added form to set password for pkcs12 certificate

91ad527f · Václav Bartoš · 12c0146f · 91ad527f · 91ad527f
Commit 91ad527f authored 2 years ago by Václav Bartoš
--- a/main.py
+++ b/main.py
@@ -476,7 +476,7 @@ def export_certificate():
        return send_file(certificates.get_pem_files(user_spec.cn)[1],
                         attachment_filename=f"{user_spec.cn}.key", mimetype="application/x-pem-file")
    # Otherwise show the HTML page
-    return render_template("export_certificate.html", token=token, username=username)
+    return render_template("export_certificate.html", token=token, username=username, soctoolsproxy=config.SOCTOOLSPROXY)
 @app.route("/send_token/<username>")

--- a/templates/export_certificate.html
+++ b/templates/export_certificate.html
-{% extends "base.html" %}
+<!doctype html>
-{% block body %}
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>SOCtools - user certificate</title>
+  <style>
+  p { margin: 1em 0em; padding: 0; }
+  h2 { margin: 2em 0 1em 0; font-size: large; }
+  </style>
+</head>
+<body>
-<p>The certificate for user '{{ username }}', which allows to access various SOCtools services,
+<h1>SOCtools - download certificate for user '{{ username }}'</h1>
-can be downloaded in the following formats:</p>
-{# TODO password field/prompt #}
+<p>The certificate allows to access SOCtools services running at <i>{{ soctoolsproxy }}</i>.
-<p><a href="{{ url_for('export_certificate') }}?token={{token}}&amp;format=p12">PKCS12 (.p12)</a> - contains both certificate and matching private key &nbsp; <span style="font-style: italics; color: #777;">← You probably need this to import into your browser</span></p>
+It can be downloaded in the following formats:</p>
-<p><a href="{{ url_for('export_certificate') }}?token={{token}}&amp;format=pem-cert">PEM (certificate) (.crt)</a></p>
+<h2>PKCS12 format (.p12)</h3>
+<p>
+It contains both the certificate and matching private key.
+The file should by protected (encrypted) by a password (empty password is possible, but not recommended):
+</p>
+<form action="{{ url_for('export_certificate') }}?token=&amp;format=p12" method="GET">
+<input type="hidden" name="token" value="{{token}}">
+<input type="hidden" name="format" value="p12">
+<label for="password">Password:</label>
+<input type="password" name="password"></input>
+<input type="submit" value="Download PKCS12 (.p12)">
+<span style="margin-left: 1em; font-style: italics; color: #777;">← You probably need this to import into your browser</span>
+</form>
-<p><a href="{{ url_for('export_certificate') }}?token={{token}}&amp;format=pem-key">PEM (private key) (.key)</a></p>
+<h2>PEM format (.crt, .key)</h2>
+<p>
+Certificate and private key are stored separately in PEM format. Encryption is not supported.<br>
+<a href="{{ url_for('export_certificate') }}?token={{token}}&amp;format=pem-cert">Download certificate (.crt)</a><br>
+<a href="{{ url_for('export_certificate') }}?token={{token}}&amp;format=pem-key">Download private key (.key)</a>
+</p>
-{% endblock %}
+</body>
\ No newline at end of file
+</html>
\ No newline at end of file