diff --git a/cmdb-api/api/commands/click_cmdb.py b/cmdb-api/api/commands/click_cmdb.py index 895e516..3333654 100644 --- a/cmdb-api/api/commands/click_cmdb.py +++ b/cmdb-api/api/commands/click_cmdb.py @@ -319,6 +319,9 @@ def cmdb_index_table_upgrade(): def valid_address(address): + if not address: + return False + if not address.startswith(("http://127.0.0.1", "https://127.0.0.1")): response = { "message": "Address should start with http://127.0.0.1 or https://127.0.0.1", @@ -326,6 +329,7 @@ def valid_address(address): } KeyManage.print_response(response) return False + return True diff --git a/cmdb-api/api/lib/secrets/inner.py b/cmdb-api/api/lib/secrets/inner.py index c6d2727..60513c4 100644 --- a/cmdb-api/api/lib/secrets/inner.py +++ b/cmdb-api/api/lib/secrets/inner.py @@ -1,21 +1,22 @@ +import os +import secrets +import sys from base64 import b64decode, b64encode + +from Cryptodome.Protocol.SecretSharing import Shamir from colorama import Back from colorama import Fore -from colorama import init as colorama_init from colorama import Style -from Cryptodome.Protocol.SecretSharing import Shamir +from colorama import init as colorama_init from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import padding -from cryptography.hazmat.primitives.ciphers import algorithms from cryptography.hazmat.primitives.ciphers import Cipher +from cryptography.hazmat.primitives.ciphers import algorithms from cryptography.hazmat.primitives.ciphers import modes from cryptography.hazmat.primitives.ciphers.aead import AESGCM from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from flask import current_app -import os -import secrets -import sys global_iv_length = 16 global_key_shares = 5 # Number of generated key shares @@ -64,10 +65,11 @@ class KeyManage: self.backend = Backend(backend) def init_app(self, app, backend=None): - if sys.argv[0].endswith("gunicorn") or sys.argv[1] == "run": + if sys.argv[0].endswith("gunicorn") or (len(sys.argv) > 1 and sys.argv[1] == "run"): self.trigger = app.config.get("INNER_TRIGGER_TOKEN") if not self.trigger: return + self.backend = backend resp = self.auto_unseal() self.print_response(resp) diff --git a/cmdb-api/api/lib/secrets/secrets.py b/cmdb-api/api/lib/secrets/secrets.py index 12fbc2b..674f570 100644 --- a/cmdb-api/api/lib/secrets/secrets.py +++ b/cmdb-api/api/lib/secrets/secrets.py @@ -11,11 +11,12 @@ class InnerKVManger(object): res = InnerKV.create(**data) if res.key == key: return "success", True + return "add failed", False @classmethod def get(cls, key): - res = InnerKV.get_by(first=True, to_dict=False, **{"key": key}) + res = InnerKV.get_by(first=True, to_dict=False, key=key) if not res: return None @@ -23,11 +24,12 @@ class InnerKVManger(object): @classmethod def update(cls, key, value): - res = InnerKV.get_by(first=True, to_dict=False, **{"key": key}) + res = InnerKV.get_by(first=True, to_dict=False, key=key) if not res: - return None - res.value = value - t = res.update() + return cls.add(key, value) + + t = res.update(value=value) if t.key == key: return "success", True + return "update failed", True diff --git a/cmdb-api/api/views/cmdb/inner_secrets.py b/cmdb-api/api/views/cmdb/inner_secrets.py index d36a127..573eded 100644 --- a/cmdb-api/api/views/cmdb/inner_secrets.py +++ b/cmdb-api/api/views/cmdb/inner_secrets.py @@ -1,10 +1,9 @@ +from flask import request + from api.lib.perm.auth import auth_abandoned -from api.resource import APIView from api.lib.secrets.inner import KeyManage from api.lib.secrets.secrets import InnerKVManger - -from flask import current_app -from flask import request +from api.resource import APIView class InnerSecretUnSealView(APIView):