fix some issues with errors handler and add change pw page

Author: enriquetomasmb

nebula/frontend/app.py

@@ -386,7 +386,7 @@ async def custom_http_exception_handler(request: Request, exc: StarletteHTTPExce
         return templates.TemplateResponse("405.html", context, status_code=exc.status_code)
     elif exc.status_code == status.HTTP_413_REQUEST_ENTITY_TOO_LARGE:
         return templates.TemplateResponse("413.html", context, status_code=exc.status_code)
-    return await request.app.default_exception_handler(request, exc)
+    return JSONResponse({"detail": exc.detail, "status_code": exc.status_code}, status_code=exc.status_code)
 
 
 async def retry_with_backoff(func, *args, max_retries=5, initial_delay=1):
@@ -468,7 +468,8 @@ async def _post():
                 if response.status == 200:
                     return await response.json()
                 else:
-                    raise HTTPException(status_code=response.status, detail="Error posting data")
+                    detail = await response.text()
+                    raise HTTPException(status_code=response.status, detail=detail)
 
     return await retry_with_backoff(_post)
 
@@ -511,31 +512,32 @@ async def frontend_discover_vpn(session: dict = Depends(get_session)):
     to the internal controller, then returns the JSON result back to the client.
     Requires the user to be logged in.
     """
- 
+
     # 1) Enforce authentication
     if "user" not in session:
-        # If there’s no user in session, return HTTP 401 Unauthorized
+        # If there's no user in session, return HTTP 401 Unauthorized
         raise HTTPException(status_code=401, detail="Login required")
- 
+
     # 2) Build the controller URL (using host/port from settings)
     url = f"http://{settings.controller_host}:{settings.controller_port}/discover-vpn"
- 
+
     try:
-        # 3) Call the controller’s /discover-vpn endpoint
+        # 3) Call the controller's /discover-vpn endpoint
         data = await controller_get(url)
- 
+
         # 4) Return whatever JSON the controller gave us
         return JSONResponse(content=data)
- 
+
     except HTTPException as e:
         # 5) If the controller itself raised an HTTPException, propagate it as-is
         raise e
- 
+
     except Exception as e:
         # 6) For any other error, log it and return a generic 500 response
         logging.exception(f"Error proxying discover-vpn: {e}")
         raise HTTPException(status_code=500, detail="Error discovering VPN devices")
- 
+
+
 @app.get("/platform/api/physical/state/{ip}", response_class=JSONResponse)
 async def proxy_physical_state(ip: str):
     """
@@ -545,22 +547,23 @@ async def proxy_physical_state(ip: str):
     """
     url = f"http://{settings.controller_host}:{settings.controller_port}/physical/state/{ip}"
     return await controller_get(url)
- 
- 
+
+
 async def physical_nodes_available(ips: list[str]) -> bool:
     """
     Return True only if *every* ip answered with {"running": false}.
     Any error or timeout counts as *not available*.
     """
-    tasks  = [controller_get(
-                  f"http://{settings.controller_host}:{settings.controller_port}/physical/state/{ip}"
-              ) for ip in ips]
+    tasks = [
+        controller_get(f"http://{settings.controller_host}:{settings.controller_port}/physical/state/{ip}")
+        for ip in ips
+    ]
     states = await asyncio.gather(*tasks, return_exceptions=True)
- 
+
     for st in states:
         if not isinstance(st, dict):
-            return False               
-        if st.get("running") is True:  
+            return False
+        if st.get("running") is True:
             return False
     return True
 
@@ -1095,6 +1098,54 @@ async def nebula_admin(request: Request, session: dict = Depends(get_session)):
         raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
 
 
+@app.get("/platform/settings", response_class=HTMLResponse)
+async def nebula_settings(request: Request, session: dict = Depends(get_session)):
+    """
+    Render the settings interface for authenticated users.
+    Enable to change the password of the user.
+    """
+    if "user" in session:
+        return templates.TemplateResponse("settings.html", {"request": request})
+    else:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
+
+
+@app.post("/platform/user/change_password")
+async def nebula_change_password(
+    request: Request,
+    session: dict = Depends(get_session),
+    current_password: str = Form(...),
+    new_password: str = Form(...),
+):
+    """
+    Allow an authenticated user to change their own password by verifying the current password first.
+    """
+    if "user" not in session:
+        return RedirectResponse(url="/platform/login", status_code=status.HTTP_302_FOUND)
+
+    username = session["user"]
+    # Verify current password
+    try:
+        user_data = await verify_user(username, current_password)
+    except HTTPException as e:
+        if e.status_code == 401:
+            return templates.TemplateResponse(
+                "settings.html",
+                {"request": request, "error": "Current password is incorrect."},
+            )
+        else:
+            return templates.TemplateResponse(
+                "settings.html",
+                {"request": request, "error": f"Error: {e.detail}"},
+            )
+    # Update password (keep role unchanged)
+    await update_user(username, new_password, user_data["role"])
+    return templates.TemplateResponse(
+        "settings.html",
+        {"request": request, "success": "Password changed successfully."},
+    )
+
+
 @app.post("/platform/dashboard/{scenario_name}/save_note")
 async def save_note_for_scenario(scenario_name: str, request: Request, session: dict = Depends(get_session)):
     """
@@ -2161,7 +2212,7 @@ async def run_scenario(scenario_data: dict, role: str, user: str) -> None:
 
     # PHYSICAL  ➜ wait until all nodes are idle
     is_physical = scenario_data.get("deployment") == "physical"
-    phys_ips    = scenario_data.get("physical_ips", [])
+    phys_ips = scenario_data.get("physical_ips", [])
 
     if is_physical:
         wait_start = asyncio.get_event_loop().time()
@@ -2182,13 +2233,12 @@ async def run_scenario(scenario_data: dict, role: str, user: str) -> None:
 
     # Register for synchronization
     user_data.nodes_registration[scenario_name] = {
-        "n_nodes":   scenario_data["n_nodes"],
-        "nodes":     set(),
+        "n_nodes": scenario_data["n_nodes"],
+        "nodes": set(),
         "condition": asyncio.Condition(),
     }
 
 
-
 # Deploy the list of scenarios
 async def run_scenarios(role, user):
     """

nebula/frontend/templates/layout.html

@@ -234,6 +234,8 @@ <h1 class="logo">
                                     {{ request.session.get("role") }}</a></li>
                             {% if request.session.get("role", None) == "admin" %}
                             <li><a href="{{ url_for('nebula_admin') }}">Admin Dashboard</a></li>
+                            {% else %}
+                            <li><a href="{{ url_for('nebula_settings') }}">Settings</a></li>
                             {% endif %}
                             <li><a href="{{ url_for('nebula_logout') }}">Logout</a></li>
                         </ul>

nebula/frontend/templates/settings.html

@@ -0,0 +1,67 @@
+{% extends "layout.html" %}
+{% block body %}
+{{ super() }}
+
+<section id="home" class="home">
+    <div class="container" style="text-align: center">
+        <h1 class="logo" style="text-align: center">Settings</h1>
+        <p style="text-align: center" class="fst-italic">Change your password</p>
+    </div>
+</section>
+
+<!-- Modal -->
+<div class="modal fade" id="user-modal" tabindex="-1" role="dialog" aria-labelledby="exampleModalLabel"
+    aria-hidden="true">
+    <div class="modal-dialog modal-lg">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h5 class="modal-title" id="user-modal-title"></h5>
+                <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+            </div>
+            <div class="modal-body" id="user-modal-content"></div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-dark" data-bs-dismiss="modal">Close</button>
+            </div>
+        </div>
+    </div>
+</div>
+
+<section id="user-section" class="base">
+    <div class="container">
+        <div class="row p-3 justify-content-center">
+            <div class="col-lg-6">
+                <h3>Change Password</h3>
+                <form action="/platform/user/change_password" method="post">
+                    <div class="form-group">
+                        <label for="current_password">Current Password</label>
+                        <input type="password" class="form-control" name="current_password" id="current_password" placeholder="Enter current password" required>
+                    </div>
+                    <div class="form-group mt-3">
+                        <label for="new_password">New Password</label>
+                        <input type="password" class="form-control" name="new_password" id="new_password" placeholder="Enter new password" required>
+                    </div>
+                    <div class="form-group mt-3">
+                        <button type="submit" class="btn btn-dark">Change Password</button>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </div>
+</section>
+
+{% if success %}
+<script>
+    document.addEventListener('DOMContentLoaded', function() {
+        showAlert('success', '{{ success }}');
+    });
+</script>
+{% endif %}
+{% if error %}
+<script>
+    document.addEventListener('DOMContentLoaded', function() {
+        showAlert('danger', '{{ error }}');
+    });
+</script>
+{% endif %}
+
+{% endblock %}