mirror of
				https://github.com/avatao-content/baseimage-tutorial-framework
				synced 2025-10-25 14:22:55 +00:00 
			
		
		
		
	Refactor project into TFW baseimage
This commit is contained in:
		
							
								
								
									
										42
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										42
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -34,10 +34,6 @@ RUN curl -fSL -o pyenv-installer ${PYENV_INSTALLER_URL}              &&\ | |||||||
|     pip install -r /tmp/requirements.txt |     pip install -r /tmp/requirements.txt | ||||||
|  |  | ||||||
| USER root | USER root | ||||||
| COPY src/frontend /data/ |  | ||||||
| RUN cd /data && yarn install --frozen-lockfile |  | ||||||
| RUN cd /data && yarn build --no-progress |  | ||||||
|  |  | ||||||
| ENV TFW_PUBLIC_PORT=8888          \ | ENV TFW_PUBLIC_PORT=8888          \ | ||||||
|     TFW_WEB_PORT=4242             \ |     TFW_WEB_PORT=4242             \ | ||||||
|     TFW_LOGIN_APP_PORT=6666       \ |     TFW_LOGIN_APP_PORT=6666       \ | ||||||
| @@ -70,37 +66,25 @@ RUN echo "shopt -s cmdhist\n"                 \ | |||||||
|          'PROMPT_COMMAND="history -a"\n'      \ |          'PROMPT_COMMAND="history -a"\n'      \ | ||||||
|     >> /home/${AVATAO_USER}/.bashrc |     >> /home/${AVATAO_USER}/.bashrc | ||||||
|  |  | ||||||
|  | COPY supervisor/supervisord.conf ${TFW_SUPERVISORD_CONF} | ||||||
| COPY nginx/nginx.conf ${TFW_NGINX_CONF} | COPY nginx/nginx.conf ${TFW_NGINX_CONF} | ||||||
| COPY nginx/default.conf ${TFW_NGINX_DEFAULT} | COPY nginx/default.conf ${TFW_NGINX_DEFAULT} | ||||||
| COPY nginx/components/ ${TFW_NGINX_COMPONENTS} |  | ||||||
| RUN chown -R ${AVATAO_USER} /var/log/nginx /var/lib/nginx                                          &&\ |  | ||||||
|     for f in "${TFW_NGINX_DEFAULT}" ${TFW_NGINX_COMPONENTS}/*.conf; do                               \ |  | ||||||
|         envsubst "$(printenv | cut -d= -f1 | grep TFW_ | sed -e 's/^/$/g')" < $f > $f~ && mv $f~ $f ;\ |  | ||||||
|     done |  | ||||||
|  |  | ||||||
| COPY supervisor/supervisord.conf ${TFW_SUPERVISORD_CONF} |  | ||||||
| COPY supervisor/components/ ${TFW_SUPERVISORD_COMPONENTS} |  | ||||||
| COPY lib ${TFW_LIB_DIR} | COPY lib ${TFW_LIB_DIR} | ||||||
| RUN mv /data/dist ${TFW_FRONTEND_DIR} && rm -rf /data |  | ||||||
|  |  | ||||||
| ### TFW internals ^ ### DEMO v ############################################################### | ONBUILD ARG BUILD_CONTEXT="." | ||||||
|  | ONBUILD ARG NOFRONTEND="" | ||||||
|  |  | ||||||
| ENV TFW_APP_DIR="/srv/app"                          \ | ONBUILD COPY ${BUILD_CONTEXT}/nginx/components/ ${TFW_NGINX_COMPONENTS} | ||||||
|     TFW_LOGIN_APP_DIR="/tmp/source_code_server"     \ | ONBUILD COPY ${BUILD_CONTEXT}/supervisor/components/ ${TFW_SUPERVISORD_COMPONENTS} | ||||||
|     TFW_WEBIDE_WD="/home/${AVATAO_USER}/workdir"    \ |  | ||||||
|     TFW_TERMINADO_WD="/home/${AVATAO_USER}/workdir" |  | ||||||
|  |  | ||||||
| COPY src/demo ${TFW_APP_DIR}/ | ONBUILD RUN chown -R ${AVATAO_USER} /var/log/nginx /var/lib/nginx                                          &&\ | ||||||
|  |             for f in "${TFW_NGINX_DEFAULT}" ${TFW_NGINX_COMPONENTS}/*.conf; do                               \ | ||||||
|  |                 envsubst "$(printenv | cut -d= -f1 | grep TFW_ | sed -e 's/^/$/g')" < $f > $f~ && mv $f~ $f ;\ | ||||||
|  |             done | ||||||
|  |  | ||||||
| COPY src/demo/source_code_server/server.py ${TFW_LOGIN_APP_DIR}/ | ONBUILD COPY ${BUILD_CONTEXT}/frontend /data/ | ||||||
| COPY src/demo/source_code_server/users.db ${TFW_LOGIN_APP_DIR}/ | ONBUILD RUN if [ -z "${NOFRONTEND}" ]; then cd /data && yarn install --frozen-lockfile; fi | ||||||
| COPY src/demo/source_code_server/login_component.py ${TFW_WEBIDE_WD}/ | ONBUILD RUN if [ -z "${NOFRONTEND}" ]; then cd /data && yarn build --no-progress; fi | ||||||
|  | ONBUILD RUN if [ -z "${NOFRONTEND}" ]; then mv /data/dist ${TFW_FRONTEND_DIR} && rm -rf /data; fi | ||||||
| RUN chown -R ${AVATAO_USER} ${TFW_WEBIDE_WD} &&\ |  | ||||||
|     chmod -R 755 ${TFW_WEBIDE_WD} |  | ||||||
|  |  | ||||||
| USER ${AVATAO_USER} |  | ||||||
| VOLUME ["/etc/nginx", "/home/${AVATAO_USER}", "/var/lib/nginx", "/var/log/nginx"] |  | ||||||
| WORKDIR /home/${AVATAO_USER} |  | ||||||
|  |  | ||||||
| CMD . "$HOME/.pyenvrc" && exec supervisord --nodaemon | CMD . "$HOME/.pyenvrc" && exec supervisord --nodaemon | ||||||
|   | |||||||
| @@ -1,21 +0,0 @@ | |||||||
| import sys |  | ||||||
| import tornado |  | ||||||
| import zmq |  | ||||||
| from tornado.ioloop import IOLoop |  | ||||||
|  |  | ||||||
| from sql_injection_fsm import SQLInjectionFSM |  | ||||||
| from tfw.networking.server.tfw_server import TFWServer |  | ||||||
| from tfw.config import tfwenv |  | ||||||
| from tfw.config.logs import logging |  | ||||||
| log = logging.getLogger(__name__) |  | ||||||
|  |  | ||||||
|  |  | ||||||
| if __name__ == '__main__': |  | ||||||
|     server = TFWServer(SQLInjectionFSM) |  | ||||||
|     server.listen(tfwenv.WEB_PORT) |  | ||||||
|     log.debug('Python version: {}'.format(sys.version[:5])) |  | ||||||
|     log.debug('Tornado version: {}'.format(tornado.version)) |  | ||||||
|     log.debug('ZeroMQ version: {}'.format(zmq.zmq_version())) |  | ||||||
|     log.debug('PyZMQ version: {}'.format(zmq.pyzmq_version())) |  | ||||||
|     log.info('Tornado application listening on port {}'.format(tfwenv.WEB_PORT)) |  | ||||||
|     IOLoop.instance().start() |  | ||||||
| @@ -1,54 +0,0 @@ | |||||||
| from tornado.ioloop import IOLoop |  | ||||||
|  |  | ||||||
| from tfw.components.source_code_event_handler import SourceCodeEventHandler |  | ||||||
| from tfw.components.terminado_event_handler import TerminadoEventHandler |  | ||||||
| from tfw.components.process_managing_event_handler import ProcessManagingEventHandler |  | ||||||
| from tfw.config import tfwenv |  | ||||||
| from tfw.message_sender import MessageSender |  | ||||||
| from tfw.networking.event_handlers.server_connector import ServerUplinkConnector |  | ||||||
| from tfw.config.logs import logging |  | ||||||
| log = logging.getLogger(__name__) |  | ||||||
|  |  | ||||||
|  |  | ||||||
| def cenator(history): |  | ||||||
|     log.debug('User executed command: "{}"'.format(history[-1])) |  | ||||||
|     MessageSender().send('JOHN CENA', 'You\'ve executed "{}"'.format(history[-1])) |  | ||||||
|  |  | ||||||
|  |  | ||||||
| def selectdir(history): |  | ||||||
|     try: |  | ||||||
|         cmd = history[-1].split() |  | ||||||
|         if cmd[0] == 'selectdir': |  | ||||||
|             ServerUplinkConnector().send_to_eventhandler('webide', |  | ||||||
|                                                          {'data': {'command': 'selectdir', |  | ||||||
|                                                                    'directory': cmd[1]}}) |  | ||||||
|     except Exception: |  | ||||||
|         log.exception('Selectdir failed!') |  | ||||||
|  |  | ||||||
|  |  | ||||||
| def toggle_next(history): |  | ||||||
|     toggle_next.button_state = not toggle_next.button_state |  | ||||||
|     try: |  | ||||||
|         cmd = history[-1].split() |  | ||||||
|         if cmd[0] == 'togglenext': |  | ||||||
|             ServerUplinkConnector().send('messagecontrol', |  | ||||||
|                                          {'data': {'command': 'showbutton', |  | ||||||
|                                                    'next_visibility': toggle_next.button_state}}) |  | ||||||
|     except Exception: |  | ||||||
|         log.exception('Togglenext failed!') |  | ||||||
| toggle_next.button_state = False |  | ||||||
|  |  | ||||||
|  |  | ||||||
| if __name__ == '__main__': |  | ||||||
|     ide = SourceCodeEventHandler(key='webide', directory=tfwenv.WEBIDE_WD, exclude=['*.pyc']) |  | ||||||
|     terminado = TerminadoEventHandler(key='shell') |  | ||||||
|     terminado.historymonitor.subscribe_callback(cenator) |  | ||||||
|     terminado.historymonitor.subscribe_callback(selectdir) |  | ||||||
|     terminado.historymonitor.subscribe_callback(toggle_next) |  | ||||||
|     processmanager = ProcessManagingEventHandler(key='processmanager', dirmonitor=ide.monitor) |  | ||||||
|  |  | ||||||
|     eventhandlers = {ide, terminado, processmanager} |  | ||||||
|     try: |  | ||||||
|         IOLoop.instance().start() |  | ||||||
|     finally: |  | ||||||
|         for eh in eventhandlers: eh.cleanup() |  | ||||||
| @@ -1,27 +0,0 @@ | |||||||
| import sqlite3 |  | ||||||
|  |  | ||||||
|  |  | ||||||
| def get_db(): |  | ||||||
|     return sqlite3.connect('users.db') |  | ||||||
|  |  | ||||||
|  |  | ||||||
| def authorize_login(email, password): |  | ||||||
|     """ |  | ||||||
|     This method checks if a user is authorized and has admin privileges. |  | ||||||
|     :param email: The email address of the user. |  | ||||||
|     :param password: The password of the user. |  | ||||||
|     :return: A tuple, the first element is the email address if the user exists, |  | ||||||
|     and None if they don't; the second element is a boolean, which is True if |  | ||||||
|     the user has admin privileges. |  | ||||||
|     """ |  | ||||||
|     conn = get_db() |  | ||||||
|     sql_statement = '''SELECT email, is_admin FROM users |  | ||||||
|                        WHERE email="{}" AND password="{}"''' |  | ||||||
|     # The problem with this approach is that it substitutes any value received |  | ||||||
|     # from the user, even if it is a valid SQL statement! |  | ||||||
|     result = conn.execute(sql_statement.format(email, password)).fetchone() |  | ||||||
|     if result is None: |  | ||||||
|         return None, False |  | ||||||
|     else: |  | ||||||
|         email, is_admin = result |  | ||||||
|         return email, is_admin == 1 |  | ||||||
| @@ -1,27 +0,0 @@ | |||||||
| import json, sys |  | ||||||
| from tornado.ioloop import IOLoop |  | ||||||
| from tornado.web import RequestHandler, Application |  | ||||||
|  |  | ||||||
| from tfw.config import tfwenv |  | ||||||
|  |  | ||||||
| sys.path.append(tfwenv.WEBIDE_WD) |  | ||||||
| from login_component import authorize_login |  | ||||||
|  |  | ||||||
|  |  | ||||||
| class LoginHandler(RequestHandler): |  | ||||||
|     def post(self, *args, **kwargs): |  | ||||||
|         request = json.loads(self.request.body) |  | ||||||
|         email, is_admin = authorize_login( |  | ||||||
|             request['email'], |  | ||||||
|             request['password'] |  | ||||||
|         ) |  | ||||||
|         self.write({ |  | ||||||
|             'email': email, |  | ||||||
|             'is_admin': is_admin |  | ||||||
|         }) |  | ||||||
|  |  | ||||||
|  |  | ||||||
| if __name__ == '__main__': |  | ||||||
|     application = Application([(r'/login', LoginHandler)]) |  | ||||||
|     application.listen(tfwenv.LOGIN_APP_PORT) |  | ||||||
|     IOLoop.instance().start() |  | ||||||
										
											Binary file not shown.
										
									
								
							| @@ -1,26 +0,0 @@ | |||||||
| from tfw.fsm_base import FSMBase |  | ||||||
|  |  | ||||||
|  |  | ||||||
| class SQLInjectionFSM(FSMBase): |  | ||||||
|     states = [ |  | ||||||
|         'start', |  | ||||||
|         'stripped_code', |  | ||||||
|         'sql', |  | ||||||
|         'commented_code', |  | ||||||
|         'sql_with_substitutions', |  | ||||||
|         'sql_output', |  | ||||||
|         'end', |  | ||||||
|     ] |  | ||||||
|     transitions = [ |  | ||||||
|         {'trigger': 'webide', 'source': '*', 'dest': 'stripped_code'},  # TODO: delet this |  | ||||||
|         {'trigger': 'webide', 'source': 'start', 'dest': 'stripped_code'}, |  | ||||||
|         {'trigger': 'login', 'source': 'stripped_code', 'dest': 'sql'}, |  | ||||||
|         {'trigger': 'logger', 'source': 'sql', 'dest': 'commented_code'}, |  | ||||||
|         {'trigger': 'webide', 'source': 'commented_code', 'dest': 'sql_with_substitutions'}, |  | ||||||
|         {'trigger': 'logger', 'source': 'sql_with_substitutions', 'dest': 'sql_output'}, |  | ||||||
|         {'trigger': 'logger', 'source': 'sql_output', 'dest': 'end'}, |  | ||||||
|         {'trigger': 'reset', 'source': 'end', 'dest': 'start'}, |  | ||||||
|     ] |  | ||||||
|  |  | ||||||
|     def __init__(self): |  | ||||||
|         super().__init__('start') |  | ||||||
 Submodule src/frontend deleted from 792ad68f8a
									
								
							
		Reference in New Issue
	
	Block a user