This commit is contained in:
parent
11e5b6e023
commit
f49cb3d6f3
4 changed files with 14 additions and 6 deletions
|
|
@ -6,6 +6,7 @@ All configuration is handled through environment variables.
|
|||
|
||||
| Name | Default | Description |
|
||||
|---------------------------------|-------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
|
||||
| `HMDOORIS_ALLOWED_IPS` | - | List of IP addresses in CIDR notation that are allowed to control the locks |
|
||||
| `HMDOORIS_URL` | `http://localhost:3000` | URL of the application, used to construct links to itself |
|
||||
| `HMDOORIS_DISCOVERY_URL` | `http://localhost:8080/realms/testing/.well-known/openid-configuration` | OIDC configuration discovery URL |
|
||||
| `HMDOORIS_CLIENT_ID` | `hmdooris` | OIDC client ID |
|
||||
|
|
|
|||
|
|
@ -12,6 +12,8 @@ class AppConfig:
|
|||
"""
|
||||
Gets the config from environment variables
|
||||
"""
|
||||
self.log = logging.getLogger(__name__)
|
||||
|
||||
self.basepath = path.dirname(__file__)
|
||||
self.debug = getenv("DEBUG", None)
|
||||
self.staticpath = path.join(self.basepath, "static")
|
||||
|
|
@ -28,13 +30,17 @@ class AppConfig:
|
|||
self.ccujack_certificate_path = getenv('HMDOORIS_CCU_CERTIFICATE_PATH', None)
|
||||
self.ccujack_username = getenv('HMDOORIS_CCUJACK_USERNAME', None)
|
||||
self.ccujack_password = getenv('HMDOORIS_CCUJACK_PASSWORD', None)
|
||||
self.log = logging.getLogger(__name__)
|
||||
|
||||
if self.debug is not None and self.debug.lower not in ('0', 'f', 'false'):
|
||||
self.debug = True
|
||||
else:
|
||||
self.debug = False
|
||||
|
||||
self.allowed = []
|
||||
for a in getenv('HMDOORIS_ALLOWED_IPS', '').split(' '):
|
||||
if a != '':
|
||||
self.allowed.append(a)
|
||||
|
||||
if self.client_secret is None or self.client_secret == '':
|
||||
raise ValueError('You need to provide HMDOORIS_CLIENT_SECRET')
|
||||
if self.ccujack_url is None or self.ccujack_url == '':
|
||||
|
|
@ -45,7 +51,8 @@ class AppConfig:
|
|||
else:
|
||||
p = Path(self.ccujack_certificate_path)
|
||||
if not p.is_file():
|
||||
self.log.warning(f'Unable to read certificate file {self.ccujack_certificate_path}, certificate verification might not work')
|
||||
self.log.warning(
|
||||
f'Unable to read certificate file {self.ccujack_certificate_path}, certificate verification might not work')
|
||||
|
||||
self.oidc = {
|
||||
'client_id': self.client_id,
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class BottleHelpers:
|
|||
|
||||
def require_login(self, func: Callable) -> Callable:
|
||||
if self.group is not None:
|
||||
return self.auth.require_login(auth.require_attribute('groups', self.group)(func))
|
||||
return self.auth.require_login(self.auth.require_attribute('groups', self.group)(func))
|
||||
else:
|
||||
return self.auth.require_login(func)
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ auth = BottleOIDC(app, config={
|
|||
})
|
||||
|
||||
websocket_clients = WebSocketClients()
|
||||
bottle_helpers = BottleHelpers(auth, config.requires_group)
|
||||
bottle_helpers = BottleHelpers(auth, group=config.requires_group, allowed=config.allowed)
|
||||
update_poller = UpdatePoller(websocket_clients, ccujack, 1 if config.debug else 0.1)
|
||||
|
||||
|
||||
|
|
@ -51,12 +51,12 @@ def server_static(filepath):
|
|||
|
||||
@app.get("/")
|
||||
@jinja2_view("home.html.j2")
|
||||
@bottle_helpers.require_sourceip
|
||||
def root():
|
||||
return {}
|
||||
|
||||
@app.get("/operate")
|
||||
@bottle_helpers.require_login
|
||||
@bottle_helpers.require_sourceip
|
||||
@jinja2_view("operate.html.j2")
|
||||
def root():
|
||||
return {}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue