diff --git a/app.py b/app.py index 52ecb10..41c2d30 100644 --- a/app.py +++ b/app.py @@ -6,56 +6,59 @@ from bottle import route, run, template, error, get, \ # config + # load config from configfile instead of defining it here cookie_secret='.0)>ZCqL Fvi3m$;c VY-$&^65 r3Yg,$vC +U?1#zy] 2[]rUsru .yd4-GiE *i#i4Wr[' cookie_max_age=1800 #seconds -app_name='accounts' +cookie_name='accounts' +app_name='SocialNerds Accounts' static_files="/home/david/Git/accounts/static" -#miab_admin='someuser@socialnerds.org' -#miab_passwd='xxx' +miab_admin='someadmin@socialnerds.org' +miab_passwd='xxxxx' miab_url='https://excelsior.socialnerds.org/admin' - - # functions # verify session # if valid we return the username def logged_in(): #read remote cookie - username = request.get_cookie(app_name, secret=cookie_secret) + username = request.get_cookie(cookie_name, secret=cookie_secret) if username: return username else: return False - # do actual authentication against Mail-in-a-box def miab_auth(username, password): #authenticate against miab api a = requests.get(miab_url + "/mail/users", auth=(username, password)) # if valid set cookie and return True if a.text == 'You are not an administrator.\n' or a.status_code == 200: - response.set_cookie(app_name, username, secret=cookie_secret, max_age=cookie_max_age) + response.set_cookie(cookie_name, username, secret=cookie_secret, max_age=cookie_max_age) return True else: #or False return False +# change password for Mail-in-a-box +def miab_password(username, password): + return True + # routing @get('/') def home(): username = logged_in() + message = request.get_cookie(cookie_name + "_message", secret=cookie_secret) if username: # render homepage - return template('default', username=username, app_name=app_name) + return template('default', username=username, app_name=app_name, message=message) else: redirect('/login') - @get('/login') @get('/login/') def login(): @@ -71,6 +74,8 @@ def post_login(): username = request.forms.get('username') password = request.forms.get('password') if miab_auth(username, password): + message = { "message": "You have logged in successfully!", "alert": "success" } + response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: redirect('/login') @@ -79,13 +84,63 @@ def post_login(): @get('/logout') @get('/logout/') def logout(): - response.delete_cookie(app_name) - redirect('/login') + if logged_in(): + response.delete_cookie(cookie_name) + redirect('/') + else: + redirect('/') +# serve static files @get('/static/') def send_static(filename): return static_file(filename, root=static_files) +# change account password +@post('/password') +def post_password(): + username = logged_in() + if username: + oldpassword = request.forms.get('oldpassword') + newpassword = request.forms.get('newpassword') + if miab_auth(username, oldpassword): + data = { "email": username, } + r = requests.post(miab_url + "/mail/users/remove", data=data, auth=(miab_admin, miab_passwd)) + data = { "email": username, "password": newpassword } + a = requests.post(miab_url + "/mail/users/add", data=data, auth=(miab_admin, miab_passwd)) + if r.status_code == 200 and a.status_code == 200: + message = { "message": "Your password has been changed successfully!", "alert": "primary" } + response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) + redirect('/') + else: + message = { "message": "Something went wrong while changing your password!", "alert": "danger" } + response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) + redirect('/') + else: + message = { "message": "Your supplied password is wrong!", "alert": "danger" } + response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) + redirect('/') + else: + redirect('/login') + + +#@post('/delete') +#def delete_account(): +# username = logged_in() +# password = #from form +# if miab_auth(username, password): +# #do the actual delete +# else: +# #render default and send flash error message + +#@post('/alias/add') +#def add_alias(): +# pass + +#@post('/alias/delete') +#def delete_alias(): +# pass + + # run development webserver run(host='localhost', port=8000, debug=True, reloader=True) diff --git a/views/default.tpl b/views/default.tpl index eaa3cbe..5a05aec 100644 --- a/views/default.tpl +++ b/views/default.tpl @@ -44,7 +44,12 @@ -->
- + %if message: + + %end

{{ username }}

You are logged in. (logout)

@@ -55,13 +60,13 @@

Change password

- -
+

Enter your old password and your desired password and hit the change button.
Watch typos! I will not watch for you.

+
- +
- +
@@ -73,7 +78,7 @@

Manage aliases

-

Aliases are additional email addresses which will be forwarded to your account. Besides your primary email address you can use an alias to send your emails.
Available domains: @aundas.org, @socialnerds.org and @phlo.at
Be aware the limit of five active aliases.

+

Aliases are additional email addresses which will be forwarded to your account. Besides your primary email address you can use an alias to send your emails.
Available domains: @aundas.org, @socialnerds.org, @phlo.at, @gmur.ml, @socialg.it
Be aware the limit of five active aliases.

david@aundas.org (delete)

david@socialnerds.org (delete)

hugo17@socialnerds.org (delete)

diff --git a/views/login.tpl b/views/login.tpl index 64eae48..81a9767 100644 --- a/views/login.tpl +++ b/views/login.tpl @@ -27,7 +27,7 @@ -

For security reasons every session will expire 30 minutes after login.

+

For security reasons every session will expire {{ int(cookie_max_age/60) }} minutes after login.