mirror of
https://github.com/mofeng-git/One-KVM.git
synced 2026-01-29 00:51:53 +08:00
mofeng-git
@@ -31,8 +31,6 @@ import pygments
|
||||
import pygments.lexers.data
|
||||
import pygments.formatters
|
||||
|
||||
from gettext import translation
|
||||
|
||||
from .. import tools
|
||||
|
||||
from ..mouse import MouseRange
|
||||
@@ -105,7 +103,6 @@ from ..validators.hw import valid_otg_gadget
|
||||
from ..validators.hw import valid_otg_id
|
||||
from ..validators.hw import valid_otg_ethernet
|
||||
|
||||
from ..lanuages import Lanuages
|
||||
|
||||
# =====
|
||||
def init(
|
||||
@@ -127,16 +124,15 @@ def init(
|
||||
add_help=add_help,
|
||||
formatter_class=argparse.ArgumentDefaultsHelpFormatter,
|
||||
)
|
||||
_ = translation(domain="message",localedir="/kvmd/i18n",languages=["zh"]).gettext
|
||||
parser.add_argument("-c", "--config", default="/etc/kvmd/main.yaml", type=valid_abs_file,
|
||||
help=_("Set config file path"), metavar="<file>")
|
||||
help="Set config file path", metavar="<file>")
|
||||
parser.add_argument("-o", "--set-options", default=[], nargs="+",
|
||||
help=_("Override config options list (like sec/sub/opt=value)"), metavar="<k=v>",)
|
||||
help="Override config options list (like sec/sub/opt=value)", metavar="<k=v>",)
|
||||
parser.add_argument("-m", "--dump-config", action="store_true",
|
||||
help=_("View current configuration (include all overrides)"))
|
||||
help="View current configuration (include all overrides)")
|
||||
if check_run:
|
||||
parser.add_argument("--run", dest="run", action="store_true",
|
||||
help=_("Run the service"))
|
||||
help="Run the service")
|
||||
(options, remaining) = parser.parse_known_args(argv)
|
||||
|
||||
if options.dump_config:
|
||||
@@ -162,7 +158,10 @@ def init(
|
||||
|
||||
if check_run and not options.run:
|
||||
raise SystemExit(
|
||||
_("To prevent accidental startup, you must specify the --run option to start.\n")+_("Try the --help option to find out what this service does.\n")+_("Make sure you understand exactly what you are doing!"))
|
||||
"To prevent accidental startup, you must specify the --run option to start.\n"
|
||||
"Try the --help option to find out what this service does.\n"
|
||||
"Make sure you understand exactly what you are doing!"
|
||||
)
|
||||
|
||||
return (parser, remaining, config)
|
||||
|
||||
|
||||
@@ -23,8 +23,6 @@
|
||||
import secrets
|
||||
import pyotp
|
||||
|
||||
from gettext import translation
|
||||
|
||||
from ...logging import get_logger
|
||||
|
||||
from ... import aiotools
|
||||
@@ -51,26 +49,26 @@ class AuthManager:
|
||||
|
||||
totp_secret_path: str,
|
||||
) -> None:
|
||||
_ = translation(domain="message",localedir="/kvmd/i18n",languages=["zh"]).gettext
|
||||
|
||||
self.__enabled = enabled
|
||||
if not enabled:
|
||||
get_logger().warning(_("AUTHORIZATION IS DISABLED"))
|
||||
get_logger().warning("AUTHORIZATION IS DISABLED")
|
||||
|
||||
self.__unauth_paths = frozenset(unauth_paths) # To speed up
|
||||
for path in self.__unauth_paths:
|
||||
get_logger().warning(_("Authorization is disabled for API %r"), path)
|
||||
get_logger().warning("Authorization is disabled for API %r", path)
|
||||
|
||||
self.__internal_service: (BaseAuthService | None) = None
|
||||
if enabled:
|
||||
self.__internal_service = get_auth_service_class(internal_type)(**internal_kwargs)
|
||||
get_logger().info(_("Using internal auth service %r"), self.__internal_service.get_plugin_name())
|
||||
get_logger().info("Using internal auth service %r", self.__internal_service.get_plugin_name())
|
||||
|
||||
self.__force_internal_users = force_internal_users
|
||||
|
||||
self.__external_service: (BaseAuthService | None) = None
|
||||
if enabled and external_type:
|
||||
self.__external_service = get_auth_service_class(external_type)(**external_kwargs)
|
||||
get_logger().info(_("Using external auth service %r"), self.__external_service.get_plugin_name())
|
||||
get_logger().info("Using external auth service %r", self.__external_service.get_plugin_name())
|
||||
|
||||
self.__totp_secret_path = totp_secret_path
|
||||
|
||||
@@ -98,7 +96,7 @@ class AuthManager:
|
||||
if secret:
|
||||
code = passwd[-6:]
|
||||
if not pyotp.TOTP(secret).verify(code):
|
||||
get_logger().error(_("Got access denied for user %r by TOTP"), user)
|
||||
get_logger().error("Got access denied for user %r by TOTP", user)
|
||||
return False
|
||||
passwd = passwd[:-6]
|
||||
|
||||
@@ -109,9 +107,9 @@ class AuthManager:
|
||||
|
||||
ok = (await service.authorize(user, passwd))
|
||||
if ok:
|
||||
get_logger().info(_("Authorized user %r via auth service %r"), user, service.get_plugin_name())
|
||||
get_logger().info("Authorized user %r via auth service %r", user, service.get_plugin_name())
|
||||
else:
|
||||
get_logger().error(_("Got access denied for user %r from auth service %r"), user, service.get_plugin_name())
|
||||
get_logger().error("Got access denied for user %r from auth service %r", user, service.get_plugin_name())
|
||||
return ok
|
||||
|
||||
async def login(self, user: str, passwd: str) -> (str | None):
|
||||
@@ -121,7 +119,7 @@ class AuthManager:
|
||||
if (await self.authorize(user, passwd)):
|
||||
token = self.__make_new_token()
|
||||
self.__tokens[token] = user
|
||||
get_logger().info(_("Logged in user %r"), user)
|
||||
get_logger().info("Logged in user %r", user)
|
||||
return token
|
||||
else:
|
||||
return None
|
||||
@@ -131,7 +129,7 @@ class AuthManager:
|
||||
token = secrets.token_hex(32)
|
||||
if token not in self.__tokens:
|
||||
return token
|
||||
raise AssertionError(_("Can't generate new unique token"))
|
||||
raise AssertionError("Can't generate new unique token")
|
||||
|
||||
def logout(self, token: str) -> None:
|
||||
assert self.__enabled
|
||||
@@ -142,7 +140,7 @@ class AuthManager:
|
||||
if r_user == user:
|
||||
count += 1
|
||||
del self.__tokens[r_token]
|
||||
get_logger().info(_("Logged out user %r (%d)"), user, count)
|
||||
get_logger().info("Logged out user %r (%d)", user, count)
|
||||
|
||||
def check(self, token: str) -> (str | None):
|
||||
assert self.__enabled
|
||||
|
||||
Reference in New Issue
Block a user