diff --git a/server.py b/server.py index 0b279b1..11a857e 100644 --- a/server.py +++ b/server.py @@ -57,8 +57,7 @@ if AUTH_TYPE == "oidc": } } """ - LOG.error("CLIENT_SECRETS") - LOG.error(client_secrets) + with open("/app/instance/secrets.json", "w+") as secrets_json: secrets_json.write(client_secrets) @@ -108,6 +107,7 @@ enabled = unchanged @app.route('/overview') oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def overview_page(): # Some basic sanity checks: pass_checks = str(helper.load_checks()) @@ -122,6 +122,7 @@ def overview_page(): @app.route('/machines', methods=('GET', 'POST')) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def machines_page(): # Some basic sanity checks: pass_checks = str(helper.load_checks()) @@ -138,6 +139,7 @@ def machines_page(): @app.route('/users', methods=('GET', 'POST')) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def users_page(): # Some basic sanity checks: pass_checks = str(helper.load_checks()) @@ -154,6 +156,7 @@ def users_page(): @app.route('/settings', methods=('GET', 'POST')) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def settings_page(): # Some basic sanity checks: pass_checks = str(helper.load_checks()) @@ -173,6 +176,7 @@ def settings_page(): @app.route('/error') oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def error_page(): if helper.access_checks() == "Pass": return redirect(url_for('overview_page')) @@ -192,6 +196,7 @@ def error_page(): @app.route('/api/test_key', methods=('GET', 'POST')) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def test_key_page(): api_key = headscale.get_api_key() url = headscale.get_url() @@ -230,6 +235,7 @@ def test_key_page(): @app.route('/api/save_key', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def save_key_page(): json_response = request.get_json() api_key = json_response['api_key'] @@ -256,6 +262,7 @@ def save_key_page(): @app.route('/api/update_route', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def update_route_page(): json_response = request.get_json() route_id = json_response['route_id'] @@ -268,6 +275,7 @@ def update_route_page(): @app.route('/api/machine_information', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def machine_information_page(): json_response = request.get_json() machine_id = json_response['id'] @@ -279,6 +287,7 @@ def machine_information_page(): @app.route('/api/delete_machine', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def delete_machine_page(): json_response = request.get_json() machine_id = json_response['id'] @@ -290,6 +299,7 @@ def delete_machine_page(): @app.route('/api/rename_machine', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def rename_machine_page(): json_response = request.get_json() machine_id = json_response['id'] @@ -302,6 +312,7 @@ def rename_machine_page(): @app.route('/api/move_user', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def move_user_page(): json_response = request.get_json() machine_id = json_response['id'] @@ -314,6 +325,7 @@ def move_user_page(): @app.route('/api/set_machine_tags', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def set_machine_tags(): json_response = request.get_json() machine_id = json_response['id'] @@ -326,6 +338,7 @@ def set_machine_tags(): @app.route('/api/register_machine', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def register_machine(): json_response = request.get_json() machine_key = json_response['key'] @@ -341,6 +354,7 @@ def register_machine(): @app.route('/api/rename_user', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def rename_user_page(): json_response = request.get_json() old_name = json_response['old_name'] @@ -353,6 +367,7 @@ def rename_user_page(): @app.route('/api/add_user', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def add_user(): json_response = json.dumps(request.get_json()) url = headscale.get_url() @@ -363,6 +378,7 @@ def add_user(): @app.route('/api/delete_user', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def delete_user(): json_response = request.get_json() user_name = json_response['name'] @@ -374,6 +390,7 @@ def delete_user(): @app.route('/api/get_users', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def get_users_page(): url = headscale.get_url() api_key = headscale.get_api_key() @@ -386,6 +403,7 @@ def get_users_page(): @app.route('/api/add_preauth_key', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def add_preauth_key(): json_response = json.dumps(request.get_json()) url = headscale.get_url() @@ -396,6 +414,7 @@ def add_preauth_key(): @app.route('/api/expire_preauth_key', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def expire_preauth_key(): json_response = json.dumps(request.get_json()) url = headscale.get_url() @@ -406,6 +425,7 @@ def expire_preauth_key(): @app.route('/api/build_preauthkey_table', methods=['POST']) oidc.require_login = enabled if AUTH_TYPE == "oidc" else disabled @oidc.require_login +@auth_method def build_preauth_key_table(): json_response = request.get_json() user_name = json_response['name']