Merge pull request #80 from Psycojoker/encrypt

Global password access

docs/configuration.rst

@@ -49,6 +49,7 @@ entry like any other gallery.
 **NOTE**: expect the "static: " option to disappear quite soon for a more
 generic approach to "choose your page style".
 
+
 Global settings
 _______________
 
@@ -229,6 +230,14 @@ Is option can be use too in gallery settings if you use multi level gallery::
   reverse: true
 
 
+Password access
+~~~~~~~~~~~~~~~
+
+If you wanna protect all the website by password::
+
+  title: Gallery
+  password: my_super_password
+
 Gallery settings.yaml
 ---------------------
 

prosopopee/prosopopee.py

@@ -17,8 +17,6 @@
 import socketserver
 import http.server
 
-from subprocess import check_output
-
 import ruamel.yaml as yaml
 from docopt import docopt
 
@@ -27,7 +25,7 @@
 from jinja2 import Environment, FileSystemLoader
 
 from .cache import CACHE
-from .utils import error, warning, okgreen
+from .utils import error, warning, okgreen, makeform, encrypt
 
 
 DEFAULTS = {
@@ -446,7 +444,6 @@ def create_cover(gallery_name, gallery_settings, gallery_path):
 def build_gallery(settings, gallery_settings, gallery_path, template):
     gallery_index_template = template.get_template("gallery-index.html")
     page_template = template.get_template("page.html")
-    encrypted_template = template.get_template("encrypted.html")
 
     # this should probably be a factory
     Image.base_dir = Path(".").joinpath(gallery_path)
@@ -476,16 +473,9 @@ def build_gallery(settings, gallery_settings, gallery_path, template):
 
     open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
 
-    if gallery_settings.get("password"):
-        template_to_render = encrypted_template
-        password = gallery_settings.get("password")
-        index_plain = Path("build").joinpath(gallery_path, "index.html")
-        encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True)
-        html = template_to_render.render(
-            settings=settings,
-            gallery=gallery_settings,
-            ciphertext=str(encrypted, 'utf-8'),
-        ).encode("Utf-8")
+    if gallery_settings.get("password") or settings.get("password"):
+        password = gallery_settings.get("password", settings.get("password"))
+        html = encrypt(password, template, gallery_path, settings, gallery_settings)
 
         open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
 
@@ -524,18 +514,10 @@ def build_gallery(settings, gallery_settings, gallery_path, template):
 
         open(Path("build").joinpath(gallery_light_path, "index.html"), "wb").write(html)
 
-        if gallery_settings.get("password"):
-            light_template_to_render = light_templates.get_template("encrypted.html")
-            template_to_render = encrypted_template
-            password = gallery_settings.get("password")
-            index_plain = Path("build").joinpath(gallery_light_path, "index.html")
-            encrypted = check_output('cat %s | openssl enc -e -base64 -A -aes-256-cbc -pass pass:"%s"' % (index_plain, password), shell=True)
-            html = light_template_to_render.render(
-                settings=settings,
-                gallery=gallery_settings,
-                ciphertext=str(encrypted, 'utf-8'),
-            ).encode("Utf-8")
-
+        if gallery_settings.get("password") or settings.get("password"):
+            from_template = light_templates.get_template("form.html")
+            html = encrypt(password, light_templates, gallery_light_path, settings, gallery_settings)
+
             open(Path("build").joinpath(gallery_light_path, "index.html"), "wb").write(html)
 
 
@@ -565,6 +547,12 @@ def build_index(settings, galleries_cover, templates, gallery_path='', sub_index
 
     open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
 
+    if settings.get("password"):
+        password = settings.get("password")
+        html = encrypt(password, templates, gallery_path, settings, None)
+
+        open(Path("build").joinpath(gallery_path, "index.html"), "wb").write(html)
+
 
 def main():
     arguments = docopt(__doc__, version='0.6')

prosopopee/themes/exposure/static/css/encrypt.css

@@ -0,0 +1,93 @@
+.staticrypt-hr {
+  margin-top: 20px;
+  margin-bottom: 20px;
+  border: 0;
+  border-top: 1px solid #eee;
+}
+
+.staticrypt-page {
+  width: 360px;
+  padding: 8% 0 0;
+  margin: auto;
+  box-sizing: border-box;
+}
+
+.staticrypt-form {
+  position: relative;
+  z-index: 1;
+  background: #FFFFFF;
+  max-width: 360px;
+  margin: 0 auto 100px;
+  padding: 45px;
+  text-align: center;
+  box-shadow: 0 0 20px 0 rgba(0, 0, 0, 0.2), 0 5px 5px 0 rgba(0, 0, 0, 0.24);
+}
+
+.staticrypt-form input {
+  outline: 0;
+  background: #292525;
+  width: 100%;
+  border: 0;
+  margin: 0 0 15px;
+  padding: 15px;
+  box-sizing: border-box;
+  font-size: 14px;
+}
+
+.staticrypt-form .staticrypt-decrypt-button {
+  text-transform: uppercase;
+  outline: 0;
+  background: #91C25F;
+  width: 100%;
+  border: 0;
+  padding: 15px;
+  color: #FFFFFF;
+  font-size: 14px;
+  cursor: pointer;
+}
+
+.staticrypt-html {
+  height: 100%;
+}
+
+.staticrypt-body {
+  background: #FFF; /* fallback for old browsers */
+  font-family: "Arial", sans-serif;
+}
+
+.staticrypt-instructions {
+  margin-top: -1em;
+  margin-bottom: 1em;
+}
+
+.staticrypt-title {
+  font-size: 1.5em;
+}
+
+footer {
+  position: relative;
+  right: 0;
+  bottom: 0;
+  left: 0;
+  margin-top: 6em;
+  text-align: center;
+  font-family: 'crimson', serif;
+  font-size: 11px;
+  color: #555;
+  background-color: #EEE;
+  border-top: solid 2px #DDD;
+  padding-bottom: 10px;
+  padding-top: 14px;
+}
+
+footer p {
+  margin: 0;
+}
+
+footer a {
+  text-decoration: none;
+  font-weight: 600;
+  font-family: 'montserrat', sans-serif;
+  color: #111;
+}
+

prosopopee/themes/exposure/static/css/style-page.css

@@ -520,69 +520,3 @@ span.left img, span.right img {
 .clear {
   clear: both;
 }
-
-.staticrypt-hr {
-  margin-top: 20px;
-  margin-bottom: 20px;
-  border: 0;
-  border-top: 1px solid #eee;
-}
-
-.staticrypt-page {
-  width: 360px;
-  padding: 8% 0 0;
-  margin: auto;
-  box-sizing: border-box;
-}
-
-.staticrypt-form {
-  position: relative;
-  z-index: 1;
-  background: #FFFFFF;
-  max-width: 360px;
-  margin: 0 auto 100px;
-  padding: 45px;
-  text-align: center;
-  box-shadow: 0 0 20px 0 rgba(0, 0, 0, 0.2), 0 5px 5px 0 rgba(0, 0, 0, 0.24);
-}
-
-.staticrypt-form input {
-  outline: 0;
-  background: #292525;
-  width: 100%;
-  border: 0;
-  margin: 0 0 15px;
-  padding: 15px;
-  box-sizing: border-box;
-  font-size: 14px;
-}
-
-.staticrypt-form .staticrypt-decrypt-button {
-  text-transform: uppercase;
-  outline: 0;
-  background: #91C25F;
-  width: 100%;
-  border: 0;
-  padding: 15px;
-  color: #FFFFFF;
-  font-size: 14px;
-  cursor: pointer;
-}
-
-.staticrypt-html {
-  height: 100%;
-}
-
-.staticrypt-body {
-  background: #FFF; /* fallback for old browsers */
-  font-family: "Arial", sans-serif;
-}
-
-.staticrypt-instructions {
-  margin-top: -1em;
-  margin-bottom: 1em;
-}
-
-.staticrypt-title {
-  font-size: 1.5em;
-}

prosopopee/themes/exposure/templates/encrypted.html

@@ -1,8 +1,13 @@
+{% if gallery %}
+{% set pathstatic = ".." %}
+{% else %}
+{% set pathstatic = "." %}
+{% endif %}
 <!doctype html>
 <html class="staticrypt-html">
   <head>
     <meta charset="utf-8">
-    <title>{{ gallery.title }} · {{ settings.title }}</title>
+    <title>{% if gallery %}{{ gallery.title }} · {% endif %}{{ settings.title }}</title>
     <meta name="viewport" content="width=device-width, initial-scale=1">
 
     <!-- do not cache this page -->
@@ -11,55 +16,46 @@
     <meta http-equiv="expires" content="0"/>
     <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT"/>
     <meta http-equiv="pragma" content="no-cache"/>
-    <link type="text/css" rel="stylesheet" href="../static/css/style-page.css"  media="screen,projection"/>
-  </head>
-
-  <body class="staticrypt-body">
-    <div class="staticrypt-page">
-      <div class="staticrypt-form">
-        <div class="staticrypt-instructions">
-          <img id="logo" src="./../static/img/logo.svg">
-          <p class="staticrypt-title">{{ gallery.title }}</p>
-        </div>
-
-        <hr class="staticrypt-hr">
-
-        <form id="staticrypt-form" action="#" method="post">
-          <div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
-          <input id="staticrypt-password"
-                 type="password"
-                 name="password"
-                 placeholder="passphrase"
-                 autofocus/>
-
-          <input type="submit" class="staticrypt-decrypt-button" value="ENTER"/>
-        </form>
-      </div>
-
-    </div>
-     <footer style="position: absolute;">
-      <p>Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a> · atom logo by <a href="https://thenounproject.com/jjjon/">Jonathan Li</a> under <a href="https://creativecommons.org/licenses/by/3.0/">CC-BY</a></p>
-    </footer>
-    <script type="text/javascript" src="../static/js/crypto-js.min.js" charset="utf-8"></script>
+    <link type="text/css" rel="stylesheet" href="{{ pathstatic }}/static/css/encrypt.css"  media="screen,projection"/>
 
+  </head>
+  <body id="encrypt-body" class="staticrypt-body">
+    <script type="text/javascript" src="{{ pathstatic }}/static/js/crypto-js.min.js" charset="utf-8"></script>
     <script>
-document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
-  e.preventDefault();
-
-  var passphrase = document.getElementById('staticrypt-password').value,
-  encryptedMsg = '{{ ciphertext }}';
-
-  try{
-    var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
-  }
-  catch(err) {
-    document.getElementById("error").innerHTML = "Wrong keyword entry."
-    return;
-  }
+var form = '{{ form }}';
+var encryptedMsg = '{{ ciphertext }}';
 
+if (sessionStorage.getItem("password")) {
+  var passphrase = sessionStorage.getItem("password");
+  var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
+  document.open();
   document.write(plainHTML);
   document.close();
-});
+} else {
+  var plainHTML = CryptoJS.enc.Base64.parse(form).toString(CryptoJS.enc.Utf8);
+  document.open();
+  document.write(plainHTML);
+  document.close();
+
+  document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
+    e.preventDefault();
+
+    var passphrase = document.getElementById('staticrypt-password').value;
+
+    try{
+      var plainHTML = CryptoJS.AES.decrypt(encryptedMsg, passphrase).toString(CryptoJS.enc.Utf8);
+    }
+    catch(err) {
+      document.getElementById("error").innerHTML = "Wrong keyword entry.";
+      return;
+    }
+
+    sessionStorage.setItem("password", passphrase);
+    document.open();
+    document.write(plainHTML);
+    document.close();
+  });
+}
     </script>
   </body>
 </html>

prosopopee/themes/exposure/templates/form.html

@@ -0,0 +1,21 @@
+<div class="staticrypt-page">
+  <div class="staticrypt-form">
+    <div class="staticrypt-instructions">
+      <img id="logo" src="./../static/img/logo.svg">
+      <p class="staticrypt-title">{% if gallery %}{{ gallery.title }}{% else %}{{ settings.title }}{% endif %}</p>
+    </div>
+    <hr class="staticrypt-hr">
+    <form id="staticrypt-form" action="#" method="post">
+      <div id="error" style="color: red; padding-bottom: 10px; height: 20px;"></div>
+      <input id="staticrypt-password"
+             type="password"
+             name="password"
+             placeholder="passphrase"
+             autofocus/>
+      <input type="submit" class="staticrypt-decrypt-button" value="ENTER"/>
+    </form>
+  </div>
+</div>
+<footer style="position: absolute;">
+  <p>Generated using <a href="https://github.com/psycojoker/prosopopee">Prosopopée</a> · content under <a href="https://creativecommons.org/licenses/by-sa/3.0/">CC-BY-SA</a> · atom logo by <a href="https://thenounproject.com/jjjon/">Jonathan Li</a> under <a href="https://creativecommons.org/licenses/by/3.0/">CC-BY</a></p>
+</footer>