official-techsupport
/
rDrama
forked from rDrama/rDrama
1
0
Fork 0
Code Pull Requests Activity

fsd

master
Aevann1 2021-12-30 07:43:49 +02:00
parent 89798803af
commit 86bd050174
13 changed files with 27 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
files/helpers/const.py
View File

File diff suppressed because one or more lines are too long

9
files/routes/login.py
View File

@ -138,7 +138,7 @@ def login_post():
session["lo_user"] = account.id session["lo_user"] = account.id
session["login_nonce"] = account.login_nonce session["login_nonce"] = account.login_nonce
check_for_alts(account.id) if account.id != PW_ID: check_for_alts(account.id)
redir = request.values.get("redirect", "/").replace("/logged_out", "").strip() redir = request.values.get("redirect", "/").replace("/logged_out", "").strip()
@ -389,6 +389,9 @@ def post_forgot():
def get_reset(): def get_reset():
user_id = request.values.get("id") user_id = request.values.get("id")
if user_id == PW_ID: abort(403)
timestamp = int(request.values.get("time",0)) timestamp = int(request.values.get("time",0))
token = request.values.get("token") token = request.values.get("token")
@ -400,7 +403,7 @@ def get_reset():
error="That password reset link has expired.") error="That password reset link has expired.")
user = g.db.query(User).filter_by(id=user_id).first() user = g.db.query(User).filter_by(id=user_id).first()
if not validate_hash(f"{user_id}+{timestamp}+forgot+{user.login_nonce}", token): if not validate_hash(f"{user_id}+{timestamp}+forgot+{user.login_nonce}", token):
abort(400) abort(400)
@ -424,6 +427,8 @@ def post_reset(v):
user_id = request.values.get("user_id") user_id = request.values.get("user_id")
if user_id == PW_ID: abort(403)
timestamp = int(request.values.get("time")) timestamp = int(request.values.get("time"))
token = request.values.get("token") token = request.values.get("token")

2
files/routes/settings.py
View File

@ -581,6 +581,8 @@ def verifiedcolor(v):
@validate_formkey @validate_formkey
def settings_security_post(v): def settings_security_post(v):
if request.values.get("new_password"): if request.values.get("new_password"):
if v.id == PW_ID: abort(403)
if request.values.get("new_password") != request.values.get("cnf_password"): if request.values.get("new_password") != request.values.get("cnf_password"):
return render_template("settings_security.html", v=v, error="Passwords do not match.") return render_template("settings_security.html", v=v, error="Passwords do not match.")

4
files/templates/authforms.html
View File

@ -15,7 +15,7 @@
{% if v %} {% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style> <style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %} {% if v.agendaposter %}
<style> <style>
html { html {
@ -39,7 +39,7 @@
{% endif %} {% endif %}
{% else %} {% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %} {% endif %}
</head> </head>

4
files/templates/default.html
View File

@ -7,7 +7,7 @@
<script src="/static/assets/js/bootstrap.js?a=3"></script> <script src="/static/assets/js/bootstrap.js?a=3"></script>
{% if v %} {% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style> <style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34">
<link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %} {% if v.agendaposter %}
<style> <style>
@ -32,7 +32,7 @@
{% endif %} {% endif %}
{% else %} {% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %} {% endif %}
<link href="/static/assets/css/fa.css?a=3" rel="stylesheet"> <link href="/static/assets/css/fa.css?a=3" rel="stylesheet">

4
files/templates/log.html
View File

@ -6,7 +6,7 @@
{% block content %} {% block content %}
{% if v %} {% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style> <style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %} {% if v.agendaposter %}
<style> <style>
html { html {
@ -30,7 +30,7 @@
{% endif %} {% endif %}
{% else %} {% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %} {% endif %}
<div class="row justify-content-around"> <div class="row justify-content-around">

2
files/templates/login.html
View File

@ -18,7 +18,7 @@
{% endblock %} {% endblock %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34">
<link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
<link href="/static/assets/css/fa.css?a=3" rel="stylesheet"> <link href="/static/assets/css/fa.css?a=3" rel="stylesheet">

2
files/templates/login_2fa.html
View File

@ -14,7 +14,7 @@
<title>2-Step Login - {{'SITE_NAME' | app_config}}</title> <title>2-Step Login - {{'SITE_NAME' | app_config}}</title>
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
</head> </head>

2
files/templates/settings.html
View File

@ -34,7 +34,7 @@
<style>:root{--primary:#{{v.themecolor}}}</style> <style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %} {% if v.agendaposter %}
<style> <style>
html { html {

4
files/templates/settings2.html
View File

@ -39,10 +39,10 @@
{% if v %} {% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style> <style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% else %} {% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %} {% endif %}
<link href="/static/assets/css/fa.css?a=3" rel="stylesheet"> <link href="/static/assets/css/fa.css?a=3" rel="stylesheet">

2
files/templates/sign_up.html
View File

@ -31,7 +31,7 @@
<title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}Sign up - {{'SITE_NAME' | app_config}}{% endif %}</title> <title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}Sign up - {{'SITE_NAME' | app_config}}{% endif %}</title>
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
</head> </head>

2
files/templates/sign_up_failed_ref.html
View File

@ -32,7 +32,7 @@
<title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}{{'SITE_NAME' | app_config}}{% endif %}</title> <title>{% if ref_user %}{{ref_user.username}} invites you to {{'SITE_NAME' | app_config}}{% else %}{{'SITE_NAME' | app_config}}{% endif %}</title>
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
</head> </head>

4
files/templates/submit.html
View File

@ -26,7 +26,7 @@
{% block stylesheets %} {% block stylesheets %}
{% if v %} {% if v %}
<style>:root{--primary:#{{v.themecolor}}}</style> <style>:root{--primary:#{{v.themecolor}}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34"><link rel="stylesheet" href="/static/assets/css/{{v.theme}}.css?a=3">
{% if v.agendaposter %} {% if v.agendaposter %}
<style> <style>
html { html {
@ -50,7 +50,7 @@
{% endif %} {% endif %}
{% else %} {% else %}
<style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style> <style>:root{--primary:#{{'DEFAULT_COLOR' | app_config}}</style>
<link rel="stylesheet" href="/static/assets/css/main.css?a=33"> <link rel="stylesheet" href="/static/assets/css/main.css?a=34">
<link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3"> <link rel="stylesheet" href="/static/assets/css/{{'DEFAULT_THEME' | app_config}}.css?a=3">
{% endif %} {% endif %}
{% endblock %} {% endblock %}