yyc12345/coconut-leaf
1
0
Fork 0
Code Activity

nightly commit

Browse Source
This commit is contained in:
yyc12345
2021-01-20 22:57:41 +08:00
parent f64bf9a786
commit db96ec11a5
14 changed files with 360 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -11,3 +11,6 @@ src/__pycache__
*.png
*.jpg
*.gif
# elimate vscode
.vscode

91
src/database.py
View File

@@ -105,6 +105,23 @@ class CalendarDatabase(object):
(gotten_salt, gotten_password) = self.cursor.fetchone()
if password == utils.ComputePasswordHashWithSalt(gotten_password, gotten_salt):
token = utils.GenerateToken(username)
self.cursor.execute('UPDATE user SET [ccn_token] = ?, [ccn_tokenExpireOn] = ?, [ccn_salt] = ? WHERE [ccn_name] = ?;', (
token,
utils.GetCurrentTimestamp() + 60 * 60 * 24 * 2, # add 2 day from now
utils.GenerateSalt(), # regenerate a new slat to prevent re-login try
username
))
return token
else:
# return empty string to indicate fail to login
return ''
@SafeDatabaseOperation
def common_webLogin(self, username, password):
self.cursor.execute('SELECT [ccn_name] FROM user WHERE [ccn_name] = ? AND [ccn_password] = ?;', (username, utils.ComputePasswordHash(password)))
if len(self.cursor.fetchall()) != 0:
token = utils.GenerateToken(username)
self.cursor.execute('UPDATE user SET [ccn_token] = ?, [ccn_tokenExpireOn] = ? WHERE [ccn_name] = ?;', (
token,
@@ -118,15 +135,18 @@ class CalendarDatabase(object):
@SafeDatabaseOperation
def common_logout(self, token):
username = self.get_username_from_token(cur, token)
username = self.get_username_from_token(token)
self.cursor.execute('UPDATE user SET [ccn_tokenExpireOn] = 0 WHERE [ccn_name] = ?;', (username, ))
return None
return True
@SafeDatabaseOperation
def common_tokenValid(self, token):
# get user name have check the validation, don't do anything more.
try:
self.get_username_from_token(token)
return result
return True
except:
return False
@SafeDatabaseOperation
def common_isAdmin(self, token):
@@ -142,7 +162,7 @@ class CalendarDatabase(object):
newpassword,
username
))
return None
return True
# =============================== calendar
@@ -151,8 +171,71 @@ class CalendarDatabase(object):
# =============================== todo
@SafeDatabaseOperation
def todo_getFull(self, token):
username = self.get_username_from_token(token)
self.cursor.execute('SELECT * FROM todo WHERE [ccn_belongTo] = ?;', (username, ))
return self.cursor.fetchall()
@SafeDatabaseOperation
def todo_getList(self, token):
username = self.get_username_from_token(token)
self.cursor.execute('SELECT [ccn_uuid] FROM todo WHERE [ccn_belongTo] = ?;', (username, ))
return tuple(map(lambda x: x[0], self.cursor.fetchall()))
@SafeDatabaseOperation
def todo_getDetail(self, token, uuid):
username = self.get_username_from_token(token)
self.cursor.execute('SELECT * FROM todo WHERE [ccn_belongTo] = ? AND [ccn_uuid] = ?;', (username, uuid))
return self.cursor.fetchone()
@SafeDatabaseOperation
def todo_add(self, token):
username = self.get_username_from_token(token)
newuuid = utils.GenerateUUID()
lastupdate = utils.GenerateUUID()
self.cursor.execute('INSERT INTO todo VALUES (?, ?, ?, ?);', (
newuuid,
username,
'',
lastupdate,
))
return newuuid
@SafeDatabaseOperation
def todo_update(self, token, uuid, data, lastChange):
# check valid token
self.get_username_from_token(token)
# check sync conflict
self.cursor.execute('SELECT [ccn_uuid] FROM todo WHERE [ccn_uuid] = ? AND [ccn_lastChange] = ?;', (
uuid,
lastChange
))
if len(self.cursor.fetchall()) == 0:
return False
# update
self.cursor.execute('UPDATE todo SET [ccn_data] = ? WHERE [ccn_uuid] = ?;', (
data,
uuid
))
return True
@SafeDatabaseOperation
def todo_delete(self, token, uuid, lastChange):
# check valid token
self.get_username_from_token(token)
# check sync conflict
self.cursor.execute('SELECT [ccn_uuid] FROM todo WHERE [ccn_uuid] = ? AND [ccn_lastChange] = ?;', (
uuid,
lastChange
))
if len(self.cursor.fetchall()) == 0:
return False
# delete
self.cursor.execute('DELETE FROM todo WHERE [ccn_uuid] = ?;', (uuid, ))
return True
# =============================== admin

55
src/server.py
View File

@@ -68,19 +68,54 @@ def web_loginHandle():
@app.route('/api/common/salt', methods=['POST'])
def api_common_saltHandle():
pass
result = (False, None)
if (CheckParameter(('username', ))):
db = get_database()
result = db.common_salt(request.form['username'])
return ConstructResponseBody(result)
@app.route('/api/common/login', methods=['POST'])
def api_common_loginHandle():
pass
result = (False, None)
if (CheckParameter(('username', 'password'))):
db = get_database()
result = db.common_login(
request.form['username'],
request.form['password']
)
return ConstructResponseBody(result)
@app.route('/api/common/webLogin', methods=['POST'])
def api_common_webLoginHandle():
result = (False, None)
if (CheckParameter(('username', 'password'))):
db = get_database()
result = db.common_webLogin(
request.form['username'],
request.form['password']
)
return ConstructResponseBody(result)
@app.route('/api/common/logout', methods=['POST'])
def api_common_logoutHandle():
pass
result = (False, None)
if (CheckParameter(('token', ))):
db = get_database()
result = db.common_logout(request.form['token'])
return ConstructResponseBody(result)
@app.route('/api/common/tokenValid', methods=['POST'])
def api_common_tokenValidHandle():
pass
result = (False, None)
if (CheckParameter(('token', ))):
db = get_database()
result = db.common_tokenValid(request.form['token'])
return ConstructResponseBody(result)
@app.route('/api/common/isAdmin', methods=['POST'])
def api_common_isAdminHandle():
@@ -217,6 +252,18 @@ def UpdateStaticResources():
}
'''
def CheckParameter(paramList):
gotten = set(request.form.keys())
paramSet = set(paramList)
return gotten.issubset(paramSet) and paramSet.issubset(gotten)
def ConstructResponseBody(returnedTuple):
return {
'success': returnedTuple[0],
'error': '',
'data': returnedTuple[1]
}
def run():
app.run(port=config.CustomConfig['web']['port'])

3
src/static/i18n/strings_en-US.properties
View File

@@ -12,6 +12,9 @@ ccn-header-user-login=Login
ccn-header-user-logout=Logout
ccn-header-language=Language
ccn-js-failToLogin=Fail to login. Please check your username or password.
ccn-js-failToLogout=Fail to logout due to unknow reason. Consider refreshing page to solve problem.
ccn-home-desc=<h1 class="title">coconut-leaf</h1><p>A light, self-host calendar system.</p><p>Originally, this app is served for yyc12345 personal use.</p><br /><p>Pull request / issue / translation are welcomed.</p><p>Submit them in our <a href="https://github.com/yyc12345/coconut-leaf">GitHub project</a>.</p><p>This project source code is licensed <a href="https://www.gnu.org/licenses/agpl-3.0.html">AGPL v3</a>.</p>
ccn-login-form-username=Username

3
src/static/i18n/strings_zh-CN.properties
View File

@@ -12,6 +12,9 @@ ccn-header-user-login=登录
ccn-header-user-logout=登出
ccn-header-language=语言
ccn-js-failToLogin=登陆失败,请检查您的用户名和密码。
ccn-js-failToLogout=由于未知原因,登出失败,请考虑刷新页面解决问题。
ccn-home-desc=<h1 class="title">coconut-leaf</h1><p>一个轻量的自建日历系统</p><p>原本是出于yyc12345的个人使用而制作的。</p><br /><p>欢迎提出Pull request / issue / 翻译</p><p>将他们提交到我们的<a href="https://github.com/yyc12345/coconut-leaf">GitHub项目</a>.</p><p>本工程代码使用<a href="https://www.gnu.org/licenses/agpl-3.0.html">AGPL v3</a>授权。</p>
ccn-login-form-username=用户名

116
src/static/js/api.js
View File

@@ -1,3 +1,117 @@
function cnn_api_tokenValid() {
// var cached_salt = undefined
/*
function cnn_api_common_salt(_username) {
// true or false
// gotten salt store in cached_salt.
var gotten_data = undefined;
$.ajax({
url: '/api/common/salt',
type: "POST",
async: false,
data: {
username: _username
},
success: function (data) {
gotten_data = data;
}
});
if (IsResponseOK(gotten_data)) {
cached_salt = gotten_data['data'];
return true;
} else return false;
}
function cnn_api_common_login(_username, password) {
// return true or false, token is managed by this js file self.
// if cached_salt is undefined, return false directly
if (typeof(cached_salt) == undefined) return false;
var gotten_data = undefined;
$.ajax({
url: '/api/common/login',
type: "POST",
async: false,
data: {
username: _username,
password: ComputPasswordWithSalt(password, cached_salt)
},
success: function (data) {
gotten_data = data;
}
});
if (IsResponseOK(gotten_data) && gotten_data['data'] != '') {
SetApiToken(gotten_data['data']);
cached_salt = undefined;
return true;
} else return false;
}
*/
function cnn_api_common_webLogin(_username, password) {
var gotten_data = undefined;
$.ajax({
url: '/api/common/webLogin',
type: "POST",
async: false,
data: {
username: _username,
password: password
},
success: function (data) {
gotten_data = data;
}
});
if (IsResponseOK(gotten_data) && gotten_data['data'] != '') {
SetApiToken(gotten_data['data']);
return true;
} else return false;
}
function cnn_api_common_logout() {
// return true or false
var gotten_data = undefined;
$.ajax({
url: '/api/common/logout',
type: "POST",
async: false,
data: {
token: GetApiToken()
},
success: function (data) {
gotten_data = data;
}
});
if (IsResponseOK(gotten_data) && gotten_data['data']) {
SetApiToken('');
return true;
} return false;
}
function cnn_api_common_tokenValid() {
// get from local database first, then judge it via post
// return true or false
var gotten_token = GetApiToken();
if (gotten_token == '') return false;
var gotten_data = undefined;
$.ajax({
url: '/api/common/tokenValid',
type: "POST",
async: false,
data: {
token: GetApiToken()
},
success: function (data) {
gotten_data = data;
}
});
if (IsResponseOK(gotten_data) && gotten_data['data']) return true;
else {
SetApiToken('');
return false;
}
}

12
src/static/js/headerNav.js
View File

@@ -11,7 +11,7 @@ function cnn_headerNav_Insert() {
}
function cnn_headerNav_LoggedRefresh() {
if (cnn_api_tokenValid()) {
if (cnn_api_common_tokenValid()) {
// logged, show all nav button and logout button
$("#cnn-header-nav-home").show();
$("#cnn-header-nav-calendar").show();
@@ -41,8 +41,16 @@ function cnn_headerNav_BindEvents() {
});
});
// todo: bind logout
// bind logout
$("#cnn-header-user-logout").click(function() {
if (cnn_api_common_logout()) {
// ok, logout
// jump into home page again
window.location.href = '/web/home';
return;
} else alert($.i18n.prop("ccn-js-failToLogout"));
});
// bind burger menu
// copy from bulma website

39
src/static/js/page/login.js
View File

@@ -5,6 +5,45 @@ $(document).ready(function() {
cnn_headerNav_BindEvents();
cnn_headerNav_LoggedRefresh();
// bind login event
$("#ccn-login-form-login").click(StartLogin);
// apply i18n
ccn_i18n_ApplyLanguage();
});
function StartLogin() {
// disable all ui first
$("#ccn-login-form-login").attr("disabled",true);
$("#ccn-login-form-username").attr("disabled",true);
$("#ccn-login-form-password").attr("disabled",true);
// get form data
username = $("#ccn-login-form-username").val();
password = $("#ccn-login-form-password").val();
/*
// try get salt
if (cnn_api_common_salt(username)) {
// continue login
if (cnn_api_common_login(username, password)) {
// ok, logged
// jump into home page again
window.location.href = '/web/home';
} else alert($.i18n.prop("ccn-js-failToLogin"));
} else alert($.i18n.prop("ccn-js-failToLogin"));
*/
if (cnn_api_common_webLogin(username, password)) {
// ok, logged
// jump into home page again
window.location.href = '/web/home';
return;
} else alert($.i18n.prop("ccn-js-failToLogin"));
// retore ui
$("#ccn-login-form-login").removeAttr("disabled");
$("#ccn-login-form-username").removeAttr("disabled");
$("#ccn-login-form-password").removeAttr("disabled");
}

36
src/static/js/utils.js Normal file
View File

@@ -0,0 +1,36 @@
function ComputPasswordWithSalt(password, salt) {
return ComputeSHA256(ComputeSHA256(password) + salt.toString());
}
function ComputeSHA256(strl) {
var tempstr = new TextEncoder().encode(strl);
var hashedStrl = undefined
var shitpromise = crypto.subtle.digest('SHA-256', tempstr);
Promise.all(shitpromise).then(function(result) {
hashedStrl = result;
});
var hashArray = Array.from(new Uint8Array(hashedStrl));
var hashHex = hashArray.map(b => ('00' + b.toString(16)).slice(-2)).join('');
return hashHex.toLowerCase();
}
function IsResponseOK(data) {
if (typeof(data) == 'undefined') {
console.log("Fail to execute an api!");
return false;
}
if (!data['success']) {
console.log("Fail to execute an api! Reason:");
console.log(data['error']);
return false;
}
return true;
}
function GetApiToken() {
return ccn_localstorageAssist_Get('ccn-token', '');
}
function SetApiToken(value) {
ccn_localstorageAssist_Set('ccn-token', value);
}

1
src/templates/admin.html
View File

@@ -16,6 +16,7 @@
<script type="text/javascript" src="/static/js/localStorageAssist.js"></script>
<script type="text/javascript" src="/static/js/i18n.js"></script>
<script type="text/javascript" src="/static/js/utils.js"></script>
<script type="text/javascript" src="/static/js/api.js"></script>
<script type="text/javascript" src="/static/js/headerNav.js"></script>

1
src/templates/calendar.html
View File

@@ -17,6 +17,7 @@
<script type="text/javascript" src="/static/js/localStorageAssist.js"></script>
<script type="text/javascript" src="/static/js/i18n.js"></script>
<script type="text/javascript" src="/static/js/utils.js"></script>
<script type="text/javascript" src="/static/js/api.js"></script>
<script type="text/javascript" src="/static/js/headerNav.js"></script>

1
src/templates/home.html
View File

@@ -15,6 +15,7 @@
<script type="text/javascript" src="/static/js/localStorageAssist.js"></script>
<script type="text/javascript" src="/static/js/i18n.js"></script>
<script type="text/javascript" src="/static/js/utils.js"></script>
<script type="text/javascript" src="/static/js/api.js"></script>
<script type="text/javascript" src="/static/js/headerNav.js"></script>

7
src/templates/login.html
View File

@@ -15,6 +15,7 @@
<script type="text/javascript" src="/static/js/localStorageAssist.js"></script>
<script type="text/javascript" src="/static/js/i18n.js"></script>
<script type="text/javascript" src="/static/js/utils.js"></script>
<script type="text/javascript" src="/static/js/api.js"></script>
<script type="text/javascript" src="/static/js/headerNav.js"></script>
@@ -28,7 +29,7 @@
<div class="field">
<label class="label ccn-i18n" i18n-name="ccn-login-form-username"></label>
<div class="control has-icons-left has-icons-right">
<input class="input" type="text">
<input id="ccn-login-form-username" class="input" type="text">
<span class="icon is-small is-left">
<i class="fas fa-user"></i>
</span>
@@ -37,7 +38,7 @@
<div class="field">
<label class="label ccn-i18n" i18n-name="ccn-login-form-password"></label>
<p class="control has-icons-left">
<input class="input" type="password">
<input id="ccn-login-form-password" class="input" type="password">
<span class="icon is-small is-left">
<i class="fas fa-lock"></i>
</span>
@@ -45,7 +46,7 @@
</div>
<div class="control">
<button class="button is-primary ccn-i18n" i18n-name="ccn-login-form-login"></button>
<button id="ccn-login-form-login" class="button is-primary ccn-i18n" i18n-name="ccn-login-form-login"></button>
</div>
</div>

1
src/templates/todo.html
View File

@@ -16,6 +16,7 @@
<script type="text/javascript" src="/static/js/localStorageAssist.js"></script>
<script type="text/javascript" src="/static/js/i18n.js"></script>
<script type="text/javascript" src="/static/js/utils.js"></script>
<script type="text/javascript" src="/static/js/api.js"></script>
<script type="text/javascript" src="/static/js/headerNav.js"></script>