# imports import requests from bottle import route, run, template, error, get, \ post, request, response, redirect, \ static_file # config # load config from configfile instead of defining it here cookie_secret='.0)>ZCqL Fvi3m$;c VY-$&^65 r3Yg,$vC +U?1#zy] 2[]rUsru .yd4-GiE *i#i4Wr[' cookie_max_age=1800 #seconds cookie_name='accounts' app_name='SocialNerds Accounts' static_files="/home/david/Git/accounts/static" miab_admin='someadmin@socialnerds.org' miab_passwd='xxxxx' miab_url='https://excelsior.socialnerds.org/admin' # functions # verify session # if valid we return the username def logged_in(): #read remote cookie username = request.get_cookie(cookie_name, secret=cookie_secret) if username: return username else: return False # do actual authentication against Mail-in-a-box def miab_auth(username, password): #authenticate against miab api a = requests.get(miab_url + "/mail/users", auth=(username, password)) # if valid set cookie and return True if a.text == 'You are not an administrator.\n' or a.status_code == 200: response.set_cookie(cookie_name, username, secret=cookie_secret, max_age=cookie_max_age) return True else: #or False return False # change password for Mail-in-a-box def miab_password(username, password): return True # routing @get('/') def home(): username = logged_in() message = request.get_cookie(cookie_name + "_message", secret=cookie_secret) if username: # render homepage return template('default', username=username, app_name=app_name, message=message) else: redirect('/login') @get('/login') @get('/login/') def login(): if logged_in(): redirect('/') else: #render login page return template('login', app_name=app_name, cookie_max_age=cookie_max_age) # get login credentials @post('/login') def post_login(): username = request.forms.get('username') password = request.forms.get('password') if miab_auth(username, password): message = { "message": "You have logged in successfully!", "alert": "success" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: redirect('/login') # delete cookie @get('/logout') @get('/logout/') def logout(): if logged_in(): response.delete_cookie(cookie_name) redirect('/') else: redirect('/') # serve static files @get('/static/') def send_static(filename): return static_file(filename, root=static_files) # change account password @post('/password') def post_password(): username = logged_in() if username: oldpassword = request.forms.get('oldpassword') newpassword = request.forms.get('newpassword') if miab_auth(username, oldpassword): data = { "email": username, } r = requests.post(miab_url + "/mail/users/remove", data=data, auth=(miab_admin, miab_passwd)) data = { "email": username, "password": newpassword } a = requests.post(miab_url + "/mail/users/add", data=data, auth=(miab_admin, miab_passwd)) if r.status_code == 200 and a.status_code == 200: message = { "message": "Your password has been changed successfully!", "alert": "primary" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: message = { "message": "Something went wrong while changing your password!", "alert": "danger" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: message = { "message": "Your supplied password is wrong!", "alert": "danger" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: redirect('/login') #@post('/delete') #def delete_account(): # username = logged_in() # password = #from form # if miab_auth(username, password): # #do the actual delete # else: # #render default and send flash error message #@post('/alias/add') #def add_alias(): # pass #@post('/alias/delete') #def delete_alias(): # pass # run development webserver run(host='localhost', port=8000, debug=True, reloader=True) # run prod server #run(host='localhost', port=8000)