nsacyber · delirious-lettuce · Jun 27, 2017
diff --git a/forms.py b/forms.py
@@ -5,52 +5,127 @@
 from scripts.rpi_network_conn import get_wifi_list
 
 
-class loginForm(Form):
-    username = StringField("Username", [validators.DataRequired("Please enter the username."), validators.Length(min=2, max=25, message="Please enter a username between 2 and 25 characters.")])
-    password = PasswordField("Password", [validators.DataRequired("Please enter the password."), validators.Length(min=8, max=128, message="Please enter a password between 8 and 128 characters.")])
-    loginSubmit = SubmitField("Login", [validators.DataRequired()])
-
-
-class statusForm(Form):
+class LoginForm(Form):
+    username = StringField("Username", [
+        validators.DataRequired("Please enter the username."),
+        validators.Length(
+            min=2,
+            max=25,
+            message="Please enter a username between 2 and 25 characters.")
+    ])
+    password = PasswordField("Password", [
+        validators.DataRequired("Please enter the password."),
+        validators.Length(
+            min=8,
+            max=128,
+            message="Please enter a password between 8 and 128 characters.")
+    ])
+    login_submit = SubmitField("Login", [validators.DataRequired()])
+
+
+class StatusForm(Form):
     pass
 
 
-class userForm(Form):
-    username = StringField("Username", [validators.DataRequired("Please enter the username."), validators.Length(min=2, max=25, message="Please enter a username between 2 and 25 characters.")])
-    password = PasswordField("Current Password", [validators.DataRequired("Please enter the password."), validators.Length(min=8, max=128, message="Please enter a password between 8 and 128 characters.")])
-    new_password = PasswordField("New Password", [validators.DataRequired("Please enter a new password."), validators.Length(min=8, max=128, message="Please enter a new password between 8 and 128 characters."), validators.EqualTo('confirm_password', message='Passwords must match')])
+class UserForm(Form):
+    username = StringField("Username", [
+        validators.DataRequired("Please enter the username."),
+        validators.Length(
+            min=2,
+            max=25,
+            message="Please enter a username between 2 and 25 characters.")
+    ])
+    password = PasswordField("Current Password", [
+        validators.DataRequired("Please enter the password."),
+        validators.Length(
+            min=8,
+            max=128,
+            message="Please enter a password between 8 and 128 characters.")
+    ])
+    new_password = PasswordField("New Password", [
+        validators.DataRequired("Please enter a new password."),
+        validators.Length(
+            min=8,
+            max=128,
+            message="Please enter a new password between 8 and 128 characters."),
+        validators.EqualTo('confirm_password', message='Passwords must match')
+    ])
     confirm_password = PasswordField("Repeat New Password")
-    userSubmit = SubmitField("Save and Logout", [validators.DataRequired()])
-
-
-class resetToDefaultForm(Form):
-    username = StringField("Username", [validators.DataRequired("Please enter the username."), validators.Length(min=2, max=25, message="Please enter a username between 2 and 25 characters.")])
-    password = PasswordField("Current Password", [validators.DataRequired("Please enter the password."), validators.Length(min=8, max=128, message="Please enter a password between 8 and 128 characters.")])
-    resetToDefaultSubmit = SubmitField("Reset and Logout", [validators.DataRequired()])
-
-
-class wifiForm(Form):
+    user_submit = SubmitField("Save and Logout", [validators.DataRequired()])
+
+
+class ResetToDefaultForm(Form):
+    username = StringField("Username", [
+        validators.DataRequired("Please enter the username."),
+        validators.Length(
+            min=2,
+            max=25,
+            message="Please enter a username between 2 and 25 characters.")
+    ])
+    password = PasswordField("Current Password", [
+        validators.DataRequired("Please enter the password."),
+        validators.Length(
+            min=8,
+            max=128,
+            message="Please enter a password between 8 and 128 characters.")
+    ])
+    reset_to_default_submit = SubmitField("Reset and Logout", [validators.DataRequired()])
+
+
+class WifiForm(Form):
     wifi_list = get_wifi_list()
     ssid = SelectField("Network Name", choices=wifi_list)
     # ssid = SelectField("Network Name", choices=[("Wifi 1","Wifi 1"),("Wifi 2", "Wifi 2")])
     psk = PasswordField("Password", [validators.DataRequired()])
-    wifiSubmit = SubmitField("Save", [validators.DataRequired()])
-
-
-class vpnPskForm(Form):
-    vpn_server = StringField("Server Hostname", [validators.DataRequired("Please enter the goSecure Server Hostname or IP Address."), validators.Length(max=255, message="Please enter a goSecure Server Hostname or IP Address between 0 and 255 characters.")])
-    user_id = StringField("VPN User ID", [validators.DataRequired("Please enter the goSecure User Id."), validators.Length(max=255, message="Please enter a goSecure User Id between 0 and 255 characters.")])
-    user_psk = PasswordField("VPN PSK", [validators.DataRequired(), validators.Length(min=16, max=255, message="Please enter a goSecure User PSK between 16 and 255 characters.")])
-    vpnPskSubmit = SubmitField("Save", [validators.DataRequired()])
-
-
-class initialSetupForm(Form):
+    wifi_submit = SubmitField("Save", [validators.DataRequired()])
+
+
+class VpnPskForm(Form):
+    vpn_server = StringField("Server Hostname", [
+        validators.DataRequired("Please enter the goSecure Server Hostname or IP Address."),
+        validators.Length(
+            max=255,
+            message="Please enter a goSecure Server Hostname or IP Address between 0 and 255 characters.")
+    ])
+    user_id = StringField("VPN User ID", [
+        validators.DataRequired("Please enter the goSecure User Id."),
+        validators.Length(
+            max=255,
+            message="Please enter a goSecure User Id between 0 and 255 characters.")
+    ])
+    user_psk = PasswordField("VPN PSK", [
+        validators.DataRequired(),
+        validators.Length(
+            min=16,
+            max=255,
+            message="Please enter a goSecure User PSK between 16 and 255 characters.")
+    ])
+    vpn_psk_submit = SubmitField("Save", [validators.DataRequired()])
+
+
+class InitialSetupForm(Form):
     wifi_list = get_wifi_list()
     ssid = SelectField("Network Name", choices=wifi_list)
     # ssid = SelectField("Network Name", choices=[("Wifi 1","Wifi 1"),("Wifi 2", "Wifi 2")])
     psk = PasswordField("Password", [validators.DataRequired()])
 
-    vpn_server = StringField("Server Hostname", [validators.DataRequired("Please enter the goSecure Server Hostname or IP Address."), validators.Length(max=255, message="Please enter a goSecure Server Hostname or IP Address between 0 and 255 characters.")])
-    user_id = StringField("VPN User ID", [validators.DataRequired("Please enter the goSecure User Id."), validators.Length(max=255, message="Please enter a goSecure User Id between 0 and 255 characters.")])
-    user_psk = PasswordField("VPN PSK", [validators.DataRequired(), validators.Length(min=16, max=255, message="Please enter a goSecure User PSK between 16 and 255 characters.")])
-    initialSetupSubmit = SubmitField("Save", [validators.DataRequired()])
+    vpn_server = StringField("Server Hostname", [
+        validators.DataRequired("Please enter the goSecure Server Hostname or IP Address."),
+        validators.Length(
+            max=255,
+            message="Please enter a goSecure Server Hostname or IP Address between 0 and 255 characters.")
+    ])
+    user_id = StringField("VPN User ID", [
+        validators.DataRequired("Please enter the goSecure User Id."),
+        validators.Length(
+            max=255,
+            message="Please enter a goSecure User Id between 0 and 255 characters.")
+    ])
+    user_psk = PasswordField("VPN PSK", [
+        validators.DataRequired(),
+        validators.Length(
+            min=16,
+            max=255,
+            message="Please enter a goSecure User PSK between 16 and 255 characters.")
+    ])
+    initial_setup_submit = SubmitField("Save", [validators.DataRequired()])
diff --git a/gosecure_app.py b/gosecure_app.py
@@ -11,8 +11,8 @@
     Flask, render_template, request, Response, flash, redirect, url_for)
 
 from forms import (
-    loginForm, initialSetupForm, userForm, wifiForm, vpnPskForm,
-    resetToDefaultForm, statusForm)
+    LoginForm, InitialSetupForm, UserForm, WifiForm, VpnPskForm,
+    ResetToDefaultForm, StatusForm)
 from scripts.pi_mgmt import (
     pi_reboot, pi_shutdown, start_ssh_service, update_client)
 from scripts.rpi_network_conn import add_wifi, internet_status, reset_wifi
@@ -108,8 +108,8 @@ def user_validate_credentials(username, password):
     else:
         stored_password = users[username]['password']
         stored_salt = users[username]['salt']
-        userPasswordHash = hashlib.sha256(str(stored_salt) + password).hexdigest()
-        return stored_password == userPasswordHash
+        user_password_hash = hashlib.sha256(str(stored_salt) + password).hexdigest()
+        return stored_password == user_password_hash
 
 
 # return True is password is changed successfully
@@ -120,11 +120,11 @@ def user_change_credentials(username, password, new_password):
     else:
         # verify current password
         if user_validate_credentials(username, password):
-            #change password
-            userPasswordHashSalt = os.urandom(16).encode("base64")
-            userPasswordHash = hashlib.sha256(str(userPasswordHashSalt) + new_password).hexdigest()
-            users[username]["salt"] = userPasswordHashSalt
-            users[username]["password"] = userPasswordHash
+            # change password
+            user_password_hash_salt = os.urandom(16).encode("base64")
+            user_password_hash = hashlib.sha256(str(user_password_hash_salt) + new_password).hexdigest()
+            users[username]["salt"] = user_password_hash_salt
+            users[username]["password"] = user_password_hash
             with open("/home/pi/goSecure_Web_GUI/users_db.p", "wb") as fout:
                 pickle.dump(users, fout)
             return True
@@ -149,7 +149,7 @@ def page_not_found(e):
 # Login Page
 @app.route("/", methods=["GET", "POST"])
 def login():
-    form = loginForm()
+    form = LoginForm()
 
     if request.method == "GET":
         return render_template("login.html", form=form) 
@@ -203,7 +203,7 @@ def logout():
 @app.route("/status", methods=["GET", "POST"])
 @flask_login.login_required
 def status():
-    form = statusForm()
+    form = StatusForm()
 
     if request.method == "GET":
         # check to see if network and vpn are active, red=not active, green=active
@@ -216,7 +216,7 @@ def status():
 @app.route("/user", methods=["GET", "POST"])
 @flask_login.login_required
 def user():
-    form = userForm()
+    form = UserForm()
 
     if request.method == "GET":
         form.username.data = flask_login.current_user.id
@@ -243,7 +243,7 @@ def user():
 @app.route("/initial_setup", methods=["GET", "POST"])
 @flask_login.login_required
 def initial_setup():
-    form = initialSetupForm()
+    form = InitialSetupForm()
 
     if request.method == "GET":
         return render_template("initial_setup.html", form=form) 
@@ -276,7 +276,7 @@ def initial_setup():
 @app.route("/wifi", methods=["GET", "POST"])
 @flask_login.login_required
 def wifi():
-    form = wifiForm()
+    form = WifiForm()
 
     if request.method == "GET":
         return render_template("wifi.html", form=form)
@@ -306,7 +306,7 @@ def wifi():
 @app.route("/vpn_psk", methods=["GET", "POST"])
 @flask_login.login_required
 def vpn_psk():
-    form = vpnPskForm()
+    form = VpnPskForm()
 
     if request.method == "GET":
         return render_template("vpn_psk.html", form=form)
@@ -334,7 +334,7 @@ def vpn_psk():
 @app.route("/reset_to_default", methods=["GET", "POST"])
 @flask_login.login_required
 def reset_to_default():
-    form = resetToDefaultForm()
+    form = ResetToDefaultForm()
 
     if request.method == "GET":
         form.username.data = flask_login.current_user.id
@@ -384,7 +384,7 @@ def execute_action():
         update_client()
         flash("Client will reboot... please reload this page in 1 minute.")
     else:
-        form = initialSetupForm()
+        form = InitialSetupForm()
         flash("Error! Invalid Action!", "error")
 
     return redirect(url_for("status"))
@@ -396,7 +396,7 @@ def execute_action():
 @requires_basic_auth
 def api_vpn_credentials():
     if request.method == "POST":
-        form = initialSetupForm()
+        form = InitialSetupForm()
         form.vpn_server.data = request.json["vpn_server"]
         form.user_id.data = request.json["user_id"]
         form.user_psk.data = request.json["user_psk"]