# imports import requests from bottle import route, run, template, error, get, \ post, request, response, redirect, \ static_file # config # load config from configfile instead of defining it here cookie_secret='.0)>ZCqL Fvi3m$;c VY-$&^65 r3Yg,$vC +U?1#zy] 2[]rUsru .yd4-GiE *i#i4Wr[' cookie_max_age=3600 #seconds app_name='accounts' static_files="/home/david/Git/accounts/static" #miab_admin='someuser@socialnerds.org' #miab_passwd='xxx' miab_url='https://excelsior.socialnerds.org/admin' # functions # verify session # if valid we return the username def logged_in(): #read remote cookie username = request.get_cookie(app_name, secret=cookie_secret) if username: return username else: return False # do actual authentication against Mail-in-a-box def miab_auth(username, password): #authenticate against miab api a = requests.get(miab_url + "/mail/users", auth=(username, password)) # if valid set cookie and return True if a.text == 'You are not an administrator.\n' or a.status_code == 200: response.set_cookie(app_name, username, secret=cookie_secret, max_age=cookie_max_age) return True else: #or False return False # routing @get('/') def home(): username = logged_in() if username: # render homepage return template('default', username=username, app_name=app_name) else: redirect('/login') @get('/login') @get('/login/') def login(): if logged_in(): redirect('/') else: #render login page return template('login', app_name=app_name, cookie_max_age=cookie_max_age) # get login credentials @post('/login') def post_login(): username = request.forms.get('username') password = request.forms.get('password') if miab_auth(username, password): redirect('/') else: redirect('/login') # delete cookie @get('/logout') @get('/logout/') def logout(): response.delete_cookie(app_name) redirect('/login') @get('/static/') def send_static(filename): return static_file(filename, root=static_files) # run development webserver run(host='localhost', port=8000, debug=True, reloader=True) # run prod server #run(host='localhost', port=8000)