nahakubuilder/winauthmon-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix issue with removing account if it created some API Key

Browse Source
This commit is contained in:
ghostersk
2025-05-27 11:21:58 +01:00
parent cb9b50bd9b
commit 510501ce7e
12 changed files with 236 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+3 -2
View File
@@ -1,5 +1,6 @@
# Domain Login Monitoring System - Application Information
# User Login Monitoring System - Application Information
- for Windows
- created with AI
## **Overview**
A login monitoring system built with Flask that tracks user authentication events across Windows domains. Features multi-tenancy support.
Windows monitoring agent:
app.py
+5 -2
View File
@@ -1,6 +1,7 @@
from flask import Flask, session, request, send_from_directory, render_template
from asgiref.wsgi import WsgiToAsgi
from extensions import db, bcrypt, login_manager, get_env_var
from flask_migrate import Migrate
from auth.models import User, Settings, ApiKey
import ssl
import logging
@@ -37,6 +38,9 @@ logger = logging.getLogger(__name__)
app = Flask(__name__)
# Add Migrate after app initialization
migrate = Migrate(app, db)
# Configure WSGI middleware for reverse proxy support (Traefik)
proxy_count = config.getint('proxy', 'PROXY_COUNT', fallback=1)
trust_x_forwarded_for = config.getboolean('proxy', 'TRUST_X_FORWARDED_FOR', fallback=True)
@@ -237,8 +241,7 @@ def init_app():
# Create initial API key for admin
api_key = ApiKey(
key=ApiKey.generate_key(),
description="Initial Admin API Key",
user_id=admin.id
description="Initial Admin API Key"
)
db.session.add(api_key)
auth/models.py
-2
View File
@@ -56,7 +56,6 @@ class User(db.Model, UserMixin):
mfa_secret = db.Column(db.String(32))
mfa_enabled = db.Column(db.Boolean, default=False)
mfa_required = db.Column(db.Boolean, default=None) # None=inherit from global, True=required, False=not required
api_keys = db.relationship('ApiKey', backref='user', lazy=True)
# User-company relationship
companies = db.relationship('UserCompany', back_populates='user')
@@ -119,7 +118,6 @@ class ApiKey(db.Model):
created_at = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
last_used = db.Column(db.DateTime)
is_active = db.Column(db.Boolean, default=True) # New field to control API key status
user_id = db.Column(db.Integer, db.ForeignKey('app_auth_users.id'), nullable=False)
company_id = db.Column(db.Integer, db.ForeignKey('app_auth_companies.id'), nullable=True)
@staticmethod
auth/routes.py
-1
View File
@@ -1354,7 +1354,6 @@ def create_company_api_key(company_id):
api_key = ApiKey(
key=ApiKey.generate_key(),
description=description,
user_id=current_user.id,
company_id=company_id
)
db.session.add(api_key)
info.txt
+5
View File
@@ -0,0 +1,5 @@
# Migration - remove user_id from ApiKey:
pip install Flask-Migrate
python -m flask db init
python -m flask db migrate -m "Remove user_id from ApiKey"
python -m flask db upgrade
migrations/README
+1
View File
@@ -0,0 +1 @@
Single-database configuration for Flask.
migrations/alembic.ini
+50
View File
@@ -0,0 +1,50 @@
# A generic, single database configuration.
[alembic]
# template used to generate migration files
# file_template = %%(rev)s_%%(slug)s
# set to 'true' to run the environment during
# the 'revision' command, regardless of autogenerate
# revision_environment = false
# Logging configuration
[loggers]
keys = root,sqlalchemy,alembic,flask_migrate
[handlers]
keys = console
[formatters]
keys = generic
[logger_root]
level = WARN
handlers = console
qualname =
[logger_sqlalchemy]
level = WARN
handlers =
qualname = sqlalchemy.engine
[logger_alembic]
level = INFO
handlers =
qualname = alembic
[logger_flask_migrate]
level = INFO
handlers =
qualname = flask_migrate
[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = generic
[formatter_generic]
format = %(levelname)-5.5s [%(name)s] %(message)s
datefmt = %H:%M:%S
migrations/env.py
+113
View File
@@ -0,0 +1,113 @@
import logging
from logging.config import fileConfig
from flask import current_app
from alembic import context
# this is the Alembic Config object, which provides
# access to the values within the .ini file in use.
config = context.config
# Interpret the config file for Python logging.
# This line sets up loggers basically.
fileConfig(config.config_file_name)
logger = logging.getLogger('alembic.env')
def get_engine():
try:
# this works with Flask-SQLAlchemy<3 and Alchemical
return current_app.extensions['migrate'].db.get_engine()
except (TypeError, AttributeError):
# this works with Flask-SQLAlchemy>=3
return current_app.extensions['migrate'].db.engine
def get_engine_url():
try:
return get_engine().url.render_as_string(hide_password=False).replace(
'%', '%%')
except AttributeError:
return str(get_engine().url).replace('%', '%%')
# add your model's MetaData object here
# for 'autogenerate' support
# from myapp import mymodel
# target_metadata = mymodel.Base.metadata
config.set_main_option('sqlalchemy.url', get_engine_url())
target_db = current_app.extensions['migrate'].db
# other values from the config, defined by the needs of env.py,
# can be acquired:
# my_important_option = config.get_main_option("my_important_option")
# ... etc.
def get_metadata():
if hasattr(target_db, 'metadatas'):
return target_db.metadatas[None]
return target_db.metadata
def run_migrations_offline():
"""Run migrations in 'offline' mode.
This configures the context with just a URL
and not an Engine, though an Engine is acceptable
here as well. By skipping the Engine creation
we don't even need a DBAPI to be available.
Calls to context.execute() here emit the given string to the
script output.
"""
url = config.get_main_option("sqlalchemy.url")
context.configure(
url=url, target_metadata=get_metadata(), literal_binds=True
)
with context.begin_transaction():
context.run_migrations()
def run_migrations_online():
"""Run migrations in 'online' mode.
In this scenario we need to create an Engine
and associate a connection with the context.
"""
# this callback is used to prevent an auto-migration from being generated
# when there are no changes to the schema
# reference: http://alembic.zzzcomputing.com/en/latest/cookbook.html
def process_revision_directives(context, revision, directives):
if getattr(config.cmd_opts, 'autogenerate', False):
script = directives[0]
if script.upgrade_ops.is_empty():
directives[:] = []
logger.info('No changes in schema detected.')
conf_args = current_app.extensions['migrate'].configure_args
if conf_args.get("process_revision_directives") is None:
conf_args["process_revision_directives"] = process_revision_directives
connectable = get_engine()
with connectable.connect() as connection:
context.configure(
connection=connection,
target_metadata=get_metadata(),
**conf_args
)
with context.begin_transaction():
context.run_migrations()
if context.is_offline_mode():
run_migrations_offline()
else:
run_migrations_online()
migrations/script.py.mako
+24
View File
@@ -0,0 +1,24 @@
"""${message}
Revision ID: ${up_revision}
Revises: ${down_revision | comma,n}
Create Date: ${create_date}
"""
from alembic import op
import sqlalchemy as sa
${imports if imports else ""}
# revision identifiers, used by Alembic.
revision = ${repr(up_revision)}
down_revision = ${repr(down_revision)}
branch_labels = ${repr(branch_labels)}
depends_on = ${repr(depends_on)}
def upgrade():
${upgrades if upgrades else "pass"}
def downgrade():
${downgrades if downgrades else "pass"}
migrations/versions/4b74b8a01154_remove_user_id_from_apikey.py
+34
View File
@@ -0,0 +1,34 @@
"""Remove user_id from ApiKey
Revision ID: 4b74b8a01154
Revises:
Create Date: 2025-05-27 11:13:02.044857
"""
from alembic import op
import sqlalchemy as sa
# revision identifiers, used by Alembic.
revision = '4b74b8a01154'
down_revision = None
branch_labels = None
depends_on = None
def upgrade():
# SQLite doesn't enforce foreign key constraints by default
# So we can just drop the column
with op.batch_alter_table('app_auth_api_keys', schema=None) as batch_op:
batch_op.drop_column('user_id')
# ### end Alembic commands ###
def downgrade():
# ### commands auto generated by Alembic - please adjust! ###
with op.batch_alter_table('app_auth_api_keys', schema=None) as batch_op:
batch_op.add_column(sa.Column('user_id', sa.INTEGER(), nullable=False))
batch_op.create_foreign_key('fk_api_keys_user_id', 'app_auth_users', ['user_id'], ['id'])
# ### end Alembic commands ###
templates/auth/company_api_keys.html
-2
View File
@@ -45,7 +45,6 @@
<th>Key</th>
<th>Created</th>
<th>Last Used</th>
<th>Created By</th>
<th>Actions</th>
</tr>
</thead>
@@ -63,7 +62,6 @@
</td>
<td>{{ api_key.created_at.strftime('%Y-%m-%d %H:%M:%S') }}</td>
<td>{{ api_key.last_used.strftime('%Y-%m-%d %H:%M:%S') if api_key.last_used else 'Never' }}</td>
<td>{{ api_key.user.username }}</td>
<td>
<form action="{{ url_for('auth.delete_company_api_key', company_id=company.id, key_id=api_key.id) }}" method="POST"
style="display:inline" onsubmit="return confirm('Are you sure you want to delete this API key?');">
templates/base.html
+1 -1
View File
@@ -5,7 +5,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="csrf-token" content="{{ csrf_token() }}">
{% block supertitle %}{% endblock %}
<title>Domain Logon Monitor - {% block title %}{% endblock %}</title>
<title>Logon Monitor - {% block title %}{% endblock %}</title>
<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
<link href="{{ url_for('static', filename='css/custom.css') }}" rel="stylesheet">
<link rel="shortcut icon" href="{{ url_for('static', filename='img/favicon.png') }}">