mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Expose certificate and CRL lifetime via session API call
This commit is contained in:
parent
d8f1e36ecf
commit
09a67718ab
@ -67,6 +67,10 @@ class SessionResource(object):
|
|||||||
autosign_subnets = config.AUTOSIGN_SUBNETS,
|
autosign_subnets = config.AUTOSIGN_SUBNETS,
|
||||||
request_subnets = config.REQUEST_SUBNETS,
|
request_subnets = config.REQUEST_SUBNETS,
|
||||||
admin_subnets=config.ADMIN_SUBNETS,
|
admin_subnets=config.ADMIN_SUBNETS,
|
||||||
|
signature = dict(
|
||||||
|
certificate_lifetime=config.CERTIFICATE_LIFETIME,
|
||||||
|
revocation_list_lifetime=config.REVOCATION_LIST_LIFETIME
|
||||||
|
)
|
||||||
) if req.context.get("user").is_admin() else None,
|
) if req.context.get("user").is_admin() else None,
|
||||||
features=dict(
|
features=dict(
|
||||||
tagging=config.TAGGING_BACKEND,
|
tagging=config.TAGGING_BACKEND,
|
||||||
|
@ -484,7 +484,11 @@ else {
|
|||||||
output += "\n E-mail disabled\n";
|
output += "\n E-mail disabled\n";
|
||||||
;
|
;
|
||||||
}
|
}
|
||||||
output += "</p>\n\n<p>Authenticated users allowed from:\n\n";
|
output += "</p>\n\n<p>Web signed certificate attributes:</p>\n\n<ul>\n <li>Certificate lifetime: ";
|
||||||
|
output += runtime.suppressValue(runtime.memberLookup((runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"signature")),"certificate_lifetime"), env.opts.autoescape);
|
||||||
|
output += " days</li>\n <li>Revocation list lifetime: ";
|
||||||
|
output += runtime.suppressValue(runtime.memberLookup((runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"signature")),"revocation_list_lifetime"), env.opts.autoescape);
|
||||||
|
output += " seconds</li>\n</ul>\n\n<p>Authenticated users allowed from:\n\n";
|
||||||
if(runtime.inOperator("0.0.0.0/0",runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"user_subnets"))) {
|
if(runtime.inOperator("0.0.0.0/0",runtime.memberLookup((runtime.memberLookup((runtime.contextOrFrameLookup(context, frame, "session")),"authority")),"user_subnets"))) {
|
||||||
output += "\n anywhere\n </p>\n";
|
output += "\n anywhere\n </p>\n";
|
||||||
;
|
;
|
||||||
|
@ -29,6 +29,13 @@ as such require complete reset of X509 infrastructure if some of them needs to b
|
|||||||
E-mail disabled
|
E-mail disabled
|
||||||
{% endif %}</p>
|
{% endif %}</p>
|
||||||
|
|
||||||
|
<p>Web signed certificate attributes:</p>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li>Certificate lifetime: {{ session.authority.signature.certificate_lifetime }} days</li>
|
||||||
|
<li>Revocation list lifetime: {{ session.authority.signature.revocation_list_lifetime }} seconds</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
<p>Authenticated users allowed from:
|
<p>Authenticated users allowed from:
|
||||||
|
|
||||||
{% if "0.0.0.0/0" in session.authority.user_subnets %}
|
{% if "0.0.0.0/0" in session.authority.user_subnets %}
|
||||||
|
Loading…
Reference in New Issue
Block a user