astatin3/Polyboard
1
0
Fork 0
mirror of https://github.com/Astatin3/Polyboard.git synced 2026-06-09 00:28:07 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
bd77a9fcc513075dbef7d3b489ae680207f32604
Polyboard/modules/main/main.py
T

200 lines
5.5 KiB
Python
Raw Normal View History

"Finish" Working on backend
2024-01-22 17:04:09 -07:00
mm = None
Finally done!
2024-02-20 10:25:34 -07:00
def init(moduleMaster):
global mm
mm = moduleMaster
# User settings
mm.addAuthEventListener('logout', logout)
mm.addAuthEventListener('unauth', unauth)
mm.addAuthEventListener('passwordChangeRequest', changePassword)
# Admin settings
mm.addAuthEventListener('addUserRequest', addUser)
mm.addAuthEventListener('disconnectAllSessions', disconnectAllSessions)
mm.addAuthEventListener('changeGroupsRequest', changeGroups)
mm.addAuthEventListener('deleteUserRequest', deleteUser)
# mm.addAuthEventListener('login', disconnectAllSessions)
mm.addPageEventListener('/main/User', loadSessions)
mm.addPageEventListener('/main/Admin', loadSessionsAdmin)
def main():
pass
Update - still working
2024-02-09 18:52:05 -07:00
def logout(ac, data):
Finally done!
2024-02-20 10:25:34 -07:00
mm.unauth(ac)
def unauth(ac, data):
removeClient = mm.getAuthClientByID(data['data'])
if removeClient == None:
return
if removeClient.user != ac.user and not mm.userInGroup(ac, "Admins"):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.unauth(removeClient)
mm.sendPopupSuccess(ac.rawClient, "Success", "Client removed!")
if(ac.currentPage == "/main/Admin" and mm.userInGroup(ac, "Admins")):
loadSessionsAdmin(ac)
else:
loadSessions(ac)
Update - still working
2024-02-09 18:52:05 -07:00
def loadSessions(ac):
obj = []
for client in mm.authServer.clients:
if client.user != ac.user:
continue
obj.append({
'username': client.username,
'address': client.rawClient.address,
'currentPage': client.currentPage,
'clientid': client.rawClient.clientid,
'timeout': client.timeout
})
# obj.append(client.session)
ac.send('sessions', obj)
Finally done!
2024-02-20 10:25:34 -07:00
def changePassword(ac, data):
# If the account is not an admin, and the username is the same, and the password is correct => Change password
# If the account is not an admin, and the username is the same, and the password not correct and => Incorrect Password
# If the account is not an admin, and the username is not the same => Access denied
# If the account is an admin, and the username is the same, and the password is correct => Change password
# If the account is an admin, and the username is the same, and the password is not correct => Incorrect Password
# If the account is an admin, and the username is not the same => Change password
isAdmin = mm.userInGroup(ac, 'Admins')
correctName = ac.user.id == data['data']['id']
if isAdmin and not 'old' in data['data']:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
Update - still working
2024-02-09 18:52:05 -07:00
return
Finally done!
2024-02-20 10:25:34 -07:00
if isAdmin or correctName:
if not isAdmin and ac.user.sha256passwordhash != data['data']['old']:
mm.sendPopupError(ac.rawClient, "Error", "Incorrect Password")
return
elif isAdmin and correctName and ac.user.sha256passwordhash != data['data']['old']:
mm.sendPopupError(ac.rawClient, "Error", "Incorrect Password")
return
else:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
mm.setUserPassword(user, data['data']['new'])
mm.sendPopupSuccess(ac.rawClient, "Success", "Password updated!")
if isAdmin:
loadSessionsAdmin(ac)
def loadSessionsAdmin(ac):
if not mm.userInGroup(ac, 'Admins'):
return
obj = {
'users': [],
'sessions': []
}
for client in mm.authServer.clients:
obj['sessions'].append({
'username': client.username,
'address': client.rawClient.address,
'currentPage': client.currentPage,
'clientid': client.rawClient.clientid,
'timeout': client.timeout
Update - still working
2024-02-09 18:52:05 -07:00
})
Finally done!
2024-02-20 10:25:34 -07:00
for user in mm.authServer.users:
obj['users'].append({
'username': user.username,
'permGroups': user.permGroups,
'id': user.id,
'created': user.created,
'passwordUpdated': user.passwordUpdated
})
ac.send('sessions', obj)
"Finish" Working on backend
2024-01-22 17:04:09 -07:00
Things almost done
2024-01-05 08:59:40 -07:00
Finally done!
2024-02-20 10:25:34 -07:00
def addUser(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.addUser(
data['data']['username'],
data['data']['groups'],
data['data']['password'])
loadSessionsAdmin(ac)
def disconnectAllSessions(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
for client in mm.authServer.clients:
if client.user == user:
mm.unauth(client)
loadSessionsAdmin(ac)
def changeGroups(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
if user == ac.user:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.setUserGroups(user, data['data']['groups'])
mm.sendPopupSuccess(ac.rawClient, "Success", "Groups updated!")
loadSessionsAdmin(ac)
def deleteUser(ac, data):
if not mm.userInGroup(ac, 'Admins'):
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
user = mm.getUserById(data['data']['id'])
if user == None:
mm.sendPopupError(ac.rawClient, "Error", "Invalid id")
return
if user == ac.user:
mm.sendPopupError(ac.rawClient, "Error", "You are not authorised")
return
mm.deleteUser(user)
mm.sendPopupSuccess(ac.rawClient, "Success", "User deleted!")
loadSessionsAdmin(ac)
Reference in New Issue Copy Permalink