123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 |
- import os
- import base64
- import hvac
- from flask import (
- Blueprint,
- render_template,
- flash,
- redirect,
- url_for,
- current_app,
- jsonify
- )
- from flask_nav.elements import Navbar, View
- from .forms import DataForm
- from .nav import nav
- frontend = Blueprint("frontend", __name__)
- nav.register_element(
- "frontend_top",
- Navbar(
- View("Cubbyshare", ".index"),
- View("Home", ".index"),
- View("About", ".about")
- ),
- )
- @frontend.route("/", defaults={"path": ""})
- @frontend.route("/<path:path>")
- def index(path):
- if not path:
- form = DataForm()
- return render_template("index.html", form=form, data="")
- if current_app.debug:
- result_url = url_for(
- '.get_data', path=path
- )
- else:
- result_url = url_for(
- '.get_data', path=path, _external=True, _scheme='https'
- )
- return render_template(
- "index.html",
- form="",
- result_url=result_url
- )
- @frontend.route("/_get_data/<path:path>")
- def get_data(path):
- token = path
- if not token:
- return redirect(url_for(".index"))
- if current_app.debug:
- secret = "123\n123"
- else:
- vault_uri = os.environ.get("VAULT_URI", None)
- if not vault_uri:
- flash("Missing VAULT_URI")
- return redirect(url_for(".index"))
- try:
- cubby = hvac.Client(url=vault_uri, token=token)
- result = cubby.read("cubbyhole/%s" % token)
- except hvac.exceptions.Forbidden:
- return jsonify(result="link expired")
- secret = base64.b64decode(result["data"]["wrap"]).decode()
- return jsonify(result=secret)
- @frontend.route("/add", methods=["POST"])
- def add_entry():
- form = DataForm()
- if form.validate_on_submit():
- secret_data = base64.b64encode(form.secrets.data.encode()).decode()
- root_token = current_app.get_token()
- if current_app.debug:
- token_id="0000"
- else:
- vault_uri = os.environ.get("VAULT_URI", None)
- if not vault_uri:
- flash("Missing VAULT_URI")
- return redirect(url_for(".index"))
- vault = hvac.Client(url=vault_uri, token=root_token)
- token = vault.create_token(
- lease="24h",
- num_uses=2,
- renewable=False,
- no_default_policy=True,
- )
- token_id = token["auth"]["client_token"]
- cubby = hvac.Client(url=vault_uri, token=token_id)
- cubby.write("cubbyhole/%s" % token_id, wrap=secret_data)
- flash("Successfully saved")
- return render_template("success.html", token=token_id)
- else:
- for error_field, error_message in form.errors.items():
- flash(
- "Field : {field}; error : {error}".format(
- field=error_field, error=error_message
- )
- )
- return redirect(url_for(".index"))
- @frontend.route("/about")
- def about():
- return render_template("about.html")
|