From 6b3807337293cbf9165d58d4ed8424004076666b Mon Sep 17 00:00:00 2001 From: Disassembler Date: Sat, 27 Oct 2018 22:20:09 +0200 Subject: [PATCH] Redirect to login when trying to access setup unauthenticated --- basic/srv/vm/mgr/wsgiapp.py | 14 ++++++++++---- basic/srv/vm/templates/login.html | 6 ++---- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/basic/srv/vm/mgr/wsgiapp.py b/basic/srv/vm/mgr/wsgiapp.py index d786c7a..c74f45f 100644 --- a/basic/srv/vm/mgr/wsgiapp.py +++ b/basic/srv/vm/mgr/wsgiapp.py @@ -61,7 +61,7 @@ class WSGIApp(object): def get_url_map(self, session): rules = [ Rule('/', endpoint='portal_view'), - Rule('/login', methods=['GET'], endpoint='login_view'), + Rule('/login', methods=['GET'], endpoint='login_view', defaults={'redirect': '/'}), Rule('/login', methods=['POST'], endpoint='login_action'), Rule('/logout', endpoint='logout_action') ] @@ -87,6 +87,11 @@ class WSGIApp(object): Rule('/shutdown-vm', endpoint='shutdown_vm_action'), Rule('/reboot-vm', endpoint='reboot_vm_action'), ] + else: + rules += [ + Rule('/setup-host', endpoint='login_view', defaults={'redirect': '/setup-host'}), + Rule('/setup-apps', endpoint='login_view', defaults={'redirect': '/setup-apps'}), + ] return Map(rules) def render_template(self, template_name, request, **context): @@ -100,14 +105,15 @@ class WSGIApp(object): def render_json(self, data): return Response(json.dumps(data), mimetype='application/json') - def login_view(self, request): - return self.render_template('login.html', request) + def login_view(self, request, **kwargs): + return self.render_template('login.html', request, redirect=kwargs['redirect']) def login_action(self, request): password = request.form['password'] + redir_url = request.form['redirect'] if tools.adminpwd_verify(password, self.conf['host']['adminpwd']): request.session['admin'] = True - return redirect('/') + return redirect(redir_url) else: return self.render_template('login.html', request, message=request.session.lang.bad_password()) diff --git a/basic/srv/vm/templates/login.html b/basic/srv/vm/templates/login.html index 61ecc79..f739f63 100644 --- a/basic/srv/vm/templates/login.html +++ b/basic/srv/vm/templates/login.html @@ -14,10 +14,8 @@ -   - - - + + {% if message is defined %}