Initial code for password change in python flask

2025-07-16 14:13:26 +01:00
commit a6cc1b40ee
14 changed files with 1210 additions and 0 deletions
--- a/python-flask/smeserver-password-app/DEPLOYMENT.md
+++ b/python-flask/smeserver-password-app/DEPLOYMENT.md
@@ -0,0 +1,170 @@
+# SME Server Password Change Application - Deployment Guide
+
+## Overview
+This Python Flask application provides a web interface for changing user passwords on SME Server systems. It interfaces with the smeserver configuration database and uses `signal-event password-update` to properly apply password changes.
+
+## Features
+- ✅ Web interface matching the original SME Server design
+- ✅ Integration with SME Server configuration database
+- ✅ Password strength validation
+- ✅ Current password verification
+- ✅ Uses `signal-event password-update` for proper password updates
+- ✅ Responsive design for mobile and desktop
+- ✅ Error handling and security measures
+- ✅ Demo mode for testing
+
+## System Requirements
+- SME Server 10 or 11
+- Python 3.6 or higher
+- Flask and Flask-CORS Python packages
+- Root access for installation
+
+## Installation Methods
+
+### Method 1: Automated Installation (Recommended)
+1. Copy the entire application directory to your SME Server
+2. Run the installation script as root:
+   ```bash
+   sudo ./install.sh
+   ```
+3. The script will:
+   - Install Python dependencies
+   - Create a systemd service
+   - Start the application automatically
+   - Configure it to start on boot
+
+### Method 2: Manual Installation
+1. Install Python dependencies:
+   ```bash
+   pip3 install Flask==2.3.3 Flask-CORS==4.0.0
+   ```
+
+2. Copy application files to `/opt/smeserver-password-app/`
+
+3. Create systemd service file at `/etc/systemd/system/smeserver-password-web.service`:
+   ```ini
+   [Unit]
+   Description=SME Server Password Change Web Application
+   After=network.target
+
+   [Service]
+   Type=simple
+   User=root
+   WorkingDirectory=/opt/smeserver-password-app
+   Environment=FLASK_ENV=production
+   ExecStart=/usr/bin/python3 /opt/smeserver-password-app/app.py
+   Restart=always
+   RestartSec=10
+
+   [Install]
+   WantedBy=multi-user.target
+   ```
+
+4. Enable and start the service:
+   ```bash
+   systemctl daemon-reload
+   systemctl enable smeserver-password-web
+   systemctl start smeserver-password-web
+   ```
+
+## Configuration
+
+### Port Configuration
+By default, the application runs on port 5000. To change the port:
+1. Edit `app.py` and modify the port in the last line
+2. Restart the service: `systemctl restart smeserver-password-web`
+
+### Security Configuration
+- The application runs as root to access SME Server system commands
+- Change the secret key in production by setting the `SECRET_KEY` environment variable
+- Consider using a reverse proxy (nginx/apache) for SSL termination
+
+### Firewall Configuration
+Open the application port in the SME Server firewall:
+```bash
+# For port 5000
+db configuration setprop httpd-admin TCPPort 5000
+signal-event remoteaccess-update
+```
+
+## Usage
+
+### Accessing the Application
+- Open a web browser and navigate to: `http://your-server-ip:5000`
+- Fill in the form with:
+  - Your account username
+  - Current password
+  - New password (twice for verification)
+- Click "Change Password"
+
+### Password Requirements
+- Minimum 7 characters
+- Maximum 127 characters
+- Must contain at least one letter and one number
+- Cannot contain certain special characters (: ; | & ! \ " ')
+
+## Testing
+
+### Demo Mode
+For testing without SME Server tools, use the demo mode:
+```bash
+python3 demo_mode.py
+```
+
+Demo users available:
+- Username: `testuser`, Password: `oldpassword123`
+- Username: `admin`, Password: `adminpass456`
+- Username: `john`, Password: `johnpass789`
+
+### Production Testing
+1. Verify the service is running: `systemctl status smeserver-password-web`
+2. Check logs: `journalctl -u smeserver-password-web -f`
+3. Test with a non-critical user account first
+
+## Troubleshooting
+
+### Service Won't Start
+- Check logs: `journalctl -u smeserver-password-web`
+- Verify Python dependencies are installed
+- Ensure port is not in use by another service
+
+### Password Changes Fail
+- Verify the user account exists in the SME Server accounts database
+- Check that `signal-event` command is available
+- Ensure the application has root privileges
+
+### Permission Errors
+- The application must run as root to access system commands
+- Verify file permissions in the application directory
+
+## Security Considerations
+- This application requires root privileges to function properly
+- Use HTTPS in production environments
+- Consider implementing rate limiting for password change attempts
+- Monitor logs for suspicious activity
+- Keep the application updated
+
+## File Structure
+```
+smeserver-password-app/
+├── app.py                    # Main Flask application
+├── smeserver_utils.py        # SME Server integration utilities
+├── demo_mode.py             # Demo version for testing
+├── requirements.txt         # Python dependencies
+├── install.sh              # Automated installation script
+├── templates/
+│   └── password_change.html # Web interface template
+├── static/
+│   └── css/
+│       └── style.css       # Styling to match SME Server design
+├── README.md               # Project documentation
+└── DEPLOYMENT.md          # This deployment guide
+```
+
+## Support
+For issues or questions:
+1. Check the application logs
+2. Verify SME Server system status
+3. Test with demo mode to isolate issues
+4. Review the source code for customization needs
+