https://github.com/openNAMU/openNAMU/issues/1671

app.py

@@ -404,6 +404,8 @@ def give_admin_groups(name = None):
 def give_delete_admin_group(name = None):
     return give_delete_admin_group_2(name)
 
+app.route('/auth/give/fix/<user_name>', methods = ['POST', 'GET'])(give_user_fix)
+
 @app.route('/app_submit', methods = ['POST', 'GET'])
 def recent_app_submit():
     return recent_app_submit_2()

emergency_tool.py

@@ -139,28 +139,12 @@ elif what_i_do == '6':
 
     curs.execute(db_change("update other set data = ? where name = 'skin'"), [skin])
 elif what_i_do == '7':
-    print('----')
-    print('1. sha256')
-    print('2. sha3')
-
-    print('----')
-    what_i_do = input('Select : ')
-
     print('----')
     user_name = input('User name : ')
 
     print('----')
     user_pw = input('User password : ')
-
-    if what_i_do == '1':
-        hashed = hashlib.sha256(bytes(user_pw, 'utf-8')).hexdigest()
-    elif what_i_do == '2':
-        if sys.version_info < (3, 6):
-            hashed = sha3.sha3_256(bytes(user_pw, 'utf-8')).hexdigest()
-        else:
-            hashed = hashlib.sha3_256(bytes(user_pw, 'utf-8')).hexdigest()
-    else:
-        raise ValueError(what_i_do)
+    hashed = pw_encode(user_pw)
 
     curs.execute(db_change("update user_set set data = ? where id = ? and name = 'pw'"), [
         hashed,

lang/en-US.json

@@ -219,6 +219,7 @@
         "simple_check" : "Simple check",
         "add_user" : "Add user",
         "2fa" : "2FA",
+        "2fa_off" : "2FA disabled",
         "2fa_password" : "2FA password",
         "2fa_password_change" : "Change 2FA password",
         "history_reset" : "Document history reset",
@@ -238,6 +239,7 @@
         "document_set" : "Document settings",
         "user_added_menu" : "User added menu",
         "move_redirect_make" : "Redirect document generation (Only if possible)",
+        "user_fix" : "Fix user",
         "_comment_" : "Edit",
             "load" : "Load another document",
             "turn_off_monaco" : "Turn off monaco editor",

lang/ko-KR.json

@@ -527,5 +527,7 @@
     "main_skin_set_default": "기본 스킨 설정 기본값",
     "spread": "펼침",
     "popup": "팝업",
-    "popover": "팝오버"
+    "popover": "팝오버",
+    "user_fix" : "사용자 수정",
+    "2fa_off" : "2FA 끄기"
 }

route/give_user_fix.py

@@ -0,0 +1,70 @@
+from .tool.func import *
+
+def give_user_fix(user_name = ''):
+    with get_db_connect() as conn:
+        curs = conn.cursor()
+
+        curs.execute(db_change("select data from user_set where id = ? and name = 'pw'"), [user_name])
+        if not curs.fetchall():
+            return re_error('/error/2')
+
+        if admin_check() != 1:
+            return re_error('/error/3')
+
+        if flask.request.method == 'POST':
+            select = flask.request.form.get('select', '')
+            if select == 'password_change':
+                password = flask.request.form.get('new_password', '')
+                check_password = flask.request.form.get('password_check', '')
+
+                if password == check_password:
+                    hashed = pw_encode(password)
+                    curs.execute(db_change("update user_set set data = ? where id = ? and name = 'pw'"), [
+                        hashed,
+                        user_name
+                    ])
+                else:
+                    return re_error('/error/20')
+            elif select == '2fa_password_change':
+                password = flask.request.form.get('new_password', '')
+                check_password = flask.request.form.get('password_check', '')
+
+                if password == check_password:
+                    hashed = pw_encode(password)
+                    curs.execute(db_change('select data from user_set where name = "2fa_pw" and id = ?'), [user_name])
+                    if curs.fetchall():
+                        curs.execute(db_change("update user_set set data = ? where name = '2fa_pw' and id = ?"), [hashed, user_name])
+                    else:
+                        curs.execute(db_change("insert into user_set (name, id, data) values ('2fa_pw', ?, ?)"), [user_name, hashed])
+                else:
+                    return re_error('/error/20')
+            elif select == '2fa_off':
+                curs.execute(db_change('select data from user_set where name = "2fa" and id = ?'), [user_name])
+                if curs.fetchall():
+                    curs.execute(db_change("update user_set set data = '' where name = '2fa' and id = ?"), [user_name])
+
+            conn.commit()
+
+            return redirect('/user/' + url_pas(user_name))
+        else:
+            return easy_minify(flask.render_template(skin_check(),
+                imp = [load_lang('user_fix'), wiki_set(), wiki_custom(), wiki_css([0, 0])],
+                data = '''
+                    <form method="post">
+                        <select name="select">
+                            <option value="password_change">''' + load_lang('password_change') + '''</option>
+                            <option value="2fa_password_change">''' + load_lang('2fa_password_change') + '''</option>
+                            <option value="2fa_off">''' + load_lang('2fa_off') + '''</option>
+                        </select>
+                        <hr class="main_hr">
+                        ''' + load_lang('password_change') + ''' | ''' + load_lang('2fa_password_change') + '''
+                        <hr class="main_hr">
+                        <input placeholder="''' + load_lang('new_password') + '''" name="new_password" type="password">
+                        <hr class="main_hr">
+                        <input placeholder="''' + load_lang('password_confirm') + '''" name="password_check" type="password">
+                        <hr class="main_hr">
+                        <button type="submit">''' + load_lang('go') + '''</button>
+                    </form>
+                ''',
+                menu = [['manager', load_lang('return')]]
+            ))

route/main_tool_admin.py

@@ -21,6 +21,7 @@ def main_tool_admin():
                     <li><a href="/app_submit">''' + load_lang('application_list') + '''</a></li>
                     <li><a href="/register">''' + load_lang('add_user') + '''</a></li>
                     <li><a href="/setting">''' + load_lang('setting') + '''</a></li>
+                    <li><a href="/manager/18">''' + load_lang('user_fix') + '''</a></li>
                 </ul>
                 <h3>''' + load_lang('filter') + '''</h3>
                 <ul class="opennamu_ul">

route/main_tool_redirect.py

@@ -18,7 +18,8 @@ def main_tool_redirect(num = 1, add_2 = ''):
             12 : [load_lang('compare_target'), 'check', load_lang('compare_target')],
             13 : [load_lang('document_name'), 'edit', load_lang('load')],
             14 : [load_lang('document_name'), 'star_doc', load_lang('add_star_doc')],
-            15 : [load_lang('name_or_ip_or_regex'), 'auth/give/ban', load_lang('release')]
+            15 : [load_lang('name_or_ip_or_regex'), 'auth/give/ban', load_lang('release')],
+            16 : [0, 'auth/give/fix', load_lang('user_fix')],
         }
         
         if num == 1:

route/user_setting.py

@@ -18,15 +18,15 @@ def user_setting():
                     ['user_title', flask.request.form.get('user_title', '')]
                 ]
 
-                twofa_turn_on = 0 
                 twofa_on = flask.request.form.get('2fa', '')
                 if twofa_on != '':
-                    twofa_turn_on = 1
                     twofa_pw = flask.request.form.get('2fa_pw', '')
                     if twofa_pw != '':
                         twofa_pw = pw_encode(twofa_pw)
+
                         curs.execute(db_change("select data from user_set where id = ? and name = 'encode'"), [ip])
                         twofa_encode = curs.fetchall()[0][0]
+                        
                         auto_list += [['2fa', 'on'], ['2fa_pw', twofa_pw], ['2fa_pw_encode', twofa_encode]]
                     else:
                         auto_list += [['2fa', 'on']]