iamthefij/nomad-vault-login
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add 401 if login fails
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
IamTheFij 2022-11-04 14:40:32 -07:00
parent b1cbe02cc8
commit b47c5d5f32
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
main.py
View File

@ -1,6 +1,7 @@
import os import os
from flask import Flask from flask import Flask
from flask import Response
from flask import request from flask import request
from hvac import Client from hvac import Client
@ -42,14 +43,17 @@ def login():
</html> </html>
""" """
elif request.method == "POST": elif request.method == "POST":
client = Client(VAULT_ADDR)
username, password = request.form["username"], request.form["password"] username, password = request.form["username"], request.form["password"]
client = Client(VAULT_ADDR)
client.auth.userpass.login(username, password) client.auth.userpass.login(username, password)
assert client.is_authenticated() if not client.is_authenticated():
return Response(response="Unauthorized", status=401)
role = request.form.get("role") role = request.form.get("role")
nomad_creds = client.read(f"nomad/creds/{role or NOMAD_ROLE}") nomad_creds = client.read(f"nomad/creds/{role or NOMAD_ROLE}")
nomad_token = nomad_creds["data"]["secret_id"] nomad_token = nomad_creds["data"]["secret_id"]
return f""" return f"""
<html><head> <html><head>
<script>localStorage.setItem("nomadTokenSecret", "{nomad_token}"); window.location.replace("/ui/settings/tokens");</script> <script>localStorage.setItem("nomadTokenSecret", "{nomad_token}"); window.location.replace("/ui/settings/tokens");</script>