user panel, logout script
This commit is contained in:
parent
d2e62585c0
commit
c980f32726
4 changed files with 62 additions and 33 deletions
|
@ -5,6 +5,7 @@ import hashlib
|
|||
import cgi
|
||||
import os
|
||||
import http.cookies
|
||||
import time
|
||||
|
||||
# Get form data
|
||||
form = cgi.FieldStorage()
|
||||
|
@ -25,8 +26,21 @@ if result:
|
|||
entered_password_hash = hashlib.sha256(password.encode()).hexdigest()
|
||||
|
||||
if entered_password_hash == stored_password_hash:
|
||||
# Create a session (a simple token could be enough for now)
|
||||
# Create a session token and expiration time (e.g., 24 hours from now)
|
||||
session_token = hashlib.sha256(os.urandom(32)).hexdigest()
|
||||
expires_at = int(time.time()) + 86400 # 24 hours
|
||||
|
||||
# Log session creation for debugging
|
||||
with open("/tmp/login_session_creation.log", "a") as f:
|
||||
f.write(f"Creating session for user {username}\n")
|
||||
f.write(f"Session Token: {session_token}\n")
|
||||
f.write(f"Expires At: {expires_at}\n")
|
||||
|
||||
# Store the session in the sessions table
|
||||
cursor.execute("INSERT INTO sessions (session_id, username, expires_at) VALUES (?, ?, ?)",
|
||||
(session_token, username, expires_at))
|
||||
db.commit()
|
||||
|
||||
# Set the session cookie
|
||||
print("Content-Type: text/html")
|
||||
print(f"Set-Cookie: session_id={session_token}; Path=/; HttpOnly")
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
# logout.cgi
|
||||
#!/usr/bin/python3
|
||||
|
||||
import sqlite3
|
||||
import os
|
||||
import sqlite3
|
||||
import http.cookies
|
||||
|
||||
# Set HTTP headers
|
||||
print("Content-Type: text/html")
|
||||
print("Set-Cookie: session_id=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT")
|
||||
print()
|
||||
|
@ -12,6 +13,10 @@ print()
|
|||
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
session_id = cookie.get('session_id')
|
||||
|
||||
# Log the logout process for debugging
|
||||
with open("/tmp/logout_session.log", "a") as f:
|
||||
f.write(f"Session ID: {session_id.value if session_id else 'None'}\n")
|
||||
|
||||
if session_id:
|
||||
session_id = session_id.value
|
||||
# Connect to SQLite and remove the session
|
||||
|
@ -21,5 +26,8 @@ if session_id:
|
|||
db.commit()
|
||||
db.close()
|
||||
|
||||
print("<h1>You have been logged out!</h1>")
|
||||
# Output the HTML for the logout page
|
||||
print("<html><head><title>Logout</title></head>")
|
||||
print("<body><h1>You have been logged out!</h1>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
print("</body></html>")
|
||||
|
|
|
@ -1,16 +1,21 @@
|
|||
import sqlite3
|
||||
import os
|
||||
import http.cookies
|
||||
import time
|
||||
import sqlite3
|
||||
import http.cookies
|
||||
import os
|
||||
|
||||
print("Content-Type: text/html")
|
||||
print()
|
||||
# Ensure the session_id is properly parsed
|
||||
cookie = http.cookies.SimpleCookie(os.environ.get('HTTP_COOKIE', ''))
|
||||
session_id = cookie.get('session_id')
|
||||
|
||||
# Get the session ID from the cookie
|
||||
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
session_id = cookie.get('session_id')
|
||||
if session_id:
|
||||
session_id = session_id.value
|
||||
else:
|
||||
session_id = None
|
||||
|
||||
if session_id:
|
||||
# Log the session ID for debugging
|
||||
with open("/tmp/user_panel_session.log", "a") as f:
|
||||
f.write(f"Parsed session ID: {session_id}\n")
|
||||
|
||||
if session_id:
|
||||
session_id = session_id.value
|
||||
# Connect to SQLite and check the session
|
||||
db = sqlite3.connect('/var/lib/monotreme/data/monotreme.db')
|
||||
|
@ -24,9 +29,11 @@ if session_id:
|
|||
username = result[0]
|
||||
print(f"<h1>Welcome, {username}!</h1>")
|
||||
print("<p>This is your user panel.</p>")
|
||||
print("<p>Here, for now, you can only log out.</p>")
|
||||
print("<a href='/cgi-bin/logout.cgi'>Log out</a>")
|
||||
else:
|
||||
print("<h1>Session expired or invalid!</h1>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
else:
|
||||
else:
|
||||
print("<h1>No session found!</h1>")
|
||||
print("<a href='/login/'>Login again</a>")
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
<!-- Header -->
|
||||
<tr>
|
||||
<td colspan="2" class="header">
|
||||
<h1>Welcome to Your User Panel</h1>
|
||||
<h1>Welcome to monotreme.org's User Panel</h1>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
|
|
Loading…
Reference in a new issue