ustclug / lug-vpn-web Goto Github PK
View Code? Open in Web Editor NEWLUG VPN 申请系统
Home Page: https://getvpn.ustclug.org/
License: GNU Affero General Public License v3.0
LUG VPN 申请系统
Home Page: https://getvpn.ustclug.org/
License: GNU Affero General Public License v3.0
问题描述:
修复建议
Method A:
如果在/login页面检测到有效cookie,直接跳转至/
Method B:
新账号登录时,旧cookie标记失效
希望能够记录所有申请历史。目前新的申请记录会覆盖旧的申请记录,旧记录只能查邮件。
希望能够将申请记录单独创建一张表(第三范式?),将所有申请历史都记录下来。方便管理员审核参考历史被拒原因。
现在用户量已经很大了,每次通过申请时,需要加载所有用户的列表,比较慢。把 New Applications 单独提出来会快很多
方便多位管理员同时审核
正文中包含:姓名,邮箱,学号,申请理由,申请结果(通过/不通过),拒绝理由,审核者。
建议在数据库中新增一个字段记录审核者
建议增加一个判断:
如果Student/Staff No.字段,位数不等于10位(学号)或5位(工资号),则提示用户修改。
可能是 1d7ef88 引入的bug
现在是在校外,这两天连接lug vpn之后,访问北邮人pt出现
Hmm. We’re having trouble finding that site.
We can’t connect to the server at byr.pt.
这个提示,ping的时候显示Destination unreachable: Address unreachable
$ ping byr.pt
PING byr.pt(tracker.byr.pt (2001:da8:215:4078:250:56ff:fe97:654d)) 56 data bytes
From ustc.edu.cn (2001:da8:d800:5f52:7::1) icmp_seq=1 Destination unreachable: Address unreachable
From ustc.edu.cn (2001:da8:d800:5f52:7::1) icmp_seq=2 Destination unreachable: Address unreachable
From ustc.edu.cn (2001:da8:d800:5f52:7::1) icmp_seq=3 Destination unreachable: Address unreachable
From ustc.edu.cn (2001:da8:d800:5f52:7::1) icmp_seq=4 Destination unreachable: Address unreachable
^C
--- byr.pt ping statistics ---
6 packets transmitted, 0 received, +4 errors, 100% packet loss, time 12176ms
而ping youtube, ipv6正常ping通:
$ ping youtube.com
PING youtube.com(nrt13s50-in-x0e.1e100.net (2404:6800:4004:818::200e)) 56 data bytes
64 bytes from nrt13s50-in-x0e.1e100.net (2404:6800:4004:818::200e): icmp_seq=1 ttl=116 time=75.4 ms
64 bytes from nrt13s50-in-x0e.1e100.net (2404:6800:4004:818::200e): icmp_seq=2 ttl=116 time=74.2 ms
64 bytes from nrt13s72-in-x0e.1e100.net (2404:6800:4004:818::200e): icmp_seq=3 ttl=116 time=85.4 ms
64 bytes from nrt13s50-in-x0e.1e100.net (2404:6800:4004:818::200e): icmp_seq=4 ttl=116 time=75.3 ms
^C
--- youtube.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 74.158/77.563/85.432/4.568 ms
这个是哪边的问题?我这里的网络有华数这个狗屁网和移动这个破网,2个都是这样。
在radcheck里维护一项 attribure为'Expiration'的 value为日期(格式在此)的记录。
通过username来标明某用户会在此时间后过期。
为了方便只写日期不写时间也可以,如 '7 Sep 2016'就使提交此issue的时间无法通过验证。
前端添加申请时限,默认2个月之类的。后端就可以在申请的时候一次insert两条,一条Cleartext-Password,一条Expiration。
变回永久是: delete from radcheck where username='[email protected]' and attribute='Expiration';
续期通过把已有的Expiration的value改变(当前时间+2个月)即可。
参考
import datetime
(datetime.date.today()+datetime.timedelta(days=60)).strftime('%d %b %Y')
@zhsj 似乎写了一份
light分支的文件中对于拒绝的申请,使用的标题是
Your application has been rejected
而我看到,master分支使用的是
Your VPN application has been rejected
强烈建议,从政治正确的角度,为了照顾申请出国的同学,将这个提示语,从
Your application has been rejected
改成
Almost done! Your petition is waiting for minor revision!
(Moved From GitLab)
改进:创建RADIUS用户时,将用户添加到用户组
SQL语句举例: INSERT INTO radusergroup (UserName, GroupName, priority) VALUES ('zzh1996', 'groupname', 1);
这样就可以利用用户组来批量为用户添加流量限制和连接数限制
记得以前有个地址提交,现在忘了
允许 admin 通过 /su/username
来切换到其他用户的登录态,以方便操作
log显示如下:
101.226.66.181 - - [23/Jun/2016 23:55:06] code 400, message Bad request syntax ('GET /?nsukey=yBzUd1rlOdBQqns%2FP0uvX2gFkU2Zm9Bm8NPmmHG8wsO4mQVKCrKEicpgr%2B2TxOdREkaqiE4w5GCXv%2BN0SDJxHw%3D%3D&version=10000&doview=1&ua=Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13F69 MicroMessenger/6.3.16 NetType/WIFI Language/zh_CN&keeplink=0&reformat=0 HTTP/1.1')
101.226.66.181 - - [23/Jun/2016 23:55:06] "GET /?nsukey=yBzUd1rlOdBQqns%2FP0uvX2gFkU2Zm9Bm8NPmmHG8wsO4mQVKCrKEicpgr%2B2TxOdREkaqiE4w5GCXv%2BN0SDJxHw%3D%3D&version=10000&doview=1&ua=Mozilla/5.0 (iPhone; CPU iPhone OS 9_3_2 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Mobile/13F69 MicroMessenger/6.3.16 NetType/WIFI Language/zh_CN&keeplink=0&reformat=0 HTTP/1.1" HTTPStatus.BAD_REQUEST -
是否需要打开Debug模式?
如何正确使用这个系统?想魔改一下它用在别的地方
一般都是很久没有访问申请系统,突然访问的时候报错,刷新一下网页就好了
当用户流量到达上限时,发送提醒邮件
能否将Rejected Users的排序反过来,让最新的申请出现在上方,较旧的申请放在后面。
issue优先级:低
一部分申请信息会被 noreply 重复发送 2 次。邮件内容看起来是相同的。
设备:iPhone 5s (A1453)
操作系统:iOS 9.3.2 (13F69)
网络环境:电信PPPoE、路由器NAT
相同环境下PPTP连接有记录显示。
由于发邮件会卡住一小会儿,如果这段时间用户再次点击提交按钮,则会再次触发提交。这样,就会发送多封邮件。
建议在用户点击提交按钮后,用js锁住按钮一段时间。或者改变按钮颜色,以“提醒”用户正在处理。避免用户重复提交。
(Moved From GitLab)
在后台点击pass按钮时报调用栈:
10.254.0.252 - - [19/Mar/2017 21:10:32] "POST /pass/199 HTTP/1.1" 500 -
Traceback (most recent call last):
File "/usr/lib/python3.5/site-packages/flask/app.py", line 2000, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1991, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1567, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
raise value
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1988, in wsgi_app
response = self.full_dispatch_request()
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1641, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1544, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
raise value
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1639, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib/python3.5/site-packages/flask/app.py", line 1625, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/lib/python3.5/site-packages/flask_login.py", line 792, in decorated_view
return func(*args, **kwargs)
File "/srv/lugvpn-web/app/views.py", line 163, in pass_
send_mail('Your application has passed', html, user.email)
File "/srv/lugvpn-web/app/mail.py", line 11, in send_mail
mail.send(msg)
File "/usr/lib/python3.5/site-packages/flask_mail.py", line 491, in send
with self.connect() as connection:
File "/usr/lib/python3.5/site-packages/flask_mail.py", line 144, in __enter__
self.host = self.configure_host()
File "/usr/lib/python3.5/site-packages/flask_mail.py", line 158, in configure_host
host = smtplib.SMTP(self.mail.server, self.mail.port)
File "/usr/lib/python3.5/smtplib.py", line 251, in __init__
(code, msg) = self.connect(host, port)
File "/usr/lib/python3.5/smtplib.py", line 335, in connect
self.sock = self._get_socket(host, port, self.timeout)
File "/usr/lib/python3.5/smtplib.py", line 306, in _get_socket
self.source_address)
File "/usr/lib/python3.5/socket.py", line 693, in create_connection
for res in getaddrinfo(host, port, 0, SOCK_STREAM):
File "/usr/lib/python3.5/socket.py", line 732, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Try again
有时间看一下吗? @zzh1996
多个设备在同一个 NAT 后面同时登录时,仅根据外网 ip 不好区分设备。Radius 有记录分配的内网 ip 这个数据吗?
(Moved From GitLab)
(Moved From GitLab)
(Moved From GitLab)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.