prenex/magcms
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[enh] add global password

Browse Source
This commit is contained in:
Adrien Beudin 2017-10-02 11:14:50 +02:00
parent 8c4e6536ea
commit 53775d233b
7 changed files with 248 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
prosopopee/prosopopee.py
View File

@ -22,6 +22,8 @@ from subprocess import check_output
import ruamel.yaml as yaml import ruamel.yaml as yaml
from docopt import docopt from docopt import docopt
import base64
from path import Path from path import Path
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
@ -447,6 +449,7 @@ def build_gallery(settings, gallery_settings, gallery_path, template):
gallery_index_template = template.get_template("gallery-index.html") gallery_index_template = template.get_template("gallery-index.html")
page_template = template.get_template("page.html") page_template = template.get_template("page.html")
encrypted_template = template.get_template("encrypted.html") encrypted_template = template.get_template("encrypted.html")
from_template = template.get_template("form.html")
# this should probably be a factory # this should probably be a factory
Image.base_dir = Path(".").joinpath(gallery_path) Image.base_dir = Path(".").joinpath(gallery_path)
@ -476,14 +479,15 @@ def build_gallery(settings, gallery_settings, gallery_path, template):
open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html) open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
if gallery_settings.get("password"): if gallery_settings.get("password") or settings.get("password"):
template_to_render = encrypted_template password = gallery_settings.get("password", settings.get("password"))
password = gallery_settings.get("password")
index_plain = Path("build").joinpath(gallery_path, "index.html") index_plain = Path("build").joinpath(gallery_path, "index.html")
form = base64.b64encode(from_template.render(gallery=gallery_settings).encode("Utf-8"))
encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True) encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True)
html = template_to_render.render( html = encrypted_template.render(
settings=settings, settings=settings,
gallery=gallery_settings, gallery=gallery_settings,
form=str(form, 'utf-8'),
ciphertext=str(encrypted, 'utf-8'), ciphertext=str(encrypted, 'utf-8'),
).encode("Utf-8") ).encode("Utf-8")
@ -524,15 +528,18 @@ def build_gallery(settings, gallery_settings, gallery_path, template):
open(Path("build").joinpath(gallery_light_path, "index.html"), "wb").write(html) open(Path("build").joinpath(gallery_light_path, "index.html"), "wb").write(html)
if gallery_settings.get("password"): if gallery_settings.get("password") or settings.get("password"):
light_template_to_render = light_templates.get_template("encrypted.html") light_template_to_render = light_templates.get_template("encrypted.html")
from_template = light_templates.get_template("form.html")
form = base64.b64encode(from_template.render(gallery=gallery_settings).encode("Utf-8"))
template_to_render = encrypted_template template_to_render = encrypted_template
password = gallery_settings.get("password") password = gallery_settings.get("password", settings.get("password"))
index_plain = Path("build").joinpath(gallery_light_path, "index.html") index_plain = Path("build").joinpath(gallery_light_path, "index.html")
encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True) encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True)
html = light_template_to_render.render( html = light_template_to_render.render(
settings=settings, settings=settings,
gallery=gallery_settings, gallery=gallery_settings,
form=str(form, 'utf-8'),
ciphertext=str(encrypted, 'utf-8'), ciphertext=str(encrypted, 'utf-8'),
).encode("Utf-8") ).encode("Utf-8")
@ -565,6 +572,18 @@ def build_index(settings, galleries_cover, templates, gallery_path='', sub_index
open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html) open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
if settings.get("password"):
index_template_to_render = templates.get_template("index-encrypted.html")
password = settings.get("password")
index_plain = Path("build").joinpath(gallery_path, "index.html")
encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True)
html = index_template_to_render.render(
settings=settings,
ciphertext=str(encrypted, 'utf-8')
).encode("Utf-8")
open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
def main(): def main():
arguments = docopt(__doc__, version='0.6') arguments = docopt(__doc__, version='0.6')

48
prosopopee/themes/exposure/templates/encrypted.html
View File

@ -12,48 +12,34 @@
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT"/> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT"/>
<meta http-equiv="pragma" content="no-cache"/> <meta http-equiv="pragma" content="no-cache"/>
<link type="text/css" rel="stylesheet" href="../static/css/style-page.css" media="screen,projection"/> <link type="text/css" rel="stylesheet" href="../static/css/style-page.css" media="screen,projection"/>
</head> </head>
<body class="staticrypt-body">
<div class="staticrypt-page">
<div class="staticrypt-form">
<div class="staticrypt-instructions">
<img id="logo" src="./../static/img/logo.svg">
<p class="staticrypt-title">{{ gallery.title }}</p>
</div>
<hr class="staticrypt-hr">
<form id="staticrypt-form" action="#" method="post">
<div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
<input id="staticrypt-password"
type="password"
name="password"
placeholder="passphrase"
autofocus/>
<input type="submit" class="staticrypt-decrypt-button" value="ENTER"/>
</form>
</div>
</div>
<footer style="position: absolute;">
<p>Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a> · atom logo by <a href="https://thenounproject.com/jjjon/">Jonathan Li</a> under <a href="https://creativecommons.org/licenses/by/3.0/">CC-BY</a></p>
</footer>
<script type="text/javascript" src="../static/js/crypto-js.min.js" charset="utf-8"></script> <script type="text/javascript" src="../static/js/crypto-js.min.js" charset="utf-8"></script>
<script> <script>
var form = '{{ form }}';
var encryptedMsg = '{{ ciphertext }}';
if (sessionStorage.getItem("password")) {
var passphrase = sessionStorage.getItem("password");
var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
document.write(plainHTML);
document.close();
} else {
var plainHTML = CryptoJS.enc.Base64.parse(form).toString(CryptoJS.enc.Utf8);
document.write(plainHTML);
document.close();
}
document.getElementById('staticrypt-form').addEventListener('submit', function(e) { document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
e.preventDefault(); e.preventDefault();
var passphrase = document.getElementById('staticrypt-password').value, var passphrase = document.getElementById('staticrypt-password').value;
encryptedMsg = '{{ ciphertext }}';
try{ try{
var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8); var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
} }
catch(err) { catch(err) {
document.getElementById("error").innerHTML = "Wrong keyword entry." document.getElementById("error").innerHTML = "Wrong keyword entry.";
return; return;
} }

22
prosopopee/themes/exposure/templates/form.html Normal file
View File

@ -0,0 +1,22 @@
<body id="encrypt-body" class="staticrypt-body">
<div class="staticrypt-page"> \
<div class="staticrypt-form">
<div class="staticrypt-instructions">
<img id="logo" src="./../static/img/logo.svg">
<p class="staticrypt-title">{{ gallery.title }}</p>
</div>
<hr class="staticrypt-hr">
<form id="staticrypt-form" action="#" method="post">
<div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
<input id="staticrypt-password"
type="password"
name="password"
placeholder="passphrase"
autofocus/>
<input type="submit" class="staticrypt-decrypt-button" value="ENTER"/>
</form>
</div>
</div>
<footer style="position: absolute;">
<p>Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a> · atom logo by <a href="https://thenounproject.com/jjjon/">Jonathan Li</a> under <a href="https://creativecommons.org/licenses/by/3.0/">CC-BY</a></p>
</footer>

66
prosopopee/themes/exposure/templates/index-encrypted.html Normal file
View File

@ -0,0 +1,66 @@
<!doctype html>
<html class="staticrypt-html">
<head>
<meta charset="utf-8">
<title>{{ settings.title }}</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- do not cache this page -->
<meta http-equiv="cache-control" content="max-age=0"/>
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="expires" content="0"/>
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT"/>
<meta http-equiv="pragma" content="no-cache"/>
<link type="text/css" rel="stylesheet" href="static/css/style-page.css" media="screen,projection"/>
</head>
<body class="staticrypt-body">
<div class="staticrypt-page">
<div class="staticrypt-form">
<div class="staticrypt-instructions">
<img id="logo" src="static/img/logo.svg">
<p class="staticrypt-title">{{ settings.title }}</p>
</div>
<hr class="staticrypt-hr">
<form id="staticrypt-form" action="#" method="post">
<div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
<input id="staticrypt-password"
type="password"
name="password"
placeholder="passphrase"
autofocus/>
<input type="submit" class="staticrypt-decrypt-button" value="ENTER"/>
</form>
</div>
</div>
<footer style="position: absolute;">
<p>Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a> · atom logo by <a href="https://thenounproject.com/jjjon/">Jonathan Li</a> under <a href="https://creativecommons.org/licenses/by/3.0/">CC-BY</a></p>
</footer>
<script type="text/javascript" src="static/js/crypto-js.min.js" charset="utf-8"></script>
<script>
document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
e.preventDefault();
var passphrase = document.getElementById('staticrypt-password').value,
encryptedMsg = '{{ ciphertext }}';
try{
var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
}
catch(err) {
document.getElementById("error").innerHTML = "Wrong keyword entry.";
return;
}
sessionStorage.setItem("password", passphrase);
document.write(plainHTML);
document.close();
});
</script>
</body>
</html>

50
prosopopee/themes/material/templates/encrypted.html
View File

@ -14,50 +14,32 @@
<link type="text/css" rel="stylesheet" href="../static/css/style-page.css" media="screen,projection"/> <link type="text/css" rel="stylesheet" href="../static/css/style-page.css" media="screen,projection"/>
<link type="text/css" rel="stylesheet" href="../static/css/materialize.css" media="screen,projection"/> <link type="text/css" rel="stylesheet" href="../static/css/materialize.css" media="screen,projection"/>
</head> </head>
<body class="staticrypt-body">
<div class="staticrypt-page">
<div class="staticrypt-form">
<div class="staticrypt-instructions">
<p class="staticrypt-title">{{ gallery.title }}</p>
</div>
<hr class="staticrypt-hr">
<form id="staticrypt-form" action="#" method="post">
<div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
<input id="staticrypt-password"
type="password"
name="password"
placeholder="passphrase"
autofocus/>
<button class="btn waves-effect waves-light" type="submit" name="action">ENTER
</button>
</form>
</div>
</div>
<footer class="page-footer blue-grey darken-1">
<div class="footer-copyright blue-grey darken-2">
<div class="container center">
Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a>
</div>
</div>
</footer>
<script type="text/javascript" src="../static/js/crypto-js.min.js" charset="utf-8"></script> <script type="text/javascript" src="../static/js/crypto-js.min.js" charset="utf-8"></script>
<script> <script>
var form = '{{ form }}';
var encryptedMsg = '{{ ciphertext }}';
if (sessionStorage.getItem("password")) {
var passphrase = sessionStorage.getItem("password");
var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
document.write(plainHTML);
document.close();
} else {
var plainHTML = CryptoJS.enc.Base64.parse(form).toString(CryptoJS.enc.Utf8);
document.write(plainHTML);
document.close();
}
document.getElementById('staticrypt-form').addEventListener('submit', function(e) { document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
e.preventDefault(); e.preventDefault();
var passphrase = document.getElementById('staticrypt-password').value, var passphrase = document.getElementById('staticrypt-password').value;
encryptedMsg = '{{ ciphertext }}';
try{ try{
var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8); var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
} }
catch(err) { catch(err) {
document.getElementById("error").innerHTML = "Wrong keyword entry." document.getElementById("error").innerHTML = "Wrong keyword entry.";
return; return;
} }

30
prosopopee/themes/material/templates/form.html Normal file
View File

@ -0,0 +1,30 @@
<body class="staticrypt-body">
<div class="staticrypt-page">
<div class="staticrypt-form">
<div class="staticrypt-instructions">
<p class="staticrypt-title">{{ gallery.title }}</p>
</div>
<hr class="staticrypt-hr">
<form id="staticrypt-form" action="#" method="post">
<div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
<input id="staticrypt-password"
type="password"
name="password"
placeholder="passphrase"
autofocus/>
<button class="btn waves-effect waves-light" type="submit" name="action">ENTER
</button>
</form>
</div>
</div>
<footer class="page-footer blue-grey darken-1">
<div class="footer-copyright blue-grey darken-2">
<div class="container center">
Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a>
</div>
</div>
</footer>

69
prosopopee/themes/material/templates/index-encrypted.html Normal file
View File

@ -0,0 +1,69 @@
<!doctype html>
<html class="staticrypt-html">
<head>
<meta charset="utf-8">
<title>{{ settings.title }}</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- do not cache this page -->
<meta http-equiv="cache-control" content="max-age=0"/>
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="expires" content="0"/>
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT"/>
<meta http-equiv="pragma" content="no-cache"/>
<link type="text/css" rel="stylesheet" href="static/css/style-page.css" media="screen,projection"/>
<link type="text/css" rel="stylesheet" href="static/css/materialize.css" media="screen,projection"/>
</head>
<body class="staticrypt-body">
<div class="staticrypt-page">
<div class="staticrypt-form">
<div class="staticrypt-instructions">
<p class="staticrypt-title">{{ settings.title }}</p>
</div>
<hr class="staticrypt-hr">
<form id="staticrypt-form" action="#" method="post">
<div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
<input id="staticrypt-password"
type="password"
name="password"
placeholder="passphrase"
autofocus/>
<button class="btn waves-effect waves-light" type="submit" name="action">ENTER
</button>
</form>
</div>
</div>
<footer class="page-footer blue-grey darken-1">
<div class="footer-copyright blue-grey darken-2">
<div class="container center">
Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a>
</div>
</div>
</footer>
<script type="text/javascript" src="static/js/crypto-js.min.js" charset="utf-8"></script>
<script>
document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
e.preventDefault();
var passphrase = document.getElementById('staticrypt-password').value,
encryptedMsg = '{{ ciphertext }}';
try{
var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
}
catch(err) {
document.getElementById("error").innerHTML = "Wrong keyword entry.";
return;
}
sessionStorage.setItem("password", passphrase);
document.write(plainHTML);
document.close();
});
</script>
</body>
</html>