added list images
This commit is contained in:
+45
-1
@@ -1,8 +1,10 @@
|
||||
import os
|
||||
import secrets
|
||||
import sqlite3
|
||||
from functools import wraps
|
||||
|
||||
import bcrypt as bc
|
||||
import requests as http_client
|
||||
from flask import (
|
||||
Flask,
|
||||
flash,
|
||||
@@ -20,6 +22,12 @@ ADMIN_USER = os.environ.get("ADMIN_USER", "admin")
|
||||
ADMIN_PASSWORD = os.environ.get("ADMIN_PASSWORD", "changeme")
|
||||
DB_PATH = os.environ.get("DB_PATH", "/data/users.db")
|
||||
HTPASSWD_PATH = os.environ.get("HTPASSWD_PATH", "/auth/htpasswd")
|
||||
REGISTRY_URL = os.environ.get("REGISTRY_URL", "http://registry:5000")
|
||||
|
||||
# Internal service account for registry API queries (not stored in SQLite)
|
||||
_SERVICE_USER = "_service"
|
||||
_SERVICE_PASSWORD = secrets.token_hex(16)
|
||||
_SERVICE_PASSWORD_HASH = None
|
||||
|
||||
|
||||
def get_db():
|
||||
@@ -53,13 +61,29 @@ def hash_password(password):
|
||||
|
||||
|
||||
def sync_htpasswd():
|
||||
"""Regenerate htpasswd file from all users in SQLite."""
|
||||
"""Regenerate htpasswd file from all users in SQLite + internal service user."""
|
||||
conn = get_db()
|
||||
users = conn.execute("SELECT username, password_hash FROM users").fetchall()
|
||||
conn.close()
|
||||
with open(HTPASSWD_PATH, "w") as f:
|
||||
for user in users:
|
||||
f.write(f"{user['username']}:{user['password_hash']}\n")
|
||||
f.write(f"{_SERVICE_USER}:{_SERVICE_PASSWORD_HASH}\n")
|
||||
|
||||
|
||||
def query_registry(path):
|
||||
"""Query the registry API using the internal service account."""
|
||||
try:
|
||||
resp = http_client.get(
|
||||
f"{REGISTRY_URL}{path}",
|
||||
auth=(_SERVICE_USER, _SERVICE_PASSWORD),
|
||||
timeout=5,
|
||||
)
|
||||
if resp.ok:
|
||||
return resp.json()
|
||||
except http_client.RequestException:
|
||||
pass
|
||||
return None
|
||||
|
||||
|
||||
def login_required(f):
|
||||
@@ -101,6 +125,25 @@ def users():
|
||||
return render_template("users.html", users=user_list)
|
||||
|
||||
|
||||
@app.route("/images")
|
||||
@login_required
|
||||
def images():
|
||||
repos = []
|
||||
data = query_registry("/v2/_catalog")
|
||||
if data:
|
||||
for name in sorted(data.get("repositories", [])):
|
||||
tags_data = query_registry(f"/v2/{name}/tags/list")
|
||||
tags = sorted(tags_data.get("tags", [])) if tags_data and tags_data.get("tags") else []
|
||||
repos.append({"name": name, "tags": tags})
|
||||
return render_template("images.html", repos=repos)
|
||||
|
||||
|
||||
@app.route("/help")
|
||||
@login_required
|
||||
def help_page():
|
||||
return render_template("help.html", domain=request.host)
|
||||
|
||||
|
||||
@app.route("/add", methods=["POST"])
|
||||
@login_required
|
||||
def add_user():
|
||||
@@ -175,4 +218,5 @@ def delete_user(user_id):
|
||||
|
||||
# Initialize database and htpasswd on startup
|
||||
init_db()
|
||||
_SERVICE_PASSWORD_HASH = hash_password(_SERVICE_PASSWORD)
|
||||
sync_htpasswd()
|
||||
|
||||
Reference in New Issue
Block a user