|
||||
</div>
|
||||
<div class="download-buttons">
|
||||
{% if invite_settings.download_1_enabled and invite_settings.download_1_url %}
|
||||
<a href="{{ invite_settings.download_1_url }}" target="_blank">{{ invite_settings.download_1_label }}</a>
|
||||
{% endif %}
|
||||
{% if invite_settings.download_2_enabled and invite_settings.download_2_url %}
|
||||
<a href="{{ invite_settings.download_2_url }}" target="_blank">{{ invite_settings.download_2_label }}</a>
|
||||
{% endif %}
|
||||
{% if invite_settings.download_3_enabled and invite_settings.download_3_url %}
|
||||
<a href="{{ invite_settings.download_3_url }}" target="_blank">{{ invite_settings.download_3_label }}</a>
|
||||
{% endif %}
|
||||
{% if invite_settings.download_4_enabled and invite_settings.download_4_url %}
|
||||
<a href="{{ invite_settings.download_4_url }}" target="_blank">{{ invite_settings.download_4_label }}</a>
|
||||
{% endif %}
|
||||
{% if invite_settings.download_5_enabled and invite_settings.download_5_url %}
|
||||
<a href="{{ invite_settings.download_5_url }}" target="_blank">{{ invite_settings.download_5_label }}</a>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="button-group">
|
||||
<a href="/invite/download_config/?token={{ peer_invite.uuid }}&password={{ password }}" target="_blank" class="btn btn-primary">Download Config</a>
|
||||
<a href="#" id="viewQrButton" class="btn btn-secondary">View QR Code</a>
|
||||
</div>
|
||||
<div class="qr-code" id="qrCodeContainer">
|
||||
<!-- QR Code will be loaded here when the button is clicked -->
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% if authenticated %}
|
||||
<script>
|
||||
document.addEventListener("DOMContentLoaded", function() {
|
||||
var viewQrButton = document.getElementById("viewQrButton");
|
||||
var qrCodeContainer = document.getElementById("qrCodeContainer");
|
||||
viewQrButton.addEventListener("click", function(event) {
|
||||
event.preventDefault();
|
||||
if (qrCodeContainer.style.display === "none" || qrCodeContainer.style.display === "") {
|
||||
if (qrCodeContainer.getElementsByTagName("img").length === 0) {
|
||||
var img = document.createElement("img");
|
||||
img.src = "/invite/download_config/?token={{ peer_invite.uuid }}&password={{ password }}&format=qrcode";
|
||||
img.alt = "QR Code";
|
||||
qrCodeContainer.appendChild(img);
|
||||
}
|
||||
qrCodeContainer.style.display = "block";
|
||||
} else {
|
||||
qrCodeContainer.style.display = "none";
|
||||
}
|
||||
});
|
||||
});
|
||||
</script>
|
||||
|
||||
{% endif %}
|
||||
</body>
|
||||
</html>
|
||||
@ -1,7 +1,24 @@
|
||||
from django.db import models
|
||||
from wireguard.models import Peer
|
||||
import uuid
|
||||
|
||||
from django.db import models
|
||||
|
||||
from wireguard.models import Peer
|
||||
|
||||
DEFAULT_INVITE_MESSAGE = '''
|
||||
Hello,
|
||||
|
||||
You're invited to join our secure WireGuard VPN network. Please click the link below to access your personalized VPN configuration:
|
||||
|
||||
{invite_url}
|
||||
|
||||
Note: This invitation link will expire in {expire_minutes} minutes. If you need a new link after expiration, please request another invite.
|
||||
'''
|
||||
|
||||
DEFAULT_HTML_MESSAGE = '''
|
||||
<h2>Welcome to Your VPN Setup</h2>
|
||||
<p>Begin by downloading the WireGuard app for your device using one of the links below.</p>
|
||||
<p>Once installed, you can either <strong>scan the QR code</strong> or <strong>download the configuration file</strong> to quickly import your settings and start using your secure VPN connection.</p>
|
||||
'''
|
||||
|
||||
class InviteSettings(models.Model):
|
||||
name = models.CharField(max_length=16, default='default_settings', unique=True)
|
||||
@ -42,13 +59,13 @@ class InviteSettings(models.Model):
|
||||
|
||||
invite_url = models.URLField(default='')
|
||||
|
||||
invite_text_body = models.TextField(default='Here is your WireGuard VPN invite link: {invite_url}\n\nThis link expires in {expire_minutes} minutes.')
|
||||
invite_text_body = models.TextField(default=DEFAULT_INVITE_MESSAGE)
|
||||
|
||||
invite_email_subject = models.CharField(max_length=64, default='WireGuard VPN Invite', blank=True, null=True)
|
||||
invite_email_body = models.TextField(default='Here is your WireGuard VPN invite link: {invite_url}\n\nThis link expires in {expire_minutes} minutes.')
|
||||
invite_email_body = models.TextField(default=DEFAULT_INVITE_MESSAGE)
|
||||
invite_email_enabled = models.BooleanField(default=True)
|
||||
|
||||
invite_whatsapp_body = models.TextField(default='Here is your WireGuard VPN invite link: {invite_url}\n\nThis link expires in {expire_minutes} minutes.')
|
||||
invite_whatsapp_body = models.TextField(default=DEFAULT_INVITE_MESSAGE)
|
||||
invite_whatsapp_enabled = models.BooleanField(default=True)
|
||||
|
||||
uuid = models.UUIDField(default=uuid.uuid4, editable=False)
|
||||
|
||||
@ -1,3 +1,33 @@
|
||||
from django.http import Http404
|
||||
from django.shortcuts import render
|
||||
from django.utils import timezone
|
||||
|
||||
# Create your views here.
|
||||
from vpn_invite.models import PeerInvite, InviteSettings
|
||||
|
||||
|
||||
def view_public_vpn_invite(request):
|
||||
PeerInvite.objects.filter(invite_expiration__lt=timezone.now()).delete()
|
||||
try:
|
||||
peer_invite = PeerInvite.objects.get(uuid=request.GET.get('token'))
|
||||
invite_settings = InviteSettings.objects.get(name='default_settings')
|
||||
except:
|
||||
raise Http404
|
||||
|
||||
# Initialize context with default values
|
||||
context = {
|
||||
'peer_invite': peer_invite,
|
||||
'invite_settings': invite_settings,
|
||||
'authenticated': False,
|
||||
'error': ''
|
||||
}
|
||||
|
||||
if request.method == 'POST':
|
||||
password = request.POST.get('password', '')
|
||||
# Check if the provided password matches the invite password
|
||||
if password and password == peer_invite.invite_password:
|
||||
context['authenticated'] = True
|
||||
context['password'] = password
|
||||
else:
|
||||
context['error'] = "Invalid password. Please try again."
|
||||
|
||||
return render(request, 'vpn_invite/public_vpn_invite.html', context=context)
|
||||
|
||||
@ -1,21 +1,23 @@
|
||||
import os
|
||||
import re
|
||||
import qrcode
|
||||
import subprocess
|
||||
from io import BytesIO
|
||||
|
||||
import qrcode
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.http import HttpResponse
|
||||
from django.shortcuts import redirect, get_object_or_404, render, Http404
|
||||
from django.utils import timezone
|
||||
|
||||
from dns.views import export_dns_configuration
|
||||
from firewall.models import RedirectRule
|
||||
from firewall.tools import generate_firewall_header, generate_firewall_footer, generate_port_forward_firewall, \
|
||||
export_user_firewall, generate_redirect_dns_rules
|
||||
from user_manager.models import UserAcl
|
||||
from wireguard.models import WireGuardInstance, Peer, PeerAllowedIP
|
||||
from firewall.models import RedirectRule
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib import messages
|
||||
from io import BytesIO
|
||||
from vpn_invite.models import PeerInvite
|
||||
from wgwadmlibrary.tools import user_has_access_to_peer
|
||||
|
||||
from wireguard.models import WireGuardInstance, Peer, PeerAllowedIP
|
||||
|
||||
|
||||
def clean_command_field(command_field):
|
||||
@ -159,15 +161,27 @@ def export_wireguard_configs(request):
|
||||
return redirect('/status/')
|
||||
|
||||
|
||||
@login_required
|
||||
def download_config_or_qrcode(request):
|
||||
if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=20).exists():
|
||||
return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
|
||||
peer = get_object_or_404(Peer, uuid=request.GET.get('uuid'))
|
||||
user_acl = get_object_or_404(UserAcl, user=request.user)
|
||||
|
||||
if not user_has_access_to_peer(user_acl, peer):
|
||||
raise Http404
|
||||
# This view is used for private and public use. If the user is not authenticated properly, it will return a 404 instead of 403 to avoid leaking any further information.
|
||||
if request.GET.get('token') and request.GET.get('password'):
|
||||
PeerInvite.objects.filter(invite_expiration__lt=timezone.now()).delete()
|
||||
try:
|
||||
peer_invite = get_object_or_404(PeerInvite, uuid=request.GET.get('token'), invite_password=request.GET.get('password'))
|
||||
peer = peer_invite.peer
|
||||
except:
|
||||
raise Http404
|
||||
else:
|
||||
if not request.user.is_authenticated:
|
||||
raise Http404
|
||||
|
||||
if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=20).exists():
|
||||
return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
|
||||
peer = get_object_or_404(Peer, uuid=request.GET.get('uuid'))
|
||||
user_acl = get_object_or_404(UserAcl, user=request.user)
|
||||
|
||||
if not user_has_access_to_peer(user_acl, peer):
|
||||
raise Http404
|
||||
|
||||
format_type = request.GET.get('format', 'conf')
|
||||
|
||||
config_content = generate_peer_config(peer.uuid)
|
||||
|
||||
@ -17,17 +17,21 @@ Including another URLconf
|
||||
from django.contrib import admin
|
||||
from django.urls import path
|
||||
|
||||
from wireguard.views import view_wireguard_status, view_wireguard_manage_instance, view_apply_db_patches
|
||||
from wireguard_peer.views import view_wireguard_peer_list, view_wireguard_peer_manage, view_manage_ip_address, view_wireguard_peer_sort
|
||||
from console.views import view_console
|
||||
from user_manager.views import view_user_list, view_manage_user, view_peer_group_list, view_peer_group_manage
|
||||
from accounts.views import view_create_first_user, view_login, view_logout
|
||||
from wireguard_tools.views import export_wireguard_configs, download_config_or_qrcode, restart_wireguard_interfaces
|
||||
from api.views import wireguard_status, cron_check_updates, cron_update_peer_latest_handshake, routerfleet_get_user_token, routerfleet_authenticate_session, peer_info, api_peer_invite
|
||||
from firewall.views import view_redirect_rule_list, manage_redirect_rule, view_firewall_rule_list, manage_firewall_rule, view_manage_firewall_settings, view_generate_iptables_script, view_reset_firewall, view_firewall_migration_required
|
||||
from api.views import wireguard_status, cron_check_updates, cron_update_peer_latest_handshake, \
|
||||
routerfleet_get_user_token, routerfleet_authenticate_session, peer_info, api_peer_invite
|
||||
from console.views import view_console
|
||||
from dns.views import view_static_host_list, view_manage_static_host, view_manage_dns_settings, view_apply_dns_config
|
||||
from wgrrd.views import view_rrd_graph
|
||||
from firewall.views import view_redirect_rule_list, manage_redirect_rule, view_firewall_rule_list, manage_firewall_rule, \
|
||||
view_manage_firewall_settings, view_generate_iptables_script, view_reset_firewall, view_firewall_migration_required
|
||||
from user_manager.views import view_user_list, view_manage_user, view_peer_group_list, view_peer_group_manage
|
||||
from vpn_invite.views import view_vpn_invite_list, view_vpn_invite_settings, view_email_settings
|
||||
from vpn_invite_public.views import view_public_vpn_invite
|
||||
from wgrrd.views import view_rrd_graph
|
||||
from wireguard.views import view_wireguard_status, view_wireguard_manage_instance, view_apply_db_patches
|
||||
from wireguard_peer.views import view_wireguard_peer_list, view_wireguard_peer_manage, view_manage_ip_address, \
|
||||
view_wireguard_peer_sort
|
||||
from wireguard_tools.views import export_wireguard_configs, download_config_or_qrcode, restart_wireguard_interfaces
|
||||
|
||||
urlpatterns = [
|
||||
path('admin/', admin.site.urls),
|
||||
@ -72,4 +76,6 @@ urlpatterns = [
|
||||
path('vpn_invite/', view_vpn_invite_list, name='vpn_invite_list'),
|
||||
path('vpn_invite/settings/', view_vpn_invite_settings, name='vpn_invite_settings'),
|
||||
path('vpn_invite/smtp_settings/', view_email_settings, name='email_settings'),
|
||||
path('invite/', view_public_vpn_invite, name='public_vpn_invite'),
|
||||
path('invite/download_config/', download_config_or_qrcode, name='download_config_or_qrcode'),
|
||||
]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user