feat: login logout email added

Author: codeperfectplus

src/models.py

@@ -90,8 +90,8 @@ class User(db.Model, UserMixin):
     receive_email_alerts = db.Column(db.Boolean, default=True)
 
 
-class EmailPassword(db.Model):
-    __tablename__ = "EmailPassword"
+class SmptEamilPasswordConfig(db.Model):
+    __tablename__ = "SmptEamilPasswordConfig"
     id = db.Column(db.Integer, primary_key=True)
     email = db.Column(db.String(150), unique=True, nullable=False)
     password = db.Column(db.String(150), nullable=False)

src/routes/auth.py

@@ -2,10 +2,16 @@
 from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user, current_user
 from flask_sqlalchemy import SQLAlchemy
 from werkzeug.security import generate_password_hash, check_password_hash
+
+
+from flask import Flask, render_template, request, jsonify
+import subprocess
+
 from src.scripts.email_me import send_email
 
 from src.config import app, db
-from src.models import User, EmailPassword, DashboardSettings
+from src.models import User, SmptEamilPasswordConfig, DashboardSettings
+from src.utils import read_html_file
 
 auth_bp = blueprints.Blueprint('auth', __name__)
 
@@ -64,7 +70,8 @@ def login():
             # Get Admin Emails with Alerts Enabled:
             admin_email_address = get_email_addresses(user_level='admin', receive_email_alerts=True)
             if admin_email_address:
-                send_email(admin_email_address, 'Login Alert', f'{user.username} logged in to the system.')
+                login_body = read_html_file("src/templates/email_templates/login.html")
+                send_email(admin_email_address, 'Login Alert', login_body, is_html=True)
 
             return redirect(url_for('dashboard'))
         flash('Invalid username or password', 'danger')
@@ -114,30 +121,13 @@ def protected():
 
 @app.route('/logout')
 def logout():
+    receiver_email = get_email_addresses(user_level='admin', receive_email_alerts=True)
+    if receiver_email:
+        logout_body = read_html_file("src/templates/email_templates/logout.html")
+        send_email(receiver_email, 'Logout Alert', logout_body, is_html=True)
     logout_user()
     return redirect(url_for('login'))
 
-
-# def admin_required(f):
-#     """Decorator to ensure the current user is an admin."""
-#     @wraps(f)
-#     def decorated_function(*args, **kwargs):
-#         if not current_user.is_authenticated or current_user.user_level != 'admin':
-#             flash('Access denied. Admins only.')
-#             return redirect(url_for('login'))
-#         return f(*args, **kwargs)
-#     return decorated_function
-
-# def user_required(f):
-#     """Decorator to ensure the current user is a regular user."""
-#     @wraps(f)
-#     def decorated_function(*args, **kwargs):
-#         if not current_user.is_authenticated or current_user.user_level != 'user':
-#             flash('Access denied. Users only.')
-#             return redirect(url_for('login'))
-#         return f(*args, **kwargs)
-#     return decorated_function
-
 @app.route('/users')
 @login_required
 def view_users():
@@ -190,28 +180,36 @@ def delete_user(username):
 
 @app.route("/update-email-password", methods=["GET", "POST"])
 @login_required
-def update_email_password():
-    email_password = EmailPassword.query.first()
+def update_smpt_email_password():
+    smtp_config = SmptEamilPasswordConfig.query.first()
 
     if request.method == "POST":
         new_email = request.form.get("email")
         new_password = request.form.get("password")
 
-        if new_email:
-            email_password.email = new_email
-        if new_password:
-            email_password.password = new_password
-
+        if not new_email or not new_password:
+            flash("Please provide email and password.", "danger")
+            return redirect(url_for("update_smpt_email_password"))
+        
+        
+        if not smtp_config:
+            smtp_config = SmptEamilPasswordConfig(email=new_email, password=new_password)
+            db.session.add(smtp_config)
+        else:
+            smtp_config.email = new_email
+            smtp_config.password = new_password        
+        
         db.session.commit()
         flash("Email and password updated successfully!", "success")
-        return redirect(url_for("update_email_password"))
+        return redirect(url_for("update_smpt_email_password"))
 
-    return render_template("update_email_password.html", email_password=email_password)
+    return render_template("update_smpt_email_password.html", smtp_config=smtp_config)
 
 @app.route("/send_email", methods=["GET", "POST"])
 @login_required
 def send_email_page():
     dasboard_settings = DashboardSettings.query.first()
+    receiver_email = get_email_addresses(user_level='admin', receive_email_alerts=True)    
     if dasboard_settings:
         enable_alerts = dasboard_settings.enable_alerts
     if request.method == "POST":
@@ -225,18 +223,24 @@ def send_email_page():
             flash("Please provide recipient, subject, and body.", "danger")
             return redirect(url_for('send_email_page'))
 
+        print("Priority:", priority)
+        print("receiver_email:", receiver_email)
+
         # on high priority, send to all users or admin users even the receive_email_alerts is False
         if priority == "high" and receiver_email == "all_users":
+            print("Sending to all users")
             receiver_email = get_email_addresses(fetch_all_users=True)
         elif priority == "high" and receiver_email == "admin_users":
+            print("Sending to admin users")
             receiver_email = get_email_addresses(user_level='admin', fetch_all_users=True)
 
         # priority is low, send to users with receive_email_alerts is True
         if priority == "low" and receiver_email == "all_users":
+            print("Sending to all users with receive_email_alerts=True")
             receiver_email = get_email_addresses(receive_email_alerts=True)
         elif priority == "low" and receiver_email == "admin_users":
-            receiver_email = get_email_addresses(user_level='admin', receive_email_alerts=True)    
-
+            print("Sending to admin users with receive_email_alerts=True")
+            receiver_email = get_email_addresses(user_level='admin', receive_email_alerts=True)
 
         if not receiver_email:
             flash("No users found to send email to.", "danger")
@@ -248,15 +252,34 @@ def send_email_page():
             attachment_path = f"/tmp/{attachment.filename}"
             attachment.save(attachment_path)
         try:
-            respone = send_email(receiver_email, subject, body, attachment_path)
-            if respone and respone["status"] == "success":
-                flash(respone['message'], "success")
-            elif respone and respone["status"] == "failed":
-                flash(respone['message'], "danger")
-                return redirect(url_for(respone["type"]))
+            respose = send_email(receiver_email, subject, body, attachment_path)
+            print(respose)
+            if respose and respose.get("status") == "success":
+                flash(respose.get("message"), "success")
         except Exception as e:
             flash(f"Failed to send email: {str(e)}", "danger")
 
         return redirect(url_for('send_email_page'))
 
-    return render_template("send_email.html", enable_alerts=enable_alerts)
+    return render_template("send_email.html", enable_alerts=enable_alerts)
+
+@app.route('/terminal', methods=['GET', 'POST'])
+@login_required
+def terminal():
+    if current_user.user_level != 'admin':
+        flash("Your account does not have permission to view this page.", "danger")
+        return render_template("error/permission_denied.html")
+    if request.method == 'POST':
+        command = request.form.get('command')
+        if command:
+            try:
+                # Run the command and capture the output
+                output = subprocess.check_output(command, shell=True, stderr=subprocess.STDOUT, universal_newlines=True)
+            except subprocess.CalledProcessError as e:
+                # If the command fails, capture the error output
+                output = e.output
+            return jsonify(output=output)
+    return render_template('terminal.html')
+
+if __name__ == '__main__':
+    app.run(debug=True)

src/scripts/email_me.py

@@ -4,57 +4,53 @@
 from email.mime.text import MIMEText
 from email.mime.base import MIMEBase
 from email import encoders
-from dotenv import load_dotenv
-
+from flask import redirect, url_for, flash
 from src.config import app
-from src.models import EmailPassword, DashboardSettings
-# Load environment variables from .env file
-load_dotenv()
-
-# Get email credentials from .env
-EMAIL_ADDRESS = os.getenv("EMAIL_ADDRESS")
-EMAIL_PASSWORD = os.getenv("EMAIL_PASSWORD")
-
+from src.models import SmptEamilPasswordConfig, DashboardSettings
 
-def send_email(receiver_email, subject, body, attachment_path=None):
+def send_email(receiver_email, subject, body, attachment_path=None, is_html=False):
 
     if isinstance(receiver_email, str):
         receiver_email = [receiver_email]  # Convert single address to list
 
     with app.app_context():
-        dasboard_settings = DashboardSettings.query.first()
-        if dasboard_settings:
-            enable_alerts = dasboard_settings.enable_alerts
+        dashboard_settings = DashboardSettings.query.first()
+        if dashboard_settings:
+            enable_alerts = dashboard_settings.enable_alerts
             if not enable_alerts:
                 print("Email alerts are disabled. Please enable them in the settings.")
-                return {
-                    "message": "Email alerts are disabled. Please enable them in the settings.",
-                    "status": "failed",
-                    "type": "general_settings",
-                }
-        email_password = EmailPassword.query.first()
+                flash("Email alerts are disabled. Please enable them in the settings.", "danger")
+                return redirect(url_for('general_settings'))
+   
+        email_password = SmptEamilPasswordConfig.query.first()
         if not email_password:
-            print("Email credentials not found. Please set EMAIL_ADDRESS and EMAIL_PASSWORD environment variables.")
-            return {
-                "message": "Email credentials not found. Please set EMAIL_ADDRESS and EMAIL_PASSWORD environment variables.",
-                "status": "failed",
-                "type": "update_email_password",
-            }
+            print("SMTP email credentials not found. Please set EMAIL_ADDRESS and EMAIL_PASSWORD environment variables.")
+            flash("SMTP email credentials not found. Please set EMAIL_ADDRESS and EMAIL_PASSWORD environment variables.", "danger")
+            return redirect(url_for('update_smpt_email_password'))
+
+    EMAIL_ADDRESS = email_password.email
+    EMAIL_PASSWORD = email_password.password
 
+    print(f"Sending email to {receiver_email}")
 
     for email in receiver_email:
         try:
             # Create a multipart message
             msg = MIMEMultipart()
             msg['From'] = EMAIL_ADDRESS
             msg['To'] = email
-            msg['Subject'] = subject
+            msg['Subject'] = "SystemGuard Alert:" + subject
             # Append message to the body
             append_message = "This is an automated email from the SystemGuard application. Please do not reply to this email."
-            full_body = body + "\n\n" + append_message
-
-            # Attach the body with the msg instance
-            msg.attach(MIMEText(full_body, 'plain'))
+            
+            if is_html:
+                # If the email is HTML, append the message in HTML format
+                full_body = body + f"<p>{append_message}</p>"
+                msg.attach(MIMEText(full_body, 'html'))
+            else:
+                # If the email is plain text, append the message in plain text format
+                full_body = body + "\n\n" + append_message
+                msg.attach(MIMEText(full_body, 'plain'))
 
             # Attach a file if provided
             if attachment_path:
@@ -86,7 +82,6 @@ def send_email(receiver_email, subject, body, attachment_path=None):
 
         except Exception as e:
             return {
-                "message": f"failed to send email to {email}. Error: {str(e)}",
+                "message": f"Failed to send email to {email}. Error: {str(e)}",
                 "status": "failed",
             }
-

src/static/css/terminal.css

@@ -0,0 +1,26 @@
+body {
+    font-family: monospace;
+    background-color: #000;
+    color: #0f0;
+    margin: 0;
+    padding: 20px;
+}
+
+#terminal {
+    background-color: #000;
+    color: #0f0;
+    padding: 10px;
+    border: 1px solid #0f0;
+    height: 400px;
+    overflow-y: auto;
+    margin-top: 50px;
+}
+
+#command {
+    width: 100%;
+    background-color: #000;
+    color: #0f0;
+    border: none;
+    outline: none;
+    font-size: 16px;
+}

src/static/css/update_email_password.css …tatic/css/update_smpt_email_password.csssrc/static/css/update_email_password.css renamed to src/static/css/update_smpt_email_password.css src/static/css/update_email_password.css renamed to src/static/css/update_smpt_email_password.css

@@ -0,0 +1,61 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login Notification</title>
+    <style>
+        .alert-container {
+            max-width: 600px;
+            margin: 50px auto;
+            background-color: #f8f9fa;
+            border: 1px solid #ced4da;
+            border-radius: 10px;
+            padding: 20px;
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
+        }
+
+        .alert-header {
+            font-size: 24px;
+            color: #343a40;
+            margin-bottom: 10px;
+            text-align: center;
+        }
+
+        .alert-body {
+            font-size: 16px;
+            color: #495057;
+            margin-bottom: 20px;
+            text-align: center;
+        }
+
+        .alert-footer {
+            text-align: center;
+        }
+
+        .alert-footer a {
+            text-decoration: none;
+            color: #007bff;
+            font-weight: bold;
+        }
+    </style>
+</head>
+
+<body>
+    <div class="alert-container">
+        <div class="alert-header">
+            <i class="fas fa-info-circle"></i> Login Notification
+        </div>
+        <div class="alert-body">
+            Hello {{ username }},<br><br>
+            We noticed a login to your account on {{ login_time }} from the IP address {{ ip_address }}.<br><br>
+            If this was not you, please reset your password immediately.
+        </div>
+        <div class="alert-footer">
+            <a href="{{ url_for('reset_password') }}">Reset Password</a>
+        </div>
+    </div>
+</body>
+
+</html>