Authentication
Note: The authentication system is very limited and currently only used for processing-heavy requests, pushing captures to a MISP instance, and can be used to prioritize users in a high-use lookyloo instance.
Configure auth
In order to add a user, you need to edit the configuration file (config/generic.json), and add a
user in the users key, with the following format:
{"username" : "password"}
or
{"username" : ["password", "apikey"] }
In the first case, an API key will be automatically generated when you start the app.
Note: The API key is what you will need to use for the queries requiring an authenticated user when you’re using the API (PyLookyloo).
Note: You can have multiple users, they will all have the same admin rights.
Usage
To authenticate your session, open http://your.lookyloo.instance/login.
When logged in, you have access to the following URLs:
-
/hidden: show the tree hidden on the index -
/rebuild_cache: rebuild only the redis cache. Can take a while, but not as much as/rebuild_all -
/rebuild_all: rebuild all the tree (drop all the pickles of all the trees). warning: it can take a very, very long time. -
/logout: drop the session -
/tree/<string:tree_uuid>/rebuild: rebuild the tree -
/tree/<string:tree_uuid>/hide: hide the tree from the index -
/tree/<string:tree_uuid>/mark_as_legitimate: [if enabled] mark every URL/content as known -
/tree/<string:tree_uuid>/misp_push: [if enabled] push a capture to the MISP instance -
/tree/<string:tree_uuid>/url/<string:node_uuid>/add_context: [if enabled] add a specific resource in a category -
/json/<string:tree_uuid>/misp_push: [if enabled] [API only] push a capture to the MISP instance