|
4 | 4 | ''' |
5 | 5 | import os |
6 | 6 | import json |
| 7 | +''' |
| 8 | +PiChat - Chat Corporativo - VERSIÓN HÍBRIDA FUNCIONAL |
| 9 | +Copyright (C) 2025 Santiago Potes Giraldo |
| 10 | +''' |
| 11 | +import os |
| 12 | +import json |
7 | 13 | from datetime import datetime |
8 | 14 | from argon2 import PasswordHasher |
9 | 15 | from src.services.logger_service import AdvancedLogger |
|
21 | 27 | from flask_cors import CORS |
22 | 28 | from werkzeug.utils import secure_filename |
23 | 29 |
|
24 | | -# configuracion de usuarios demo |
25 | | -# --- HOTFIX TEMPORAL: Convertir tu JSON a la estructura nueva --- |
26 | | -import json |
27 | | - |
28 | | -# Tu environment variable actual |
29 | | - |
30 | | -users_json = os.getenv("USERS_JSON_LAST", "[]") |
31 | | - |
32 | | -# Convertir lista de diccionarios a diccionario de diccionarios |
33 | | -def load_users_from_env(): |
34 | | - try: |
35 | | - users_list = json.loads(users_json) |
36 | | - users = {} |
37 | | - |
38 | | - for user in users_list: |
39 | | - username = user['username'] |
40 | | - users[username] = { |
41 | | - "password": ph.hash(user['password']), # ✅ IMPORTANTE: Hashear! |
42 | | - "role": user['role'], |
43 | | - "failed_attempts": 0, |
44 | | - "last_attempt": None |
45 | | - } |
46 | | - print(f"✅ Usuarios convertidos: {list(users.keys())}") |
47 | | - |
48 | | - except Exception as e: |
49 | | - print(f"❌ Error convirtiendo usuarios: {e}") |
50 | | - # Fallback a usuarios básicos |
51 | | - users = { |
52 | | - "admin": { |
53 | | - "password": ph.hash("admin123"), |
54 | | - "role": "administrator", |
55 | | - "failed_attempts": 0, |
56 | | - "last_attempt": None |
57 | | - }, |
58 | | - "usuario": { |
59 | | - "password": ph.hash("usuario123"), |
60 | | - "role": "usuario", |
61 | | - "failed_attempts": 0, |
62 | | - "last_attempt": None |
63 | | - } |
64 | | - } |
65 | | -# --- USUARIOS CARGADOS CORRECTAMENTE --- |
66 | | -users = load_users_from_env() |
67 | | - |
68 | | -print(f"✅ Usuarios cargados: {list(users.keys())}") |
69 | | - |
70 | 30 | # ✅ IMPORTAR MÓDULOS QUE SÍ FUNCIONAN |
71 | 31 | from src.utils.security import ( |
72 | 32 | check_brute_force_protection, |
@@ -132,27 +92,61 @@ def load_users_from_env(): |
132 | 92 | # --- CARPETA UPLOADS --- |
133 | 93 | os.makedirs(app.config['UPLOAD_FOLDER'], exist_ok=True) |
134 | 94 |
|
135 | | -# --- USUARIOS BASE --- |
136 | | -users = { |
137 | | - os.getenv("ADMIN_USER", "admin"): { |
138 | | - "password": ph.hash(os.getenv("ADMIN_PASS", "admin123")), |
139 | | - "role": "administrator", |
140 | | - "failed_attempts": 0, |
141 | | - "last_attempt": None |
142 | | - }, |
143 | | - os.getenv("CLIENT_USER", "cliente"): { |
144 | | - "password": ph.hash(os.getenv("CLIENT_PASS", "cliente123")), |
145 | | - "role": "cliente", |
146 | | - "failed_attempts": 0, |
147 | | - "last_attempt": None |
148 | | - }, |
149 | | - os.getenv("USR_USER", "usuario"): { |
150 | | - "password": ph.hash(os.getenv("USR_PASS", "usuario123")), |
151 | | - "role": "usuario", |
152 | | - "failed_attempts": 0, |
153 | | - "last_attempt": None |
154 | | - } |
155 | | -} |
| 95 | +# --- CONFIGURACIÓN DE USUARIOS DEMO - CORREGIDA --- |
| 96 | +def load_users_from_env(): |
| 97 | + """Cargar usuarios desde variable de entorno JSON - VERSIÓN CORREGIDA""" |
| 98 | + users_json = os.getenv("USERS_JSON_LAST", "[]") |
| 99 | + |
| 100 | + try: |
| 101 | + users_list = json.loads(users_json) |
| 102 | + users_dict = {} |
| 103 | + |
| 104 | + for user in users_list: |
| 105 | + username = user.get('username') |
| 106 | + password = user.get('password') |
| 107 | + role = user.get('role', 'usuario') |
| 108 | + |
| 109 | + if username and password: |
| 110 | + users_dict[username] = { |
| 111 | + "password": ph.hash(password), # ✅ Hashear la contraseña |
| 112 | + "role": role, |
| 113 | + "failed_attempts": 0, |
| 114 | + "last_attempt": None |
| 115 | + } |
| 116 | + |
| 117 | + print(f"✅ Usuarios convertidos desde JSON: {list(users_dict.keys())}") |
| 118 | + return users_dict |
| 119 | + |
| 120 | + except Exception as e: |
| 121 | + print(f"❌ Error cargando usuarios JSON: {e}") |
| 122 | + # Fallback a usuarios básicos |
| 123 | + users_dict = { |
| 124 | + "admin": { |
| 125 | + "password": ph.hash(os.getenv("ADMIN_PASS", "admin123")), |
| 126 | + "role": "administrator", |
| 127 | + "failed_attempts": 0, |
| 128 | + "last_attempt": None |
| 129 | + }, |
| 130 | + "cliente": { |
| 131 | + "password": ph.hash(os.getenv("CLIENT_PASS", "cliente123")), |
| 132 | + "role": "cliente", |
| 133 | + "failed_attempts": 0, |
| 134 | + "last_attempt": None |
| 135 | + }, |
| 136 | + "usuario": { |
| 137 | + "password": ph.hash(os.getenv("USR_PASS", "usuario123")), |
| 138 | + "role": "usuario", |
| 139 | + "failed_attempts": 0, |
| 140 | + "last_attempt": None |
| 141 | + } |
| 142 | + } |
| 143 | + print(f"✅ Usuarios por defecto cargados: {list(users_dict.keys())}") |
| 144 | + return users_dict |
| 145 | + |
| 146 | +# --- USUARIOS CARGADOS CORRECTAMENTE --- |
| 147 | +users = load_users_from_env() |
| 148 | + |
| 149 | +print(f"✅ Total de usuarios cargados: {len(users)}") |
156 | 150 |
|
157 | 151 | # ✅ CONFIGURAR PROTECCIÓN FUERZA BRUTA (MÓDULO FUNCIONAL) |
158 | 152 | setup_brute_force_protection(users) |
@@ -246,6 +240,9 @@ def login(): |
246 | 240 | return render_template("login.html", error="Credenciales inválidas.") |
247 | 241 | return render_template("login.html") |
248 | 242 |
|
| 243 | +# ... (el resto del código IGUAL, no lo cambio para no hacerlo más largo) |
| 244 | + |
| 245 | + |
249 | 246 | @app.route('/logout', methods=['GET','POST']) |
250 | 247 | @login_required |
251 | 248 | def logout(): |
@@ -468,3 +465,4 @@ def handle_message(data): |
468 | 465 | debug=os.getenv('DEBUG', 'False').lower() == 'true') |
469 | 466 |
|
470 | 467 | application = app |
| 468 | + |
0 commit comments