LibertaCasa/webreg
9
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improved error handling and Kiwi redirect

Browse Source 
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
Georg Pfuetzenreuter 2021-09-01 16:36:05 +02:00
parent d2e8fcd2b5
commit 840265c745
Signed by: Georg
GPG Key ID: 1DAF57F49F8E8F22
2 changed files with 37 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
flaskapp.py
View File

@ -11,14 +11,15 @@ app.config['SECRET_KEY'] = '$secret' #remove later
def hello(): def hello():
return render_template('home.html') return render_template('home.html')
#@app.route('/kiwi')
#def kiwi():
# return redirect("https://liberta.casa/kiwi/")
@app.route('/kiwi') @app.route('/kiwi')
def kiwi(): def kiwinick():
return redirect("https://liberta.casa/kiwi/")
@app.route('/kiwi/')
def kiwinick(nick, show_password_box):
nick = request.args.get('nick', None) nick = request.args.get('nick', None)
show_password_box = requests.args.get('show_password_box', None) show_password_box = request.args.get('show_password_box', None)
return redirect("https://liberta.casa/kiwi/") redirect_url = 'https://liberta.casa/kiwi/'+'?nick='+nick+'&show_password_box'+'='+show_password_box
return redirect(redirect_url)
@app.route('/register', methods=['GET', 'POST']) @app.route('/register', methods=['GET', 'POST'])
def register(): def register():
@ -30,14 +31,16 @@ def register():
password = request.form.get('password') password = request.form.get('password')
# email = request.form.get('email') add password arg to ircregisterfunction # email = request.form.get('email') add password arg to ircregisterfunction
response = ircregister(username, password, email) response = ircregister(username, password, email)
if response == "server failure": if response == "433":
flash("Server Unavailable") flash("IRC username already taken. Please select a different username")
elif response == "433": elif response == "409":
flash("Username already taken. Please select a different username") flash("User already exists.")
elif response == "success": elif response == "success":
return redirect(url_for('kiwinick', nick=username, show_password_box='true')) return redirect(url_for('kiwinick', nick=username, show_password_box='true'))
elif response == "failure": elif response == "invalidemail":
flash("Failure! Please try after some time or use NickServ.") flash("Is that a valid email address?")
elif response == "ssoerr":
flash("Sorry, we messed up. Please contact an administrator.")
return render_template('register.html', title='Register', form=form) return render_template('register.html', title='Register', form=form)

32
irc_register.py
View File

@ -19,10 +19,10 @@ def ircregister(username, password, email):
e.pop(s.send(e.pending())) e.pop(s.send(e.pending()))
# registering the connection to the server # registering the connection to the server
_send(irctokens.build("USER", [username, "0", "*", username])) _send(irctokens.build("USER", [username, "0", "*", username]))
_send(irctokens.build("NICK", [username])) _send(irctokens.build("NICK", [username]))
# define Keycloak related variables
server = 'http://192.168.0.115:8880' server = 'http://192.168.0.115:8880'
realm = 'devel' realm = 'devel'
tokenurl = 'http://localhost/kctoken' tokenurl = 'http://localhost/kctoken'
@ -32,11 +32,10 @@ def ircregister(username, password, email):
lastname = 'Bar' lastname = 'Bar'
# go through the cases # go through the cases
while True: while True:
lines = d.push(s.recv(1024)) lines = d.push(s.recv(1024))
if lines == None: #if nothing is received from server if lines == None: # if nothing is received from server
return "server error" return "server error"
break break
@ -48,8 +47,9 @@ def ircregister(username, password, email):
elif line.command == "005": # when 005 is received pass the nickserv register command command elif line.command == "005": # when 005 is received pass the nickserv register command command
_send(irctokens.build("PRIVMSG", ["NickServ", f"REGISTER {password}"])) _send(irctokens.build("PRIVMSG", ["NickServ", f"REGISTER {password}"]))
if line.command == 'NOTICE' and line.params == [username, f"Account created"]: if line.command == 'NOTICE' and line.params == [username, f"Account created"]: # the IRC registration succeeded
_send(irctokens.build("QUIT")) _send(irctokens.build("QUIT"))
# proceed with connecting to Keycloak
try: try:
tokendl = requests.get(tokenurl) tokendl = requests.get(tokenurl)
tokendata = tokendl.json() tokendata = tokendl.json()
@ -57,6 +57,7 @@ def ircregister(username, password, email):
url = server + '/auth/admin/realms/' + realm + '/users' url = server + '/auth/admin/realms/' + realm + '/users'
except: except:
print("ERROR: Keycloak token could not be installed.") print("ERROR: Keycloak token could not be installed.")
# register the user with Keycloak
if re.match(r"[^@]+@[^@]+\.[^@]+", email): if re.match(r"[^@]+@[^@]+\.[^@]+", email):
payload = { payload = {
"firstName": firstname, "firstName": firstname,
@ -82,25 +83,36 @@ def ircregister(username, password, email):
except: except:
print("Keycloak: No or invalid response JSON. This it not an error.") print("Keycloak: No or invalid response JSON. This it not an error.")
status = response.status_code status = response.status_code
if status == 201: if status == 201: # success
print(" SSO User " + username + " created.") print(" SSO User " + username + " created.")
return "success" # ok, done
if status == 400: if status == 400:
print("ERROR: Keycloak indicated that the request is invalid.") print("ERROR: Keycloak indicated that the request is invalid.")
if status == 401: return "ssoerr"
if status == 401: # unauthorized, usually an issue with the token
print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.") print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.")
return "ssoerr"
if status == 403: if status == 403:
print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.") print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.")
if status == 404: return "ssoerr"
if status == 404: # not found, usually an issue with the URL
print("ERROR: Keycloak indicated that the requested resource does not exist.") print("ERROR: Keycloak indicated that the requested resource does not exist.")
if status == 409: return "ssoerr"
if status == 409: # likely already occupied username or email address
print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.") print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.")
return "ssoerr"
return "409"
#to-do: parse response JSON to inform the user whether it's the username OR the email address causing the culprit
if status == 415: if status == 415:
print("ERROR: Keycloak indicated that the requested media type is not supported.") print("ERROR: Keycloak indicated that the requested media type is not supported.")
return "ssoerr"
if status == 500: if status == 500:
print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".") print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".")
else: return "ssoerr"
else: # email address doesn't look like an email address
print('Invalid email address supplied.') print('Invalid email address supplied.')
return "invalidemail"
return "success" #return "success" # ok, done
# register("hello", "test") # register("hello", "test")