first working password change version
This commit is contained in:
parent
90ac8c8998
commit
7b6ce86af4
79
app.py
79
app.py
|
@ -6,56 +6,59 @@ from bottle import route, run, template, error, get, \
|
||||||
|
|
||||||
|
|
||||||
# config
|
# config
|
||||||
|
|
||||||
# load config from configfile instead of defining it here
|
# load config from configfile instead of defining it here
|
||||||
cookie_secret='.0)>ZCqL Fvi3m$;c VY-$&^65 r3Yg,$vC +U?1#zy] 2[]rUsru .yd4-GiE *i#i4Wr['
|
cookie_secret='.0)>ZCqL Fvi3m$;c VY-$&^65 r3Yg,$vC +U?1#zy] 2[]rUsru .yd4-GiE *i#i4Wr['
|
||||||
cookie_max_age=1800 #seconds
|
cookie_max_age=1800 #seconds
|
||||||
app_name='accounts'
|
cookie_name='accounts'
|
||||||
|
app_name='SocialNerds Accounts'
|
||||||
static_files="/home/david/Git/accounts/static"
|
static_files="/home/david/Git/accounts/static"
|
||||||
#miab_admin='someuser@socialnerds.org'
|
miab_admin='someadmin@socialnerds.org'
|
||||||
#miab_passwd='xxx'
|
miab_passwd='xxxxx'
|
||||||
miab_url='https://excelsior.socialnerds.org/admin'
|
miab_url='https://excelsior.socialnerds.org/admin'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# functions
|
# functions
|
||||||
|
|
||||||
# verify session
|
# verify session
|
||||||
# if valid we return the username
|
# if valid we return the username
|
||||||
def logged_in():
|
def logged_in():
|
||||||
#read remote cookie
|
#read remote cookie
|
||||||
username = request.get_cookie(app_name, secret=cookie_secret)
|
username = request.get_cookie(cookie_name, secret=cookie_secret)
|
||||||
if username:
|
if username:
|
||||||
return username
|
return username
|
||||||
else:
|
else:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
# do actual authentication against Mail-in-a-box
|
# do actual authentication against Mail-in-a-box
|
||||||
def miab_auth(username, password):
|
def miab_auth(username, password):
|
||||||
#authenticate against miab api
|
#authenticate against miab api
|
||||||
a = requests.get(miab_url + "/mail/users", auth=(username, password))
|
a = requests.get(miab_url + "/mail/users", auth=(username, password))
|
||||||
# if valid set cookie and return True
|
# if valid set cookie and return True
|
||||||
if a.text == 'You are not an administrator.\n' or a.status_code == 200:
|
if a.text == 'You are not an administrator.\n' or a.status_code == 200:
|
||||||
response.set_cookie(app_name, username, secret=cookie_secret, max_age=cookie_max_age)
|
response.set_cookie(cookie_name, username, secret=cookie_secret, max_age=cookie_max_age)
|
||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
#or False
|
#or False
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
# change password for Mail-in-a-box
|
||||||
|
def miab_password(username, password):
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
# routing
|
# routing
|
||||||
|
|
||||||
@get('/')
|
@get('/')
|
||||||
def home():
|
def home():
|
||||||
username = logged_in()
|
username = logged_in()
|
||||||
|
message = request.get_cookie(cookie_name + "_message", secret=cookie_secret)
|
||||||
if username:
|
if username:
|
||||||
# render homepage
|
# render homepage
|
||||||
return template('default', username=username, app_name=app_name)
|
return template('default', username=username, app_name=app_name, message=message)
|
||||||
else:
|
else:
|
||||||
redirect('/login')
|
redirect('/login')
|
||||||
|
|
||||||
|
|
||||||
@get('/login')
|
@get('/login')
|
||||||
@get('/login/')
|
@get('/login/')
|
||||||
def login():
|
def login():
|
||||||
|
@ -71,6 +74,8 @@ def post_login():
|
||||||
username = request.forms.get('username')
|
username = request.forms.get('username')
|
||||||
password = request.forms.get('password')
|
password = request.forms.get('password')
|
||||||
if miab_auth(username, password):
|
if miab_auth(username, password):
|
||||||
|
message = { "message": "You have logged in successfully!", "alert": "success" }
|
||||||
|
response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5)
|
||||||
redirect('/')
|
redirect('/')
|
||||||
else:
|
else:
|
||||||
redirect('/login')
|
redirect('/login')
|
||||||
|
@ -79,13 +84,63 @@ def post_login():
|
||||||
@get('/logout')
|
@get('/logout')
|
||||||
@get('/logout/')
|
@get('/logout/')
|
||||||
def logout():
|
def logout():
|
||||||
response.delete_cookie(app_name)
|
if logged_in():
|
||||||
redirect('/login')
|
response.delete_cookie(cookie_name)
|
||||||
|
redirect('/')
|
||||||
|
else:
|
||||||
|
redirect('/')
|
||||||
|
|
||||||
|
# serve static files
|
||||||
@get('/static/<filename:path>')
|
@get('/static/<filename:path>')
|
||||||
def send_static(filename):
|
def send_static(filename):
|
||||||
return static_file(filename, root=static_files)
|
return static_file(filename, root=static_files)
|
||||||
|
|
||||||
|
# change account password
|
||||||
|
@post('/password')
|
||||||
|
def post_password():
|
||||||
|
username = logged_in()
|
||||||
|
if username:
|
||||||
|
oldpassword = request.forms.get('oldpassword')
|
||||||
|
newpassword = request.forms.get('newpassword')
|
||||||
|
if miab_auth(username, oldpassword):
|
||||||
|
data = { "email": username, }
|
||||||
|
r = requests.post(miab_url + "/mail/users/remove", data=data, auth=(miab_admin, miab_passwd))
|
||||||
|
data = { "email": username, "password": newpassword }
|
||||||
|
a = requests.post(miab_url + "/mail/users/add", data=data, auth=(miab_admin, miab_passwd))
|
||||||
|
if r.status_code == 200 and a.status_code == 200:
|
||||||
|
message = { "message": "Your password has been changed successfully!", "alert": "primary" }
|
||||||
|
response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5)
|
||||||
|
redirect('/')
|
||||||
|
else:
|
||||||
|
message = { "message": "Something went wrong while changing your password!", "alert": "danger" }
|
||||||
|
response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5)
|
||||||
|
redirect('/')
|
||||||
|
else:
|
||||||
|
message = { "message": "Your supplied password is wrong!", "alert": "danger" }
|
||||||
|
response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5)
|
||||||
|
redirect('/')
|
||||||
|
else:
|
||||||
|
redirect('/login')
|
||||||
|
|
||||||
|
|
||||||
|
#@post('/delete')
|
||||||
|
#def delete_account():
|
||||||
|
# username = logged_in()
|
||||||
|
# password = #from form
|
||||||
|
# if miab_auth(username, password):
|
||||||
|
# #do the actual delete
|
||||||
|
# else:
|
||||||
|
# #render default and send flash error message
|
||||||
|
|
||||||
|
#@post('/alias/add')
|
||||||
|
#def add_alias():
|
||||||
|
# pass
|
||||||
|
|
||||||
|
#@post('/alias/delete')
|
||||||
|
#def delete_alias():
|
||||||
|
# pass
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# run development webserver
|
# run development webserver
|
||||||
run(host='localhost', port=8000, debug=True, reloader=True)
|
run(host='localhost', port=8000, debug=True, reloader=True)
|
||||||
|
|
|
@ -44,7 +44,12 @@
|
||||||
</nav>-->
|
</nav>-->
|
||||||
|
|
||||||
<div class="container">
|
<div class="container">
|
||||||
|
%if message:
|
||||||
|
<div class="alert alert-{{ message['alert'] }} alert-dismissible" role="alert">
|
||||||
|
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
|
||||||
|
{{ message['message'] }}.
|
||||||
|
</div>
|
||||||
|
%end
|
||||||
<div class="starter-template">
|
<div class="starter-template">
|
||||||
<h1>{{ username }}</h1>
|
<h1>{{ username }}</h1>
|
||||||
<p class="lead">You are logged in. (<a href="/logout">logout</a>)</p>
|
<p class="lead">You are logged in. (<a href="/logout">logout</a>)</p>
|
||||||
|
@ -55,13 +60,13 @@
|
||||||
<div class="starter-template">
|
<div class="starter-template">
|
||||||
<h2>Change password</h2>
|
<h2>Change password</h2>
|
||||||
<hr>
|
<hr>
|
||||||
|
<p>Enter your old password and your desired password and hit the change button.<br><small>Watch typos! I will not watch for you.</small></p>
|
||||||
<form class="form-inline">
|
<form class="form-inline" action="/password" method="post">
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="password" class="form-control input-sm" id="changepasswordInput" placeholder="Old password">
|
<input name="oldpassword" type="password" class="form-control input-sm" id="changepasswordInput" placeholder="Old password">
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<input type="password" class="form-control input-sm" id="changepasswordInput2" placeholder="New password">
|
<input name="newpassword" type="password" class="form-control input-sm" id="changepasswordInput2" placeholder="New password">
|
||||||
</div>
|
</div>
|
||||||
<button type="submit" class="btn btn-primary btn-sm">change</button>
|
<button type="submit" class="btn btn-primary btn-sm">change</button>
|
||||||
</form>
|
</form>
|
||||||
|
@ -73,7 +78,7 @@
|
||||||
<div class="starter-template">
|
<div class="starter-template">
|
||||||
<h2>Manage aliases</h2>
|
<h2>Manage aliases</h2>
|
||||||
<hr>
|
<hr>
|
||||||
<p>Aliases are additional email addresses which will be forwarded to your account. Besides your primary email address you can use an alias to send your emails.<br><small>Available domains: <b>@aundas.org</b>, <b>@socialnerds.org</b> and <b>@phlo.at</b><br>Be aware the limit of five active aliases.</small></p>
|
<p>Aliases are additional email addresses which will be forwarded to your account. Besides your primary email address you can use an alias to send your emails.<br><small>Available domains: <b>@aundas.org</b>, <b>@socialnerds.org</b>, <b>@phlo.at</b>, <b>@gmur.ml</b>, <b>@socialg.it</b><br>Be aware the limit of five active aliases.</small></p>
|
||||||
<p>david@aundas.org (<a href="#">delete</a>)</p>
|
<p>david@aundas.org (<a href="#">delete</a>)</p>
|
||||||
<p>david@socialnerds.org (<a href="#">delete</a>)</p>
|
<p>david@socialnerds.org (<a href="#">delete</a>)</p>
|
||||||
<p>hugo17@socialnerds.org (<a href="#">delete</a>)</p>
|
<p>hugo17@socialnerds.org (<a href="#">delete</a>)</p>
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
<input name="username" type="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
|
<input name="username" type="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
|
||||||
<label for="inputPassword" class="sr-only">Password</label>
|
<label for="inputPassword" class="sr-only">Password</label>
|
||||||
<input name="password" type="password" id="inputPassword" class="form-control" placeholder="Password" required>
|
<input name="password" type="password" id="inputPassword" class="form-control" placeholder="Password" required>
|
||||||
<p>For security reasons every session will expire 30 minutes after login.</p>
|
<p>For security reasons every session will expire {{ int(cookie_max_age/60) }} minutes after login.</p>
|
||||||
<button class="btn btn-lg btn-primary btn-block" type="submit">Login</button>
|
<button class="btn btn-lg btn-primary btn-block" type="submit">Login</button>
|
||||||
</form>
|
</form>
|
||||||
|
|
||||||
|
|
Reference in New Issue