Remove branding from learners

Author: git-lreuter

learners/conf/admin.py

@@ -0,0 +1,59 @@
+import json
+
+from flask import Blueprint, jsonify, render_template
+from learners.conf.config import cfg
+from learners.functions.database import (
+    get_all_exercises,
+    get_all_users,
+    get_executions_by_user_exercise,
+    get_exercise_by_name,
+    get_user_by_id,
+)
+from learners.functions.helpers import extract_history
+from learners.functions.results import construct_results_table
+from learners.jwt_manager import admin_required
+from learners.logger import logger
+
+admin_api = Blueprint("admin_api", __name__)
+
+
+@admin_api.route("/admin", methods=["GET"])
+@admin_required()
+def admin_area():
+
+    exercises = get_all_exercises()
+    users = get_all_users()
+
+    user_filter = [{"id": 0, "username": "all"}]
+    user_filter.extend({"id": user.id, "username": user.name} for user in users)
+
+    exercises_filter = [{"id": "all", "name": "all"}]
+    exercises_filter.extend({"id": exercise.name, "name": exercise.title} for exercise in exercises)
+
+    results_table = construct_results_table(exercises, users)
+    return render_template("results.html", exercises=exercises_filter, users=user_filter, table=results_table, **cfg.template)
+
+
+@admin_api.route("/result/<user_id>/<exercise_name>", methods=["GET"])
+@admin_required()
+def get_exercise_result(user_id, exercise_name):
+
+    exercise = get_exercise_by_name(exercise_name)
+    user = get_user_by_id(user_id)
+    executions = get_executions_by_user_exercise(user_id, exercise.id)
+
+    last_execution = executions[0] if executions else None
+    data = {
+        "completed": any(execution.completed for execution in executions) if last_execution else False,
+        "executed": any(not execution.connection_failed for execution in executions) if last_execution else False,
+        "msg": last_execution.msg if last_execution else None,
+        "response_timestamp": last_execution.response_timestamp if last_execution else None,
+        "connection": any(not execution.connection_failed for execution in executions) if last_execution else False,
+    }
+
+    if exercise.type == "form":
+        data["form"] = json.loads(last_execution.form_data) if last_execution else None
+
+    data["history"] = extract_history(executions) if executions else None
+
+    return render_template("result_details.html", user=user.name, exercise=exercise.title, data=data, **cfg.template)

learners/conf/authentication.py

@@ -0,0 +1,51 @@
+from datetime import datetime, timezone
+
+from flask import Blueprint, make_response, redirect, render_template, request
+from flask_jwt_extended import create_access_token, get_jwt, get_jwt_identity, jwt_required, verify_jwt_in_request
+from learners.conf.config import cfg
+from learners.conf.db_models import TokenBlocklist
+from learners.database import db
+from learners.functions.authentication import check_password
+
+authentication_api = Blueprint("authentication_api", __name__)
+
+
+@authentication_api.route("/login", methods=["GET", "POST"])
+def login():
+
+    if request.method == "GET":
+        try:
+            verify_jwt_in_request()
+            success_msg = f"Logged in as {get_jwt_identity()}."
+            return render_template("login.html", **cfg.template, success=True, success_msg=success_msg)
+        except Exception:
+            return render_template("login.html", **cfg.template)
+
+    username = request.form.get("username", None)
+    password = request.form.get("password", None)
+
+    if not check_password(cfg.users, username, password):
+        error_msg = "Invalid username or password"
+        return render_template("login.html", **cfg.template, error=error_msg)
+
+    admin = cfg.users.get(username).get("is_admin")
+    cfg.template["admin"] = admin
+    cfg.template["authenticated"] = True
+
+    access_token = create_access_token(identity=username, additional_claims={"is_admin": admin})
+    response = make_response(redirect("/admin", 302)) if admin else make_response(redirect("/access", 302))
+    response.set_cookie("access_token_cookie", value=access_token, secure=True, httponly=False)
+
+    return response
+
+
+@authentication_api.route("/logout")
+@jwt_required()
+def modify_token():
+    jti = get_jwt()["jti"]
+    now = datetime.now(timezone.utc)
+    db.session.add(TokenBlocklist(jti=jti, created_at=now))
+    db.session.commit()
+    success_msg = "Successfully logged out."
+    cfg.template["authenticated"] = False
+    return render_template("login.html", **cfg.template, success_msg=success_msg)

learners/conf/config.py

@@ -108,7 +108,6 @@ def __init__(self):
         }
 
         self.template = {
-            "files": set_branded_template_files(self),
             "chat": False,
             "admin": False,
             "user_id": None,
@@ -163,20 +162,3 @@ def config_app(app):
         app.config["MAIL_PASSWORD"] = cfg.mail_password
         app.config["MAIL_USE_TLS"] = cfg.mail_tls
         app.config["MAIL_USE_SSL"] = cfg.mail_ssl
-
-
-def set_branded_template_files(cfg) -> dict:
-
-    template_files = {}
-    dirs = ["", "partials/"]
-    for dir in dirs:
-        for file in os.listdir(f"./learners/templates/{dir}"):
-            file_name, file_ext = os.path.splitext(file)
-            if os.path.exists(f"./learners/templates/branding/{cfg.theme}_{file_name}{file_ext}"):
-                file = f"branding/{cfg.theme}_{file}"
-            else:
-                file = f"{dir}{file}"
-            if file.endswith(".html"):
-                template_files[file_name] = file
-
-    return template_files

learners/conf/interface.py

@@ -0,0 +1,33 @@
+from flask import Blueprint, render_template
+from flask_jwt_extended import create_access_token, get_jwt_identity, jwt_required
+from learners.conf.config import cfg
+
+interface_api = Blueprint("interface_api", __name__)
+
+
+@interface_api.route("/access", methods=["GET"])
+@jwt_required()
+def access():
+
+    user_id = get_jwt_identity()
+
+    if vnc_clients := cfg.users.get(user_id).get("vnc_clients"):
+        cfg.template["vnc_clients"] = vnc_clients
+        for client, details in vnc_clients.items():
+            if cfg.jwt_for_vnc_access:
+                additional_claims = {
+                    "target": str(details.get("target")),
+                    "username": str(details.get("username")),
+                    "password": str(details.get("password")),
+                }
+                vnc_auth_token = create_access_token(identity=user_id, additional_claims=additional_claims)
+                auth_url = f"{details.get('server')}?auth={vnc_auth_token}"
+            else:
+                auth_url = (
+                    f"{details.get('server')}?"
+                    + f"username={details.get('username')}&password={details.get('password')}&"
+                    + f"target={details.get('target')}"
+                )
+            cfg.template["vnc_clients"][client].setdefault("url", auth_url)
+
+    return render_template("index.html", **cfg.template)

learners/conf/jwt_manager.py

@@ -0,0 +1,84 @@
+from functools import wraps
+
+from flask import render_template
+from flask_jwt_extended import JWTManager, get_jwt, verify_jwt_in_request
+
+from learners import logger
+from learners.conf.config import cfg
+from learners.conf.db_models import TokenBlocklist
+from learners.database import db
+
+jwt = JWTManager()
+
+
+@jwt.expired_token_loader
+def token_expired(jwt_header, jwt_payload):
+    error_msg = "Your token is expired. Please login again."
+    cfg.template["admin"] = False
+    cfg.template["authenticated"] = False
+    return render_template("login.html", **cfg.template, error=error_msg)
+
+
+@jwt.invalid_token_loader
+def token_invalid(jwt_payload):
+    error_msg = "Your token is invalid."
+    cfg.template["admin"] = False
+    cfg.template["authenticated"] = False
+    return render_template("login.html", **cfg.template, error=error_msg)
+
+
+@jwt.token_verification_loader
+def token_valid(jwt_header, jwt_data):
+    cfg.template["authenticated"] = True
+    return jwt_data
+
+
+@jwt.unauthorized_loader
+def token_missing(callback):
+    error_msg = "Authorization is missing."
+    cfg.template["admin"] = False
+    cfg.template["authenticated"] = False
+    return render_template("login.html", **cfg.template, error=error_msg)
+
+
+@jwt.token_in_blocklist_loader
+def check_if_token_revoked(jwt_header, jwt_payload):
+    try:
+        jti = jwt_payload["jti"]
+        token = db.session.query(TokenBlocklist.id).filter_by(jti=jti).scalar()
+        return token is not None
+    except Exception as e:
+        logger.exception(e)
+        return True
+
+
+@jwt.revoked_token_loader
+def token_revoked(jwt_header, jwt_payload):
+    error_msg = "Token has been revoked."
+    return render_template("login.html", **cfg.template, error=error_msg)
+
+
+def admin_required():
+    def wrapper(fn):
+        @wraps(fn)
+        def decorator(*args, **kwargs):
+            verify_jwt_in_request()
+
+            if get_jwt().get("is_admin"):
+                cfg.template["admin"] = True
+                cfg.template["authenticated"] = True
+                return fn(*args, **kwargs)
+            else:
+                error_msg = "Admins only!"
+                cfg.template["admin"] = False
+                cfg.template["authenticated"] = False
+                return render_template("login.html", **cfg.template, error=error_msg)
+
+        return decorator
+
+    return wrapper
+
+
+def init_jwt(app):
+    global jwt
+    jwt.init_app(app)

learners/jwt_manager.py

@@ -16,15 +16,15 @@ def token_expired(jwt_header, jwt_payload):
     error_msg = "Your token is expired. Please login again."
     cfg.template["admin"] = False
     cfg.template["authenticated"] = False
-    return render_template(cfg.template.get("files").get("login"), **cfg.template, error=error_msg)
+    return render_template("login.html", **cfg.template, error=error_msg)
 
 
 @jwt.invalid_token_loader
 def token_invalid(jwt_payload):
     error_msg = "Your token is invalid."
     cfg.template["admin"] = False
     cfg.template["authenticated"] = False
-    return render_template(cfg.template.get("files").get("login"), **cfg.template, error=error_msg)
+    return render_template("login.html", **cfg.template, error=error_msg)
 
 
 @jwt.token_verification_loader
@@ -38,7 +38,7 @@ def token_missing(callback):
     error_msg = "Authorization is missing."
     cfg.template["admin"] = False
     cfg.template["authenticated"] = False
-    return render_template(cfg.template.get("files").get("login"), **cfg.template, error=error_msg)
+    return render_template("login.html", **cfg.template, error=error_msg)
 
 
 @jwt.token_in_blocklist_loader
@@ -55,7 +55,7 @@ def check_if_token_revoked(jwt_header, jwt_payload):
 @jwt.revoked_token_loader
 def token_revoked(jwt_header, jwt_payload):
     error_msg = "Token has been revoked."
-    return render_template(cfg.template.get("files").get("login"), **cfg.template, error=error_msg)
+    return render_template("login.html", **cfg.template, error=error_msg)
 
 
 def admin_required():
@@ -72,7 +72,7 @@ def decorator(*args, **kwargs):
                 error_msg = "Admins only!"
                 cfg.template["admin"] = False
                 cfg.template["authenticated"] = False
-                return render_template(cfg.template.get("files").get("login"), **cfg.template, error=error_msg)
+                return render_template("login.html", **cfg.template, error=error_msg)
 
         return decorator
 

learners/routes/admin.py

@@ -31,9 +31,7 @@ def admin_area():
     exercises_filter.extend({"id": exercise.name, "name": exercise.title} for exercise in exercises)
 
     results_table = construct_results_table(exercises, users)
-    return render_template(
-        cfg.template.get("files").get("results"), exercises=exercises_filter, users=user_filter, table=results_table, **cfg.template
-    )
+    return render_template("results.html", exercises=exercises_filter, users=user_filter, table=results_table, **cfg.template)
 
 
 @admin_api.route("/result/<user_id>/<exercise_name>", methods=["GET"])
@@ -58,6 +56,4 @@ def get_exercise_result(user_id, exercise_name):
 
     data["history"] = extract_history(executions) if executions else None
 
-    return render_template(
-        cfg.template.get("files").get("result_details"), user=user.name, exercise=exercise.title, data=data, **cfg.template
-    )
+    return render_template("result_details.html", user=user.name, exercise=exercise.title, data=data, **cfg.template)

learners/routes/authentication.py

@@ -17,16 +17,16 @@ def login():
         try:
             verify_jwt_in_request()
             success_msg = f"Logged in as {get_jwt_identity()}."
-            return render_template(cfg.template.get("files").get("login"), **cfg.template, success=True, success_msg=success_msg)
+            return render_template("login.html", **cfg.template, success=True, success_msg=success_msg)
         except Exception:
-            return render_template(cfg.template.get("files").get("login"), **cfg.template)
+            return render_template("login.html", **cfg.template)
 
     username = request.form.get("username", None)
     password = request.form.get("password", None)
 
     if not check_password(cfg.users, username, password):
         error_msg = "Invalid username or password"
-        return render_template(cfg.template.get("files").get("login"), **cfg.template, error=error_msg)
+        return render_template("login.html", **cfg.template, error=error_msg)
 
     admin = cfg.users.get(username).get("is_admin")
     cfg.template["admin"] = admin
@@ -48,4 +48,4 @@ def modify_token():
     db.session.commit()
     success_msg = "Successfully logged out."
     cfg.template["authenticated"] = False
-    return render_template(cfg.template.get("files").get("login"), **cfg.template, success_msg=success_msg)
+    return render_template("login.html", **cfg.template, success_msg=success_msg)

learners/routes/interface.py

@@ -30,4 +30,4 @@ def access():
                 )
             cfg.template["vnc_clients"][client].setdefault("url", auth_url)
 
-    return render_template(cfg.template.get("files").get("index"), **cfg.template)
+    return render_template("index.html", **cfg.template)