mirror of
https://github.com/eduardogsilva/wireguard_webadmin.git
synced 2025-04-19 00:45:16 +00:00
feat: add public VPN invite view and template
This commit is contained in:
Eduardo Silva
parent
d8b51bf812
commit
d42fae8cf3
168
templates/vpn_invite/public_vpn_invite.html
Normal file
168
templates/vpn_invite/public_vpn_invite.html
Normal file
@ -0,0 +1,168 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<title>{% if authenticated %}VPN Invite{% else %}Authentication Required{% endif %}</title>
|
||||||
|
<style>
|
||||||
|
body {
|
||||||
|
font-family: Arial, sans-serif;
|
||||||
|
background-color: #f2f2f2;
|
||||||
|
margin: 0;
|
||||||
|
padding: 20px;
|
||||||
|
}
|
||||||
|
.container {
|
||||||
|
max-width: 600px;
|
||||||
|
margin: auto;
|
||||||
|
background: #fff;
|
||||||
|
padding: 20px;
|
||||||
|
border-radius: 5px;
|
||||||
|
box-shadow: 0 0 10px rgba(0,0,0,0.1);
|
||||||
|
}
|
||||||
|
h1 {
|
||||||
|
text-align: center;
|
||||||
|
color: #333;
|
||||||
|
}
|
||||||
|
.error {
|
||||||
|
color: red;
|
||||||
|
margin-bottom: 10px;
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
form {
|
||||||
|
margin-top: 20px;
|
||||||
|
}
|
||||||
|
label {
|
||||||
|
display: block;
|
||||||
|
margin-bottom: 8px;
|
||||||
|
font-weight: bold;
|
||||||
|
color: #555;
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
input[type="password"] {
|
||||||
|
width: 80%;
|
||||||
|
padding: 8px;
|
||||||
|
margin-bottom: 15px;
|
||||||
|
border: 1px solid #ccc;
|
||||||
|
border-radius: 4px;
|
||||||
|
font-size: 16px;
|
||||||
|
display: block;
|
||||||
|
margin-left: auto;
|
||||||
|
margin-right: auto;
|
||||||
|
}
|
||||||
|
.btn {
|
||||||
|
display: inline-block;
|
||||||
|
padding: 10px 20px;
|
||||||
|
margin: 5px 0;
|
||||||
|
border: none;
|
||||||
|
border-radius: 4px;
|
||||||
|
cursor: pointer;
|
||||||
|
text-decoration: none;
|
||||||
|
font-size: 14px;
|
||||||
|
}
|
||||||
|
.btn-primary {
|
||||||
|
background-color: #007BFF;
|
||||||
|
color: white;
|
||||||
|
}
|
||||||
|
.btn-secondary {
|
||||||
|
background-color: #6c757d;
|
||||||
|
color: white;
|
||||||
|
}
|
||||||
|
.instructions {
|
||||||
|
margin-top: 20px;
|
||||||
|
line-height: 1.6;
|
||||||
|
color: #333;
|
||||||
|
text-align: center;
|
||||||
|
}
|
||||||
|
{% if authenticated %}
|
||||||
|
.download-buttons, .button-group, .qr-code {
|
||||||
|
text-align: center;
|
||||||
|
margin-top: 20px;
|
||||||
|
}
|
||||||
|
.download-buttons a {
|
||||||
|
display: inline-block;
|
||||||
|
margin: 5px;
|
||||||
|
padding: 10px 15px;
|
||||||
|
text-decoration: none;
|
||||||
|
border-radius: 4px;
|
||||||
|
color: white;
|
||||||
|
background-color: #28a745;
|
||||||
|
}
|
||||||
|
.qr-code {
|
||||||
|
display: none;
|
||||||
|
margin-top: 20px;
|
||||||
|
}
|
||||||
|
.qr-code img {
|
||||||
|
max-width: 100%;
|
||||||
|
height: auto;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div class="container">
|
||||||
|
{% if not authenticated %}
|
||||||
|
<h1>Authentication Required</h1>
|
||||||
|
{% if error %}
|
||||||
|
<div class="error">{{ error }}</div>
|
||||||
|
{% endif %}
|
||||||
|
<form method="post">
|
||||||
|
{% csrf_token %}
|
||||||
|
<label for="password">Enter Password:</label>
|
||||||
|
<input type="password" name="password" id="password" required>
|
||||||
|
<button type="submit" class="btn btn-primary">Submit</button>
|
||||||
|
</form>
|
||||||
|
{% else %}
|
||||||
|
<h1>VPN Configuration</h1>
|
||||||
|
<div class="instructions">
|
||||||
|
{{ invite_settings.download_instructions|safe }}
|
||||||
|
</div>
|
||||||
|
<div class="download-buttons">
|
||||||
|
{% if invite_settings.download_1_enabled and invite_settings.download_1_url %}
|
||||||
|
<a href="{{ invite_settings.download_1_url }}" target="_blank">{{ invite_settings.download_1_label }}</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if invite_settings.download_2_enabled and invite_settings.download_2_url %}
|
||||||
|
<a href="{{ invite_settings.download_2_url }}" target="_blank">{{ invite_settings.download_2_label }}</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if invite_settings.download_3_enabled and invite_settings.download_3_url %}
|
||||||
|
<a href="{{ invite_settings.download_3_url }}" target="_blank">{{ invite_settings.download_3_label }}</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if invite_settings.download_4_enabled and invite_settings.download_4_url %}
|
||||||
|
<a href="{{ invite_settings.download_4_url }}" target="_blank">{{ invite_settings.download_4_label }}</a>
|
||||||
|
{% endif %}
|
||||||
|
{% if invite_settings.download_5_enabled and invite_settings.download_5_url %}
|
||||||
|
<a href="{{ invite_settings.download_5_url }}" target="_blank">{{ invite_settings.download_5_label }}</a>
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
|
<div class="button-group">
|
||||||
|
<a href="/invite/download_config/?token={{ peer_invite.uuid }}&password={{ password }}" target="_blank" class="btn btn-primary">Download Config</a>
|
||||||
|
<a href="#" id="viewQrButton" class="btn btn-secondary">View QR Code</a>
|
||||||
|
</div>
|
||||||
|
<div class="qr-code" id="qrCodeContainer">
|
||||||
|
<!-- QR Code will be loaded here when the button is clicked -->
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
|
</div>
|
||||||
|
{% if authenticated %}
|
||||||
|
<script>
|
||||||
|
document.addEventListener("DOMContentLoaded", function() {
|
||||||
|
var viewQrButton = document.getElementById("viewQrButton");
|
||||||
|
var qrCodeContainer = document.getElementById("qrCodeContainer");
|
||||||
|
viewQrButton.addEventListener("click", function(event) {
|
||||||
|
event.preventDefault();
|
||||||
|
if (qrCodeContainer.style.display === "none" || qrCodeContainer.style.display === "") {
|
||||||
|
if (qrCodeContainer.getElementsByTagName("img").length === 0) {
|
||||||
|
var img = document.createElement("img");
|
||||||
|
img.src = "/invite/download_config/?token={{ peer_invite.uuid }}&password={{ password }}&format=qrcode";
|
||||||
|
img.alt = "QR Code";
|
||||||
|
qrCodeContainer.appendChild(img);
|
||||||
|
}
|
||||||
|
qrCodeContainer.style.display = "block";
|
||||||
|
} else {
|
||||||
|
qrCodeContainer.style.display = "none";
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
|
</script>
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
@ -1,7 +1,24 @@
|
|||||||
from django.db import models
|
|
||||||
from wireguard.models import Peer
|
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
|
from django.db import models
|
||||||
|
|
||||||
|
from wireguard.models import Peer
|
||||||
|
|
||||||
|
DEFAULT_INVITE_MESSAGE = '''
|
||||||
|
Hello,
|
||||||
|
|
||||||
|
You're invited to join our secure WireGuard VPN network. Please click the link below to access your personalized VPN configuration:
|
||||||
|
|
||||||
|
{invite_url}
|
||||||
|
|
||||||
|
Note: This invitation link will expire in {expire_minutes} minutes. If you need a new link after expiration, please request another invite.
|
||||||
|
'''
|
||||||
|
|
||||||
|
DEFAULT_HTML_MESSAGE = '''
|
||||||
|
<h2>Welcome to Your VPN Setup</h2>
|
||||||
|
<p>Begin by downloading the WireGuard app for your device using one of the links below.</p>
|
||||||
|
<p>Once installed, you can either <strong>scan the QR code</strong> or <strong>download the configuration file</strong> to quickly import your settings and start using your secure VPN connection.</p>
|
||||||
|
'''
|
||||||
|
|
||||||
class InviteSettings(models.Model):
|
class InviteSettings(models.Model):
|
||||||
name = models.CharField(max_length=16, default='default_settings', unique=True)
|
name = models.CharField(max_length=16, default='default_settings', unique=True)
|
||||||
@ -42,13 +59,13 @@ class InviteSettings(models.Model):
|
|||||||
|
|
||||||
invite_url = models.URLField(default='')
|
invite_url = models.URLField(default='')
|
||||||
|
|
||||||
invite_text_body = models.TextField(default='Here is your WireGuard VPN invite link: {invite_url}\n\nThis link expires in {expire_minutes} minutes.')
|
invite_text_body = models.TextField(default=DEFAULT_INVITE_MESSAGE)
|
||||||
|
|
||||||
invite_email_subject = models.CharField(max_length=64, default='WireGuard VPN Invite', blank=True, null=True)
|
invite_email_subject = models.CharField(max_length=64, default='WireGuard VPN Invite', blank=True, null=True)
|
||||||
invite_email_body = models.TextField(default='Here is your WireGuard VPN invite link: {invite_url}\n\nThis link expires in {expire_minutes} minutes.')
|
invite_email_body = models.TextField(default=DEFAULT_INVITE_MESSAGE)
|
||||||
invite_email_enabled = models.BooleanField(default=True)
|
invite_email_enabled = models.BooleanField(default=True)
|
||||||
|
|
||||||
invite_whatsapp_body = models.TextField(default='Here is your WireGuard VPN invite link: {invite_url}\n\nThis link expires in {expire_minutes} minutes.')
|
invite_whatsapp_body = models.TextField(default=DEFAULT_INVITE_MESSAGE)
|
||||||
invite_whatsapp_enabled = models.BooleanField(default=True)
|
invite_whatsapp_enabled = models.BooleanField(default=True)
|
||||||
|
|
||||||
uuid = models.UUIDField(default=uuid.uuid4, editable=False)
|
uuid = models.UUIDField(default=uuid.uuid4, editable=False)
|
||||||
|
|||||||
@ -1,3 +1,33 @@
|
|||||||
|
from django.http import Http404
|
||||||
from django.shortcuts import render
|
from django.shortcuts import render
|
||||||
|
from django.utils import timezone
|
||||||
|
|
||||||
# Create your views here.
|
from vpn_invite.models import PeerInvite, InviteSettings
|
||||||
|
|
||||||
|
|
||||||
|
def view_public_vpn_invite(request):
|
||||||
|
PeerInvite.objects.filter(invite_expiration__lt=timezone.now()).delete()
|
||||||
|
try:
|
||||||
|
peer_invite = PeerInvite.objects.get(uuid=request.GET.get('token'))
|
||||||
|
invite_settings = InviteSettings.objects.get(name='default_settings')
|
||||||
|
except:
|
||||||
|
raise Http404
|
||||||
|
|
||||||
|
# Initialize context with default values
|
||||||
|
context = {
|
||||||
|
'peer_invite': peer_invite,
|
||||||
|
'invite_settings': invite_settings,
|
||||||
|
'authenticated': False,
|
||||||
|
'error': ''
|
||||||
|
}
|
||||||
|
|
||||||
|
if request.method == 'POST':
|
||||||
|
password = request.POST.get('password', '')
|
||||||
|
# Check if the provided password matches the invite password
|
||||||
|
if password and password == peer_invite.invite_password:
|
||||||
|
context['authenticated'] = True
|
||||||
|
context['password'] = password
|
||||||
|
else:
|
||||||
|
context['error'] = "Invalid password. Please try again."
|
||||||
|
|
||||||
|
return render(request, 'vpn_invite/public_vpn_invite.html', context=context)
|
||||||
|
|||||||
@ -1,21 +1,23 @@
|
|||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import qrcode
|
|
||||||
import subprocess
|
import subprocess
|
||||||
|
from io import BytesIO
|
||||||
|
|
||||||
|
import qrcode
|
||||||
|
from django.contrib import messages
|
||||||
|
from django.contrib.auth.decorators import login_required
|
||||||
from django.http import HttpResponse
|
from django.http import HttpResponse
|
||||||
from django.shortcuts import redirect, get_object_or_404, render, Http404
|
from django.shortcuts import redirect, get_object_or_404, render, Http404
|
||||||
|
from django.utils import timezone
|
||||||
|
|
||||||
from dns.views import export_dns_configuration
|
from dns.views import export_dns_configuration
|
||||||
|
from firewall.models import RedirectRule
|
||||||
from firewall.tools import generate_firewall_header, generate_firewall_footer, generate_port_forward_firewall, \
|
from firewall.tools import generate_firewall_header, generate_firewall_footer, generate_port_forward_firewall, \
|
||||||
export_user_firewall, generate_redirect_dns_rules
|
export_user_firewall, generate_redirect_dns_rules
|
||||||
from user_manager.models import UserAcl
|
from user_manager.models import UserAcl
|
||||||
from wireguard.models import WireGuardInstance, Peer, PeerAllowedIP
|
from vpn_invite.models import PeerInvite
|
||||||
from firewall.models import RedirectRule
|
|
||||||
from django.contrib.auth.decorators import login_required
|
|
||||||
from django.contrib import messages
|
|
||||||
from io import BytesIO
|
|
||||||
from wgwadmlibrary.tools import user_has_access_to_peer
|
from wgwadmlibrary.tools import user_has_access_to_peer
|
||||||
|
from wireguard.models import WireGuardInstance, Peer, PeerAllowedIP
|
||||||
|
|
||||||
|
|
||||||
def clean_command_field(command_field):
|
def clean_command_field(command_field):
|
||||||
@ -159,8 +161,19 @@ def export_wireguard_configs(request):
|
|||||||
return redirect('/status/')
|
return redirect('/status/')
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
|
||||||
def download_config_or_qrcode(request):
|
def download_config_or_qrcode(request):
|
||||||
|
# This view is used for private and public use. If the user is not authenticated properly, it will return a 404 instead of 403 to avoid leaking any further information.
|
||||||
|
if request.GET.get('token') and request.GET.get('password'):
|
||||||
|
PeerInvite.objects.filter(invite_expiration__lt=timezone.now()).delete()
|
||||||
|
try:
|
||||||
|
peer_invite = get_object_or_404(PeerInvite, uuid=request.GET.get('token'), invite_password=request.GET.get('password'))
|
||||||
|
peer = peer_invite.peer
|
||||||
|
except:
|
||||||
|
raise Http404
|
||||||
|
else:
|
||||||
|
if not request.user.is_authenticated:
|
||||||
|
raise Http404
|
||||||
|
|
||||||
if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=20).exists():
|
if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=20).exists():
|
||||||
return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
|
return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
|
||||||
peer = get_object_or_404(Peer, uuid=request.GET.get('uuid'))
|
peer = get_object_or_404(Peer, uuid=request.GET.get('uuid'))
|
||||||
@ -168,6 +181,7 @@ def download_config_or_qrcode(request):
|
|||||||
|
|
||||||
if not user_has_access_to_peer(user_acl, peer):
|
if not user_has_access_to_peer(user_acl, peer):
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
format_type = request.GET.get('format', 'conf')
|
format_type = request.GET.get('format', 'conf')
|
||||||
|
|
||||||
config_content = generate_peer_config(peer.uuid)
|
config_content = generate_peer_config(peer.uuid)
|
||||||
|
|||||||
@ -17,17 +17,21 @@ Including another URLconf
|
|||||||
from django.contrib import admin
|
from django.contrib import admin
|
||||||
from django.urls import path
|
from django.urls import path
|
||||||
|
|
||||||
from wireguard.views import view_wireguard_status, view_wireguard_manage_instance, view_apply_db_patches
|
|
||||||
from wireguard_peer.views import view_wireguard_peer_list, view_wireguard_peer_manage, view_manage_ip_address, view_wireguard_peer_sort
|
|
||||||
from console.views import view_console
|
|
||||||
from user_manager.views import view_user_list, view_manage_user, view_peer_group_list, view_peer_group_manage
|
|
||||||
from accounts.views import view_create_first_user, view_login, view_logout
|
from accounts.views import view_create_first_user, view_login, view_logout
|
||||||
from wireguard_tools.views import export_wireguard_configs, download_config_or_qrcode, restart_wireguard_interfaces
|
from api.views import wireguard_status, cron_check_updates, cron_update_peer_latest_handshake, \
|
||||||
from api.views import wireguard_status, cron_check_updates, cron_update_peer_latest_handshake, routerfleet_get_user_token, routerfleet_authenticate_session, peer_info, api_peer_invite
|
routerfleet_get_user_token, routerfleet_authenticate_session, peer_info, api_peer_invite
|
||||||
from firewall.views import view_redirect_rule_list, manage_redirect_rule, view_firewall_rule_list, manage_firewall_rule, view_manage_firewall_settings, view_generate_iptables_script, view_reset_firewall, view_firewall_migration_required
|
from console.views import view_console
|
||||||
from dns.views import view_static_host_list, view_manage_static_host, view_manage_dns_settings, view_apply_dns_config
|
from dns.views import view_static_host_list, view_manage_static_host, view_manage_dns_settings, view_apply_dns_config
|
||||||
from wgrrd.views import view_rrd_graph
|
from firewall.views import view_redirect_rule_list, manage_redirect_rule, view_firewall_rule_list, manage_firewall_rule, \
|
||||||
|
view_manage_firewall_settings, view_generate_iptables_script, view_reset_firewall, view_firewall_migration_required
|
||||||
|
from user_manager.views import view_user_list, view_manage_user, view_peer_group_list, view_peer_group_manage
|
||||||
from vpn_invite.views import view_vpn_invite_list, view_vpn_invite_settings, view_email_settings
|
from vpn_invite.views import view_vpn_invite_list, view_vpn_invite_settings, view_email_settings
|
||||||
|
from vpn_invite_public.views import view_public_vpn_invite
|
||||||
|
from wgrrd.views import view_rrd_graph
|
||||||
|
from wireguard.views import view_wireguard_status, view_wireguard_manage_instance, view_apply_db_patches
|
||||||
|
from wireguard_peer.views import view_wireguard_peer_list, view_wireguard_peer_manage, view_manage_ip_address, \
|
||||||
|
view_wireguard_peer_sort
|
||||||
|
from wireguard_tools.views import export_wireguard_configs, download_config_or_qrcode, restart_wireguard_interfaces
|
||||||
|
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
@ -72,4 +76,6 @@ urlpatterns = [
|
|||||||
path('vpn_invite/', view_vpn_invite_list, name='vpn_invite_list'),
|
path('vpn_invite/', view_vpn_invite_list, name='vpn_invite_list'),
|
||||||
path('vpn_invite/settings/', view_vpn_invite_settings, name='vpn_invite_settings'),
|
path('vpn_invite/settings/', view_vpn_invite_settings, name='vpn_invite_settings'),
|
||||||
path('vpn_invite/smtp_settings/', view_email_settings, name='email_settings'),
|
path('vpn_invite/smtp_settings/', view_email_settings, name='email_settings'),
|
||||||
|
path('invite/', view_public_vpn_invite, name='public_vpn_invite'),
|
||||||
|
path('invite/download_config/', download_config_or_qrcode, name='download_config_or_qrcode'),
|
||||||
]
|
]
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user