# imports import requests from configparser import ConfigParser from bottle import route, run, template, error, get, \ post, request, response, redirect, \ static_file # config configfile = "app.conf" config = ConfigParser() config.read(configfile) if config['DEFAULT']['miab_admin']: miab_admin = config['DEFAULT']['miab_admin'] else: miab_admin = "norealadmin@domain.ltd" if config['DEFAULT']['miab_passwd']: miab_passwd = config['DEFAULT']['miab_passwd'] else: miab_passwd = "norealpassword" if config['DEFAULT']['miab_url']: miab_url = config['DEFAULT']['miab_url'] else: miab_url = "https://norealmiab.domain.tld" if config['DEFAULT']['app_name']: app_name = config['DEFAULT']['app_name'] else: app_name = "Accounts" if config['DEFAULT']['static_files']: static_files = config['DEFAULT']['static_files'] else: static_files = "static" if config['DEFAULT']['cookie_secret']: cookie_secret = config['DEFAULT']['cookie_secret'] else: cookie_secret = "norealsecretDTR46SNI2390LGFsnDTRLASED2309h" if config['DEFAULT']['cookie_max_age']: cookie_max_age = int(config['DEFAULT']['cookie_max_age']) else: cookie_max_age=1800 if config['DEFAULT']['cookie_name']: cookie_name = config['DEFAULT']['cookie_name'] else: cookie_name = "accounts" # functions # verify session # if valid we return the username def logged_in(): #read remote cookie username = request.get_cookie(cookie_name, secret=cookie_secret) if username: return username else: return False # do actual authentication against miab def miab_auth(username, password): #authenticate against miab api a = requests.get(miab_url + "/mail/users", auth=(username, password)) # if valid set cookie and return True if a.text == 'You are not an administrator.\n' or a.status_code == 200: response.set_cookie(cookie_name, username, secret=cookie_secret, max_age=cookie_max_age) return True else: #or False return False # get all aliases for a username def get_aliases(username): a = requests.get(miab_url + "/mail/aliases?format=json", auth=(miab_admin, miab_passwd)) data = a.json() i=1 #start with 1 to skip miab main domain aliases = [] while i < len(data): j=0 while j < len(data[i]['aliases']): if len(data[i]['aliases'][j]['forwards_to']) == 1: if data[i]['aliases'][j]['forwards_to'][0] == username: aliases.append(data[i]['aliases'][j]['address']) j+=1 i+=1 return aliases # routing @get('/') def home(): username = logged_in() message = request.get_cookie(cookie_name + "_message", secret=cookie_secret) if username: aliases = get_aliases(username) # render homepage return template('default', username=username, app_name=app_name, message=message, aliases=aliases) else: # render login message = request.get_cookie(cookie_name + "_message", secret=cookie_secret) return template('login', app_name=app_name, cookie_max_age=cookie_max_age, message=message) # get login credentials @post('/login') def post_login(): username = request.forms.get('username') password = request.forms.get('password') if miab_auth(username, password): message = { "message": "You have logged in successfully", "alert": "success" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: redirect('/') # delete cookie @get('/logout') @get('/logout/') def logout(): if logged_in(): response.delete_cookie(cookie_name) message = { "message": "You have logged out successfully", "alert": "success" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: redirect('/') # serve static files @get('/static/') def send_static(filename): return static_file(filename, root=static_files) # change account password @post('/password') def post_password(): username = logged_in() if username: oldpassword = request.forms.get('oldpassword') newpassword = request.forms.get('newpassword') if miab_auth(username, oldpassword): data = { "email": username, } r = requests.post(miab_url + "/mail/users/remove", data=data, auth=(miab_admin, miab_passwd)) data = { "email": username, "password": newpassword } a = requests.post(miab_url + "/mail/users/add", data=data, auth=(miab_admin, miab_passwd)) if r.status_code == 200 and a.status_code == 200: message = { "message": "Your password has been changed successfully", "alert": "success" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: message = { "message": "Something went wrong while changing your password", "alert": "danger" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: message = { "message": "Your supplied password is wrong", "alert": "danger" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5) redirect('/') else: redirect('/') #@post('/alias/add') #def add_alias(): # pass # delete alias @post('/alias/delete') def delete_alias(): username = logged_in() if username: remove = request.forms.get('remove') aliases = get_aliases(username) for alias in aliases: if alias == remove: #remove the alias #requests.post() message = { "message": "The alias " + str(remove) + " has been removed successfully", "alert": "success" } response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5, path="/") redirect('/') message = { "message": "You're trying to do something filthy", "alert": "danger"} response.set_cookie(cookie_name + "_message", message, secret=cookie_secret, max_age=5, path="/") redirect('/') else: redirect('/') #@post('/delete') #def delete_account(): # username = logged_in() # password = #from form # if miab_auth(username, password): # #do the actual delete # else: # #render default and send flash error message # run development webserver #run(host='localhost', port=8000, debug=True, reloader=True) # run prod server run(host='0.0.0.0', port=8000)