Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

增加ssh私钥文件过期的功能,可自定义每个用户的过期时间,并有过期提醒。 #263

Closed
wants to merge 2 commits into from
Closed

增加ssh私钥文件过期的功能,可自定义每个用户的过期时间,并有过期提醒。 #263

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
18edb14
Update:
foreveryan Jun 16, 2016
0d7e79c
Update connect.py
foreveryan Aug 15, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 8 additions & 0 deletions connect.py
View file
Open in desktop
Expand Up @@ -760,6 +760,14 @@ def main():
if not login_user.is_active:
color_print('您的用户已禁用,请联系管理员.', exits=True)

if login_user.ssh_key_expired_days != 0:
key_last_day = login_user.ssh_key_create_time + datetime.timedelta(days=login_user.ssh_key_expired_days)
key_over_time = (key_last_day - datetime.datetime.now()).days
if -1 < key_over_time < 6:
color_print('您的私钥将于 %s 过期,离过期还剩:%s 天,请务必在过期前登陆Web界面更换新的私钥。' % (key_last_day,key_over_time))
elif key_over_time < 0:
color_print('您的私钥已过期,请登陆Web界面重新生成新私钥.', exits=True)

gid_pattern = re.compile(r'^g\d+$')
nav = Nav(login_user)
nav.print_nav()
Expand Down
2 changes: 2 additions & 0 deletions juser/models.py
View file
Open in desktop
Expand Up @@ -28,6 +28,8 @@ class User(AbstractUser):
# is_active = models.BooleanField(default=True)
# last_login = models.DateTimeField(null=True)
# date_joined = models.DateTimeField(null=True)
ssh_key_create_time = models.DateTimeField(null=True)
ssh_key_expired_days = models.CharField(max_length=80)

def __unicode__(self):
return self.username
Expand Down
10 changes: 8 additions & 2 deletions juser/views.py
View file
Open in desktop
Expand Up @@ -154,6 +154,7 @@ def user_add(request):
extra = request.POST.getlist('extra', [])
is_active = False if '0' in extra else True
send_mail_need = True if '1' in extra else False
ssh_key_expired_days = request.POST.get('ssh_key_expired_days', '')

try:
if '' in [username, password, ssh_key_pwd, name, role]:
Expand All @@ -174,7 +175,9 @@ def user_add(request):
groups=groups, admin_groups=admin_groups,
ssh_key_pwd=ssh_key_pwd,
is_active=is_active,
date_joined=datetime.datetime.now())
date_joined=datetime.datetime.now(),
ssh_key_create_time=datetime.datetime.now(),
ssh_key_expired_days=ssh_key_expired_days)
server_add_user(username=username, ssh_key_pwd=ssh_key_pwd)
user = get_object(User, username=username)
if groups:
Expand Down Expand Up @@ -361,6 +364,7 @@ def user_edit(request):
extra = request.POST.getlist('extra', [])
is_active = True if '0' in extra else False
email_need = True if '1' in extra else False
ssh_key_expired_days = request.POST.get('ssh_key_expired_days', '')
user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}

if user_id:
Expand All @@ -375,7 +379,8 @@ def user_edit(request):
groups=groups,
admin_groups=admin_groups,
role=role_post,
is_active=is_active)
is_active=is_active,
ssh_key_expired_days=ssh_key_expired_days)

if email_need:
msg = u"""
Expand Down Expand Up @@ -440,6 +445,7 @@ def regen_ssh_key(request):
username = user.username
ssh_key_pass = PyCrypt.gen_rand_pass(16)
gen_ssh_key(username, ssh_key_pass)
User.objects.filter(uuid=uuid_r).update(ssh_key_pwd=ssh_key_pass, ssh_key_create_time=datetime.datetime.now())
return HttpResponse('ssh密钥已生成,密码为 %s, 请到下载页面下载' % ssh_key_pass)


Expand Down
9 changes: 8 additions & 1 deletion templates/juser/user_add.html
View file
Open in desktop
Expand Up @@ -93,6 +93,13 @@ <h5>填写基本信息</h5>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="ssh_key_expired_days" class="col-sm-2 control-label">用户私钥过期时间<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="ssh_key_expired_days" name="ssh_key_expired_days" type="ssh_key_expired_days" placeholder="0:不过期;45:45天(建议值)" class="form-control" {% if error %}value="{{ email }}" {% endif %}>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"><label class="col-sm-2 control-label">其它</label>
<div class="col-sm-2">
<div class="checkbox i-checks">
Expand Down Expand Up @@ -174,4 +181,4 @@ <h5>填写基本信息</h5>
{#})#}

</script>
{% endblock %}
{% endblock %}
14 changes: 13 additions & 1 deletion templates/juser/user_detail.html
View file
Open in desktop
Expand Up @@ -84,6 +84,18 @@
</table>
</td>
</tr>
<tr>
<td class="text-navy">用户私钥生成时间</td>
<td>
{{ user.ssh_key_create_time |date:"Y-m-d H:i:s" }}
</td>
</tr>
<tr>
<td class="text-navy">私钥有效天数</td>
<td>
{{ user.ssh_key_expired_days }} 天
</td>
</tr>
<tr>
<td class="text-navy">授权主机数量</td>
<td>
Expand Down Expand Up @@ -240,4 +252,4 @@ <h5>登录记录</h5>
</script>


{% endblock %}
{% endblock %}
9 changes: 8 additions & 1 deletion templates/juser/user_edit.html
View file
Open in desktop
Expand Up @@ -108,6 +108,13 @@ <h5>编辑用户信息</h5>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="ssh_key_expired_days" class="col-sm-2 control-label">用户私钥过期时间<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="ssh_key_expired_days" name="ssh_key_expired_days" type="ssh_key_expired_days" placeholder="Ssh_key_expired_days" class="form-control" value="{{ user.ssh_key_expired_days }}">
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"><label class="col-sm-2 control-label">额外</label>
<div class="col-sm-2">
<div class="checkbox i-checks">
Expand Down Expand Up @@ -179,4 +186,4 @@ <h5>编辑用户信息</h5>
})
})
</script>
{% endblock %}
{% endblock %}