lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2024-12-22 16:25:17 +00:00
Code Issues Activity

Expose certificate and CRL lifetime via session API call

Browse Source
This commit is contained in:
Lauri Võsandi 2016-03-29 15:43:34 +03:00
parent d8f1e36ecf
commit 09a67718ab
3 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
certidude/api/__init__.py
View File

@ -67,6 +67,10 @@ class SessionResource(object):
autosign_subnets = config.AUTOSIGN_SUBNETS,
request_subnets = config.REQUEST_SUBNETS,
admin_subnets=config.ADMIN_SUBNETS,
signature = dict(
certificate_lifetime=config.CERTIFICATE_LIFETIME,
revocation_list_lifetime=config.REVOCATION_LIST_LIFETIME
)
) if req.context.get("user").is_admin() else None,
features=dict(
tagging=config.TAGGING_BACKEND,

6
certidude/static/js/templates.js
View File

@ -484,7 +484,11 @@ else {
output += "\n E-mail disabled\n";
;
}
output += "</p>\n\n<p>Authenticated users allowed from:\n\n";
output += "</p>\n\n<p>Web signed certificate attributes:</p>\n\n<ul>\n <li>Certificate lifetime: ";
output += runtime.suppressValue(runtime.memberLookup((runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"signature")),"certificate_lifetime"), env.opts.autoescape);
output += " days</li>\n <li>Revocation list lifetime: ";
output += runtime.suppressValue(runtime.memberLookup((runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"signature")),"revocation_list_lifetime"), env.opts.autoescape);
output += " seconds</li>\n</ul>\n\n<p>Authenticated users allowed from:\n\n";
if(runtime.inOperator("0.0.0.0/0",runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"user_subnets"))) {
output += "\n anywhere\n </p>\n";
;

7
certidude/static/views/authority.html
View File

@ -29,6 +29,13 @@ as such require complete reset of X509 infrastructure if some of them needs to b
E-mail disabled
{% endif %}</p>
<p>Web signed certificate attributes:</p>
<ul>
<li>Certificate lifetime: {{ session.authority.signature.certificate_lifetime }} days</li>
<li>Revocation list lifetime: {{ session.authority.signature.revocation_list_lifetime }} seconds</li>
</ul>
<p>Authenticated users allowed from:
{% if "0.0.0.0/0" in session.authority.user_subnets %}