ArendJan
commented
11 months ago After our discussion: TODOS:
- Remove the option to change password from web
- Remove python script password_manager
- Change nginx to use pam
- Let pam module do all the settings (extra bash script)
- (optional) let pam module ask user to change wifi password
Fixes #37
Components:
Pam:
This Pluggable Authentication Module is hooked into the passwd calls. Before entering a new password it will show the user a warning that it stores the password and that it should not be a safe password. After entering, it will show the password and store it in
/home/mirte/.wifi_pwdfor the wifi hotspot functionality.password_manager:This python script will watch/usr/local/src/mirte/mirte-install-scripts/config/pam/users.jsonand/usr/local/src/mirte/mirte-install-scripts/config/web/newpasswdfor changes. When there are changes, it updates:Nginx:
Login:
when a user is connecting to any webpage and is not logged in and is not from a 'secure' source (192.168.42/43/137.x), then the user gets a http basic auth popup. When login fails, a custom error page is show how to login. Nginx uses pam to check the username & password.
Code:
The VsCode web server uses a different port from the other pages, as it does not like being in a 'directory'. Nginx will still check for the password. It is possible to go to http://192.168.42.1/code/ and you'll get redirected to the correct port.