Add in proper passord check lib, show results in form

2025-07-20 15:46:25 +01:00
parent 0127326b77
commit 2dae8b0ece
10 changed files with 1023 additions and 623 deletions
--- a/python-flask/smeserver-password-app/install.sh
+++ b/python-flask/smeserver-password-app/install.sh
@@ -1,19 +1,19 @@
 #!/bin/bash
-# Enhanced SME Server Password Change Application Installation Script
+# Corrected SME Server Password Change Application Installation Script
 # Compatible with Python 3.6.8 and Flask 2.0.3
-# Features: Configurable password strength, visibility toggles, real-time validation
+# Features: Correct DB structure (Users/Admin/Ibays), zxcvbn validation, visibility toggles

 set -e

 # Configuration
-APP_NAME="smeserver-password-app-enhanced"
+APP_NAME="smeserver-password-app-corrected"
 APP_DIR="/opt/$APP_NAME"
-SERVICE_NAME="smeserver-password-enhanced"
+SERVICE_NAME="smeserver-password-corrected"
 SERVICE_PORT=5000
 PYTHON_BIN="/usr/bin/python3"

-echo "Installing Enhanced SME Server Password Change Application..."
-echo "Features: Configurable strength, password visibility, real-time validation"
+echo "Installing Corrected SME Server Password Change Application..."
+echo "Features: Correct DB structure, zxcvbn validation, password visibility toggles"

 # Check if running as root
 if [ "$EUID" -ne 0 ]; then
@@ -48,7 +48,7 @@ echo "Creating application directory..."
 mkdir -p "$APP_DIR"

 # Copy application files
-echo "Copying enhanced application files..."
+echo "Copying corrected application files..."
 cp -r ./* "$APP_DIR/"

 # Set permissions
@@ -58,41 +58,58 @@ chmod +x "$APP_DIR/app.py"
 chmod +x "$APP_DIR/demo_mode.py"
 chmod +x "$APP_DIR/install.sh"

-# Install Python dependencies compatible with Python 3.6.8
-echo "Installing Python dependencies (Enhanced version)..."
+# Install Python dependencies including zxcvbn
+echo "Installing Python dependencies (including zxcvbn)..."
 if command -v pip3 &> /dev/null; then
-    pip3 install Flask==2.0.3 Flask-CORS==3.0.10 Werkzeug==2.0.3
+    pip3 install Flask==2.0.3 Flask-CORS==3.0.10 Werkzeug==2.0.3 zxcvbn==4.4.28
 elif command -v yum &> /dev/null; then
    yum install -y python3-pip
-    pip3 install Flask==2.0.3 Flask-CORS==3.0.10 Werkzeug==2.0.3
+    pip3 install Flask==2.0.3 Flask-CORS==3.0.10 Werkzeug==2.0.3 zxcvbn==4.4.28
 else
    echo "Warning: Could not install Python dependencies automatically"
-    echo "Please install Flask 2.0.3 and Flask-CORS 3.0.10 manually"
+    echo "Please install Flask 2.0.3, Flask-CORS 3.0.10, and zxcvbn 4.4.28 manually"
 fi

-# Initialize password strength setting if not exists
-echo "Initializing password strength configuration..."
+# Verify correct passwordstrength database structure
+echo "Verifying passwordstrength database structure..."
 if command -v db &> /dev/null; then
-    # Check if passwordstrength entry exists
-    if ! db configuration show passwordstrength &> /dev/null; then
-        echo "Creating passwordstrength configuration entry..."
-        db configuration set passwordstrength service
-        db configuration setprop passwordstrength Passwordstrength normal
-        echo "Password strength set to 'normal' (default)"
+    # Check if passwordstrength entry exists with correct structure
+    if db configuration show passwordstrength &> /dev/null; then
+        echo "Existing passwordstrength configuration found:"
+        db configuration show passwordstrength
+        
+        # Check for Users, Admin, Ibays properties
+        USERS_SETTING=$(db configuration getprop passwordstrength Users 2>/dev/null || echo "")
+        ADMIN_SETTING=$(db configuration getprop passwordstrength Admin 2>/dev/null || echo "")
+        IBAYS_SETTING=$(db configuration getprop passwordstrength Ibays 2>/dev/null || echo "")
+        
+        if [ -z "$USERS_SETTING" ] || [ -z "$ADMIN_SETTING" ] || [ -z "$IBAYS_SETTING" ]; then
+            echo "Warning: passwordstrength database structure may be incomplete"
+            echo "Expected structure:"
+            echo "  passwordstrength=configuration"
+            echo "    Admin=strong"
+            echo "    Ibays=strong"
+            echo "    Users=strong"
+        else
+            echo "✓ Correct passwordstrength structure detected:"
+            echo "  Users: $USERS_SETTING"
+            echo "  Admin: $ADMIN_SETTING"
+            echo "  Ibays: $IBAYS_SETTING"
+        fi
    else
-        CURRENT_STRENGTH=$(db configuration getprop passwordstrength Passwordstrength 2>/dev/null || echo "normal")
-        echo "Existing password strength setting: $CURRENT_STRENGTH"
+        echo "Warning: passwordstrength configuration not found"
+        echo "The application will work but may not reflect actual SME Server settings"
    fi
 else
    echo "Warning: SME Server database tools not available"
-    echo "Password strength will default to 'normal' in demo mode"
+    echo "Password strength will use demo mode defaults"
 fi

 # Create systemd service file
-echo "Creating enhanced systemd service..."
+echo "Creating corrected systemd service..."
 cat > "/etc/systemd/system/$SERVICE_NAME.service" << EOF
 [Unit]
-Description=Enhanced SME Server Password Change Web Application
+Description=Corrected SME Server Password Change Web Application
 After=network.target

 [Service]
@@ -110,12 +127,12 @@ WantedBy=multi-user.target
 EOF

 # Reload systemd and enable service
-echo "Enabling enhanced service..."
+echo "Enabling corrected service..."
 systemctl daemon-reload
 systemctl enable "$SERVICE_NAME"

 # Start the service
-echo "Starting enhanced service..."
+echo "Starting corrected service..."
 systemctl start "$SERVICE_NAME"

 # Wait a moment for service to start
@@ -124,14 +141,14 @@ sleep 3
 # Check service status
 if systemctl is-active --quiet "$SERVICE_NAME"; then
    echo ""
-    echo "✓ Enhanced SME Server Password Change Application installed successfully!"
+    echo "✓ Corrected SME Server Password Change Application installed successfully!"
    echo ""
    echo "🔒 Features Available:"
-    echo "  ✓ Configurable password strength validation (None/Normal/Strong)"
+    echo "  ✓ Correct SME Server database structure (Users/Admin/Ibays)"
+    echo "  ✓ External zxcvbn password validation library"
    echo "  ✓ Password visibility toggles for all password fields"
    echo "  ✓ Real-time password strength indicator"
-    echo "  ✓ Admin configuration panel"
-    echo "  ✓ Enhanced crypto validation and pattern detection"
+    echo "  ✓ Admin configuration panel for all account types"
    echo "  ✓ Python 3.6.8 and Flask 2.0.3 compatibility"
    echo ""
    echo "🌐 Access URLs:"
@@ -139,11 +156,23 @@ if systemctl is-active --quiet "$SERVICE_NAME"; then
    echo "  Admin Panel:      http://your-server-ip:$SERVICE_PORT/admin"
    echo "  Health Check:     http://your-server-ip:$SERVICE_PORT/health"
    echo ""
-    echo "⚙️ Configuration:"
+    echo "⚙️ Database Structure:"
    if command -v db &> /dev/null; then
-        CURRENT_STRENGTH=$(db configuration getprop passwordstrength Passwordstrength 2>/dev/null || echo "normal")
-        echo "  Current password strength: $CURRENT_STRENGTH"
-        echo "  Change via admin panel or: db configuration setprop passwordstrength Passwordstrength [none|normal|strong]"
+        echo "  Current passwordstrength settings:"
+        if db configuration show passwordstrength &> /dev/null; then
+            USERS_SETTING=$(db configuration getprop passwordstrength Users 2>/dev/null || echo "not set")
+            ADMIN_SETTING=$(db configuration getprop passwordstrength Admin 2>/dev/null || echo "not set")
+            IBAYS_SETTING=$(db configuration getprop passwordstrength Ibays 2>/dev/null || echo "not set")
+            echo "    Users: $USERS_SETTING"
+            echo "    Admin: $ADMIN_SETTING"
+            echo "    Ibays: $IBAYS_SETTING"
+        else
+            echo "    passwordstrength configuration not found"
+        fi
+        echo "  Configure via admin panel or:"
+        echo "    db configuration setprop passwordstrength Users [none|normal|strong]"
+        echo "    db configuration setprop passwordstrength Admin [none|normal|strong]"
+        echo "    db configuration setprop passwordstrength Ibays [none|normal|strong]"
    else
        echo "  Use admin panel to configure password strength levels"
    fi
@@ -155,15 +184,15 @@ if systemctl is-active --quiet "$SERVICE_NAME"; then
    echo "  Restart: systemctl restart $SERVICE_NAME"
    echo ""
    echo "🧪 Testing:"
-    echo "  Demo mode: python3 $APP_DIR/demo_mode.py (runs on port 5002)"
+    echo "  Demo mode: python3 $APP_DIR/demo_mode.py (runs on port 5003)"
    echo ""
 else
-    echo "✗ Failed to start enhanced service"
+    echo "✗ Failed to start corrected service"
    echo "Check logs with: journalctl -u $SERVICE_NAME"
    echo "Check if port $SERVICE_PORT is available: netstat -tlnp | grep $SERVICE_PORT"
    exit 1
 fi

-echo "Enhanced SME Server Password Change Application installation completed!"
-echo "Enjoy the new configurable password strength and visibility features!"
+echo "Corrected SME Server Password Change Application installation completed!"
+echo "Now using the correct database structure and zxcvbn validation library!"