gkrou/FastAuth
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: gkrou:6a1429614bc77eed364b849d1cd1d02aca174137
Branches Tags
gkrou:master
gkrou:sqlitwe
gkrou:httpcookie
..
compare: gkrou:0d5b83e0545c2eb918dd99a9e4890ee95e4bf48d
Branches Tags
gkrou:sqlitwe
gkrou:httpcookie
gkrou:master

No commits in common. "6a1429614bc77eed364b849d1cd1d02aca174137" and "0d5b83e0545c2eb918dd99a9e4890ee95e4bf48d" have entirely different histories.
6a1429614b ... 0d5b83e054

6 changed files with 19 additions and 196 deletions
Show Stats Expand all files Collapse all files

12
frontend/src/App.vue
View File

@ -1,7 +1,6 @@
<script setup> <script setup>
import CreateSecret from "./components/CreateSecret.vue"; import CreateSecret from "./components/CreateSecret.vue";
import HomePage from "./components/HomePage.vue"; import HomePage from "./components/HomePage.vue";
import ImportSecrets from "./components/ImportSecrets.vue";
import ListSecrets from "./components/ListSecrets.vue"; import ListSecrets from "./components/ListSecrets.vue";
</script> </script>
@ -27,10 +26,6 @@ import ListSecrets from "./components/ListSecrets.vue";
<CreateSecret :editSecret="editingSecret" @close="secretSaved" /> <CreateSecret :editSecret="editingSecret" @close="secretSaved" />
</el-dialog> </el-dialog>
<el-dialog v-model="importDialog" title="Import TOTP secrets" width="80vw">
<ImportSecrets />
</el-dialog>
<div class="container"> <div class="container">
<div class="timer" v-if="loggedin" :style="{ width: timerWidth + '%' }"></div> <div class="timer" v-if="loggedin" :style="{ width: timerWidth + '%' }"></div>
<HomePage <HomePage
@ -48,13 +43,11 @@ import ListSecrets from "./components/ListSecrets.vue";
<ListSecrets :key="listUpdated" v-if="showSecrets && loggedin" @edit="editSecret" /> <ListSecrets :key="listUpdated" v-if="showSecrets && loggedin" @edit="editSecret" />
</div> </div>
<button class="create-floating" @click="creationDialog = true">+</button> <button class="create-floating" @click="creationDialog = true">+</button>
<button class="create-floating mb50" @click="importDialog = true">i</button>
</div> </div>
</template> </template>
<script> <script>
export default { export default {
components: { ImportSecrets },
data() { data() {
return { return {
loggedin: false, loggedin: false,
@ -64,7 +57,6 @@ export default {
apiBaseUrl: "http://localhost:8000", apiBaseUrl: "http://localhost:8000",
editDialog: false, editDialog: false,
editingSecret: {}, editingSecret: {},
importDialog: false,
timerWidth: 0, timerWidth: 0,
}; };
}, },
@ -212,8 +204,4 @@ export default {
border: none; border: none;
background: none; background: none;
} }
.mb50 {
margin-bottom: 50px;
}
</style> </style>

20
frontend/src/components/CreateSecret.vue
View File

@ -14,22 +14,6 @@
<el-form-item label="Notes"> <el-form-item label="Notes">
<el-input v-model="form.notes" /> <el-input v-model="form.notes" />
</el-form-item> </el-form-item>
<el-form-item label="Algorithm">
<el-select v-model="form.algorithm" placeholder="Select">
<el-option
v-for="item in algorithms"
:key="item"
:label="item"
:value="item"
/>
</el-select>
</el-form-item>
<el-form-item label="Digits">
<el-input v-model="form.digits" />
</el-form-item>
<el-form-item label="Seconds">
<el-input v-model="form.seconds" />
</el-form-item>
</el-form> </el-form>
<el-button @click="createSecret" type="primary" v-if="showAddMore" <el-button @click="createSecret" type="primary" v-if="showAddMore"
>Save & Add More</el-button >Save & Add More</el-button
@ -61,13 +45,9 @@ export default {
username: "", username: "",
secret: "", secret: "",
notes: "", notes: "",
algorithm: "SHA1",
digits: 6,
seconds: 30,
}, },
method: "POST", method: "POST",
showAddMore: true, showAddMore: true,
algorithms: ["SHA1", "SHA256", "SHA512"],
}; };
}, },

2
frontend/src/components/HomePage.vue
View File

@ -20,7 +20,7 @@ export default {
message: "Hello world!", message: "Hello world!",
apiBaseUrl: "http://localhost:8000", apiBaseUrl: "http://localhost:8000",
form: { form: {
username: "gouravkr", username: "gourav",
password: "hello123", password: "hello123",
}, },
}; };

141
frontend/src/components/ImportSecrets.vue
View File

@ -1,141 +0,0 @@
<template>
<div class="import-container">
<!-- <h3>Select a File to Read</h3> -->
<input type="file" id="fileInput" @change="readFile" /> <br />
<button @click="parseTotpUri">Parse tokens</button>
<button @click="saveImportedSecrets">Save tokens</button>
<div class="token-list">
<span v-for="token in parsedTokens" :key="token.issuer">
<p v-for="(value, name) in token" :key="name">{{ name }}: {{ value }}</p>
<br />
</span>
<!-- <span>{{ parsedTokens }}</span> -->
</div>
</div>
</template>
<script>
export default {
data() {
return {
apiBaseUrl: "http://localhost:8000",
message: "hello",
file: null,
fileContent: null,
allTokens: [],
parsedTokens: [],
};
},
methods: {
parseFile() {
var authArr = this.fileContent.split("\r\n");
authArr.forEach((ele) => {
if (ele.length > 80) {
this.allTokens.push(decodeURIComponent(ele));
}
});
},
readFile(e) {
const file = e.target.files[0]; // Get the selected file
if (file) {
var reader = new FileReader();
reader.onload = () => {
this.fileContent = reader.result;
};
reader.readAsText(file);
} else {
document.getElementById("fileContent").textContent = "No file selected";
}
},
parseTotpUri() {
this.parseFile();
this.allTokens.forEach((token) => {
const url = new URL(token);
const scheme = url.protocol.slice(0, -1);
var label = decodeURIComponent(url.pathname.slice(1)); // Remove the leading '/'
const type = label.slice(1, -1).split("/")[0];
label = label.slice(6);
let accountName, issuerFromLabel;
const labelParts = label.split(":");
if (labelParts.length === 2) {
issuerFromLabel = labelParts[0];
accountName = labelParts[1];
} else {
accountName = label;
}
const params = {};
url.searchParams.forEach((value, key) => {
params[key] = value;
});
console.log(params);
const secret = params.secret;
const issuer = params.issuer || issuerFromLabel;
const algorithm = params.algorithm || "SHA1";
const digits = params.digits || "6";
const period = params.period || "30";
const counter = params.counter;
const parts = {
scheme,
type,
label,
accountName,
issuer,
secret,
algorithm,
digits,
period,
counter,
};
this.parsedTokens.push(parts);
});
},
async createSecret(formData) {
const url = `${this.apiBaseUrl}/secret`;
const token = sessionStorage.getItem("token");
const bodyData = { data: btoa(JSON.stringify(formData)) };
const requestOptions = {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${token}`,
},
body: JSON.stringify(bodyData),
};
console.log("this request sent\n", requestOptions);
await fetch(url, requestOptions)
.then((response) => response.json())
.then((data) => console.log(data));
},
async saveImportedSecrets() {
for (var i = 0; i < this.parsedTokens.length; i++) {
await this.createSecret(this.parsedTokens[i]);
}
},
},
};
</script>
<style scoped>
.import-container {
/* max-height: 60vh; */
overflow: hidden;
margin-top: 1vh;
}
.token-list {
height: 60vh;
margin-top: 10px;
overflow-y: scroll;
}
</style>

25
main.py
View File

@ -120,19 +120,32 @@ async def update_secret(secret: Secret, current_user: dict = Depends(get_current
Updates an encrypted secret for the user. Updates an encrypted secret for the user.
""" """
data = []
with open('database/secrets.json', 'r') as f:
text = f.read()
if text:
data.extend(json.loads(text))
if secret.id is None: if secret.id is None:
raise HTTPException(status.HTTP_400_BAD_REQUEST, detail="Id must be passed for updating secret") raise HTTPException(status.HTTP_400_BAD_REQUEST, detail="Id must be passed for updating secret")
secret.user_id = current_user['id'] secret.user_id = current_user['id']
found_secrets = [(i, j) for i, j in enumerate(data) if j['user_id'] == secret.user_id and j['id']==secret.id]
if not found_secrets:
raise HTTPException(status.HTTP_400_BAD_REQUEST, deatil="Secret with this Id not found for this user")
secret_pos = found_secrets[0][0]
encryption_key = current_user['encryption_key'].encode() encryption_key = current_user['encryption_key'].encode()
encrypted_data = fernet_encrypt(secret.data.encode(), encryption_key) encrypted_data = fernet_encrypt(secret.data.encode(), encryption_key)
secret.data = encrypted_data.decode('utf-8')
token = queries.UPDATE_SECRET(secret.model_dump()) secret.data = encrypted_data.decode('utf-8')
if not token: data[secret_pos] = jsonable_encoder(secret)
raise HTTPException(status.HTTP_400_BAD_REQUEST, "Token not found for this user")
return token with open('database/secrets.json', 'w') as f:
json.dump(data, f)
return secret
@app.get('/secret') @app.get('/secret')
@ -141,8 +154,6 @@ async def list_secret(current_user: dict = Depends(get_current_user)):
user_secrets = queries.GET_SECRETS({'user_id': current_user['id']}) user_secrets = queries.GET_SECRETS({'user_id': current_user['id']})
encryption_key = current_user['encryption_key'].encode() encryption_key = current_user['encryption_key'].encode()
if not user_secrets:
return {'message': 'No tokens stored yet'}
for secret in user_secrets: for secret in user_secrets:
cur_data = secret['data'] cur_data = secret['data']

15
queries.py
View File

@ -128,21 +128,6 @@ CREATE_SECRET = DbQuery(
rows=None rows=None
) )
UPDATE_SECRET = DbQuery(
"""
UPDATE secrets
SET
data = :data,
modified_on = CURRENT_TIMESTAMP
WHERE
id = :id
RETURNING *
""",
type='write',
returns=True,
rows='single'
)
GET_SECRETS = DbQuery( GET_SECRETS = DbQuery(
""" """
SELECT * SELECT *