Added credentials configuration

Author: rumca-js

backup.py

@@ -405,6 +405,7 @@ def obfuscate_all(destination_engine):
     obfuscate_user_table("user", destination_engine)
     r.truncate_table("dataexport")
     r.truncate_table("usersearchhistory")
+    r.truncate_table("credentials")
 
 
 #### SQLite
@@ -512,6 +513,7 @@ def backup_workspace(run_info):
     print("--------------------")
 
     tablemapping = {
+       "./instance_credentials"   : ["instance_credentials"],
        "./instance_entries"   : ["instance_linkdatamodel"],
        "./instance_domains"   : ["instance_domains"],
        "./instance_sourcecategories"   : ["instance_sourcecategories"],
@@ -587,6 +589,7 @@ def restore_workspace(run_info):
 
     # order is important
     tablemapping = [
+       ["./instance_credentials"         , ["instance_credentials"]],
        ["./instance_sourcecategories"         , ["instance_sourcecategories"]],
        ["./instance_sourcessubcategories"     , ["instance_sourcesubcategories"]],
        ["./instance_sources"         , ["instance_sourcedatamodel"]],
@@ -658,6 +661,7 @@ def run_sql_for_workspaces(run_info, sql_command):
 
     # order is important
     tablemapping = [
+       "instance_credentials",
        "instance_apikeys",
        "instance_applogging",
        "instance_backgroundjob",

rsshistory/configuration.py

@@ -22,7 +22,7 @@
  if a change requires the model to be changed, then second digit is updated, patch is set to 0
  if something should be released to public, then release version changes
 """
-__version__ = "2.11.9"
+__version__ = "2.12.0"
 
 
 class Configuration(object):

rsshistory/forms.py

@@ -24,6 +24,7 @@
     DataExport,
     EntryRules,
     ApiKeys,
+    Credentials,
     Browser,
     SearchView,
 )
@@ -208,8 +209,7 @@ class Meta:
             "export_data",
             "local_path",
             "remote_path",
-            "user",
-            "password",
+            "credentials",
             "db_user",
             "export_entries",
             "export_entries_bookmarks",
@@ -310,6 +310,27 @@ def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
 
 
+class CredentialsForm(forms.ModelForm):
+    """
+    Category choice form
+    """
+
+    class Meta:
+        model = Credentials
+        fields = [
+            "name",
+            "credential_type",
+            "username",
+            "password",
+            "token",
+            "secret",
+            "owner",
+        ]
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+
 class UserConfigForm(forms.ModelForm):
     """
     Category choice form
@@ -683,8 +704,7 @@ class Meta:
             "auto_tag",
             "favicon",
             "auto_update_favicon",
-            "username",
-            "password",
+            "credentials",
             "proxy_location",
         ]
         widgets = {}

rsshistory/models/__init__.py

@@ -46,6 +46,9 @@
 from .apikeys import (
     ApiKeys,
 )
+from .credentials import (
+    Credentials,
+)
 from .useractions import (
     UserVotes,
     UserComments,

rsshistory/models/credentials.py

@@ -0,0 +1,57 @@
+"""
+Security is a made up word.
+"""
+from cryptography.fernet import Fernet
+from django.conf import settings
+from django.db import models
+
+from ..apps import LinkDatabase
+
+
+FERNET_KEY = settings.FERNET_KEY
+fernet = Fernet(FERNET_KEY)
+
+
+class Credentials(models.Model):
+    """
+    You can define access to multiple sources here
+    """
+    name = models.CharField(max_length=1000, blank=True)  # github etc
+    credential_type = models.CharField(max_length=1000, blank=True)  # refresh token, auth token, etc.
+    username = models.CharField(max_length=1000, blank=True)
+    password = models.CharField(max_length=1000, blank=True)
+    secret = models.CharField(max_length=1000, blank=True)
+    token = models.CharField(max_length=1000, blank=True)
+
+    owner = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.CASCADE,
+        related_name=str(LinkDatabase.name) + "_credentials",
+        null=True,
+        blank=True,
+        help_text="Owner of credentials"
+    )
+
+    class Meta:
+        ordering = ["owner"]
+
+    def encrypt(self):
+        """Still the better way than Facebook plaintext."""
+        if self.secret:
+            self.secret = fernet.encrypt(self.secret.encode()).decode()
+        if self.token:
+            self.token = fernet.encrypt(self.token.encode()).decode()
+        if self.password:
+            self.password = fernet.encrypt(self.password.encode()).decode()
+
+    def decrypt(self):
+        if self.secret:
+            self.secret = fernet.decrypt(self.secret.encode()).decode()
+        if self.token:
+            self.token = fernet.decrypt(self.token.encode()).decode()
+        if self.password:
+            self.password = fernet.decrypt(self.password.encode()).decode()
+        return None
+
+    def __str__(self):
+        return "{}/{}".format(self.name, self.credential_type)

rsshistory/models/export.py

@@ -4,6 +4,7 @@
 
 from utils.dateutils import DateUtils
 
+from .credentials import Credentials
 from .system import AppLogging
 
 
@@ -43,17 +44,13 @@ class DataExport(models.Model):
         blank=True,
         help_text="Example: https://github.com/rumca-js/Django-link-archive.git. Can be empty",
     )
-    user = models.CharField(
-        default="",
-        max_length=2000,
-        blank=True,
-        help_text="Repo user name. Can be empty",
-    )
-    password = models.CharField(
-        default="",
-        max_length=2000,
+
+    credentials = models.ForeignKey(
+        Credentials,
+        on_delete=models.CASCADE,
+        related_name="export",
         blank=True,
-        help_text="Repo password, or token. Can be empty",
+        null=True,
     )
 
     db_user = models.CharField(

rsshistory/models/sources.py

@@ -4,6 +4,7 @@
 from ..webtools import UrlLocation
 
 from ..apps import LinkDatabase
+from .credentials import Credentials
 
 
 class SourceCategories(models.Model):
@@ -148,16 +149,19 @@ class SourceDataModel(models.Model):
     fetch_period = models.IntegerField(
         default=900, help_text="Source is checked for new data after [x] seconds"
     )
-    username = models.CharField(
-        max_length=1000, blank=True, help_text="User name required to access source"
-    )
-    password = models.CharField(
-        max_length=1000, blank=True, help_text="Password required to access source"
-    )
+
     auto_tag = models.CharField(
         max_length=1000, blank=True, help_text="Automatic tag for new entries"
     )
 
+    credentials = models.ForeignKey(
+        Credentials,
+        on_delete=models.CASCADE,
+        related_name="sources",
+        blank=True,
+        null=True,
+    )
+
     category = models.ForeignKey(
         SourceCategories,
         on_delete=models.SET_NULL,

rsshistory/pluginsources/emailsourceplugin.py

@@ -1,5 +1,3 @@
-import socket
-
 from utils.services import EmailReader
 from utils.dateutils import DateUtils
 
@@ -25,12 +23,20 @@ def __init__(self, source_id, options=None):
 
     def read_entries(self):
         source = self.get_source()
+        if not source.credentials:
+            AppLogging.error(
+                "Source:{} Credentials were not defined for source.".format(source.id)
+            )
+            return
 
         day_to_remove = Configuration.get_object().get_entry_remove_date()
 
         try:
             reader = EmailReader(source.url, time_limit=day_to_remove)
-            if not reader.connect(source.username, source.password):
+            credentials = source.credentials
+            credentials.decrypt()
+
+            if not reader.connect(credentials.username, credentials.password):
                 AppLogging.error(
                     "Source:{} Could not login to service.".format(source.id)
                 )

rsshistory/templates/rsshistory/admin_page.html

@@ -52,31 +52,26 @@ <h2>Managment links</h2>
                    {% endif %}
                </a>
            </li>
+
            <li class="list-group-item">
-               <a href="{% url 'rsshistory:entry-rules' %}" title="Entry Rules allow to define URL based rules. Block domains, etc." class="nav-link">
-                   <img src="{% static 'rsshistory/icons/account.png' %}" class="content-icon" />
-                   Entry rules</a>
-           </li>
-           <li class="list-group-item">
-               <a href="{% url 'rsshistory:api-keys' %}" title="API keys allow to define URL based rules. Block domains, etc." class="nav-link">
-                   <img src="{% static 'rsshistory/icons/account.png' %}" class="content-icon" />
-                   API keys</a>
-           </li>
-           <li class="list-group-item">
-               <a href="{% url 'rsshistory:browsers' %}" title="Browser managment" class="nav-link">
-                   <img src="{% static 'rsshistory/icons/icons8-paper-64.png' %}" class="content-icon" />
-                   Browsers</a>
+               <a href="{% url 'rsshistory:searchviews' %}" title="Searchviews" class="nav-link">
+		   <img src="{% static 'rsshistory/icons/icons8-search-100.png' %}" class="content-icon" />
+                   Search views</a>
            </li>
-
            <li class="list-group-item">
                <a href="{% url 'rsshistory:data-exports' %}" title="Configured Data Exports" class="nav-link">
                    <img src="{% static 'rsshistory/icons/icons8-database-export-100.png' %}" class="content-icon" />
                    Data Exports</a>
            </li>
            <li class="list-group-item">
-               <a href="{% url 'rsshistory:searchviews' %}" title="Searchviews" class="nav-link">
-		   <img src="{% static 'rsshistory/icons/icons8-search-100.png' %}" class="content-icon" />
-                   Search views</a>
+               <a href="{% url 'rsshistory:entry-rules' %}" title="Entry Rules allow to define URL based rules. Block domains, etc." class="nav-link">
+                   <img src="{% static 'rsshistory/icons/icons8-paper-64.png' %}" class="content-icon" />
+                   Entry rules</a>
+           </li>
+           <li class="list-group-item">
+               <a href="{% url 'rsshistory:browsers' %}" title="Browser managment" class="nav-link">
+                   <img src="{% static 'rsshistory/icons/icons8-paper-64.png' %}" class="content-icon" />
+                   Browsers</a>
            </li>
            {% if 0 %}
            <li class="list-group-item">
@@ -96,6 +91,16 @@ <h2>Managment links</h2>
            </li>
            {% endif %}
 
+           <li class="list-group-item">
+               <a href="{% url 'rsshistory:api-keys' %}" title="API keys allow to define URL based rules. Block domains, etc." class="nav-link">
+                   <img src="{% static 'rsshistory/icons/account.png' %}" class="content-icon" />
+                   API keys</a>
+           </li>
+           <li class="list-group-item">
+               <a href="{% url 'rsshistory:credentials' %}" title="Credentials" class="nav-link">
+                   <img src="{% static 'rsshistory/icons/account.png' %}" class="content-icon" />
+                   System credentials</a>
+           </li>
            <li class="list-group-item">
                <a href="{% url 'rsshistory:appusers' %}" title="User administration" class="nav-link">
                    <img src="{% static 'rsshistory/icons/account.png' %}" class="content-icon" />

rsshistory/templates/rsshistory/credentials_detail.html

@@ -0,0 +1,27 @@
+{% extends base_generic %}
+{% load static %}
+{% block content %}
+
+<div class="contentbuttonmenu">
+    <a href="{% url 'rsshistory:credential-edit' object.id %}" class="btn btn-primary" role="button">
+       {% include "rsshistory/icon_edit.html" %}
+    </a>
+    <a href="{% url 'rsshistory:credential-remove' object.id %}" class="btn btn-primary" role="button">
+       <img src="{% static 'rsshistory/icons/icons8-trash-100.png' %}" class="content-icon" />
+    </a>
+</div>
+
+<div>ID: {{object.id}}</div>
+
+<h1>{{object.name}}</h1>
+<div>Credentials type: {{object.credential_type}}</div>
+<div>UserName: {{object.username}}</div>
+
+{% if object.owner %}
+{% with user=object.owner %}
+  <div>OwnerID: {{user.id}}</div>
+  <div>Owner Name: {{user.username}}</div>
+{% endwith %}
+{% endif %}
+
+{% endblock %}

rsshistory/templates/rsshistory/credentials_list.html

@@ -0,0 +1,32 @@
+{% extends base_generic %}
+{% load static %}
+{% block content %}
+
+<div class="container">
+    <a href="{% url 'rsshistory:credential-add' %}" title="Add new api key" class="btn btn-primary" role="button">
+       {% include "rsshistory/icon_add.html" %}
+    </a>
+</div>
+
+<h1>Credentials</h1>
+  {% if content_list %}
+     <div class="list-group">
+         {% for cred_object in content_list %}
+         <div class="list-group-item">
+             <div>
+                 Name: {{cred_object.name}}
+
+                 <a href="{% url 'rsshistory:credential-edit' cred_object.id %}" title="Edit credential" class="btn btn-secondary btn-sm ms-auto" role="button">
+                     {% include "rsshistory/icon_edit.html" %}
+                 </a>
+                 <a href="{% url 'rsshistory:credential-remove' cred_object.id %}" title="Remove credential" class="btn btn-secondary btn-sm" role="button">
+                     {% include "rsshistory/icon_remove.html" %}
+                 </a>
+             </div>
+         </div>
+         {% endfor %}
+  {% else %}
+    No credentials yet
+  {% endif %}
+
+{% endblock %} 

rsshistory/templates/rsshistory/entries_library.js

@@ -494,7 +494,7 @@ function getEntryReadLaterBar(entry) {
 	         </a>
         
                  <a id="${id}" class="remove-button ms-auto" href="${remove_link}" >
-                    <img src="{% static 'rsshistory/icons/icons8-trash-100.png' %}" class="content-icon" />
+                    {% include "rsshistory/icon_remove.html" %}
                  </a>
              </div>
          </div>

rsshistory/templates/rsshistory/entryrules_detail.html

@@ -10,7 +10,7 @@
        {% include "rsshistory/icon_enable.html" %}
     </a>
     <a href="{% url 'rsshistory:entry-rule-remove' object.id %}" class="btn btn-primary" role="button">
-       <img src="{% static 'rsshistory/icons/icons8-trash-100.png' %}" class="content-icon" />
+       {% include "rsshistory/icon_remove.html" %}
     </a>
 </div>