Initial commit

2025-01-27 08:08:29 +01:00 · 2025-01-27 08:08:29 +01:00 · 8b763c5dd7
commit 8b763c5dd7
3 changed files with 95 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+__pycache__
--- a/aliases.py
+++ b/aliases.py
@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+
+import os
+import psycopg
+from flask import Flask, request, render_template, redirect, url_for
+
+app = Flask(__name__)
+
+db_con = os.environ.get('DB_CONNECTION', '')
+ldap_groups_start_with = "Allowed "
+
+def get_headers(headers):
+  return (
+    headers.get("HTTP_AUTH_USER", ""),
+    [ h for h in headers.get("HTTP_AUTH_GROUPS", "").split(",") if h[:len(ldap_groups_start_with)] == ldap_groups_start_with ]
+  )
+
+@app.route("/")
+def show_aliases():
+  username, domains = get_headers(request.headers)
+  with psycopg.connect(db_con) as conn:
+    with conn.cursor() as cur:
+      aliases = [ i for (i,) in cur.execute("SELECT alias FROM aliases WHERE username = %s", (username,)).fetchall()]
+
+  return render_template("index.html", username=username, aliases=aliases, domains=domains)
+
+@app.route("/new")
+def new_aliases():
+  username, domains = get_headers(request.headers)
+  name = request.args.get('name', '')
+  domain = request.args.get('domain', '')
+
+  # TODO: sanitize name to ensure name@domain is a valid email address
+  if name == '' or domain == '' or domain not in domains:
+    return redirect(url_for('show_aliases'))
+
+  with psycopg.connect(db_con) as conn:
+    with conn.cursor() as cur:
+      existing_alias = cur.execute("SELECT alias FROM aliases WHERE alias = %s", (name + "@" + domain,)).fetchone()
+
+      if existing_alias == None:
+        cur.execute(f'INSERT INTO aliases VALUES (%s, %s)', (name + "@" + domain, username))
+        conn.commit()
+
+    
+  return redirect(url_for('show_aliases'))
+
+@app.route("/delete/<alias>")
+def del_aliases(alias):
+  username, domains = get_headers(request.headers)
+  with psycopg.connect(db_con) as conn:
+    with conn.cursor() as cur:
+      owner = cur.execute("SELECT username FROM aliases WHERE alias = %s", (alias,)).fetchone()
+
+      if owner != None and owner[0] == username:
+        cur.execute(f'DELETE FROM aliases WHERE alias = %s', (alias,))
+        conn.commit()
+
+  return redirect(url_for('show_aliases'))
--- a/templates/index.html
+++ b/templates/index.html
@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html lang="en" class="html" data-theme="light"><head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+  
+    <title>catgrl.org</title>
+  
+    {# <link rel="stylesheet" href="/assets/css/main.css" /> #}
+  </head>
+  <body>
+    <p>Bienvenue {{ username }} !</p>
+    <p>Liste des alias actuels :</p>
+    <ul>
+{% for a in aliases %}
+      <li>{{ a }}
+      <form action="/delete/{{ a }}">
+        <input type="submit" value="Supprimer">
+      </form> 
+      </li>
+{% endfor %}
+    </ul>
+
+    <form action="/new">
+      <label for="name">Nouvel alias :</label><br>
+      <input type="text" id="name" name="name">
+      <select name="domain" id="domain">
+{% for d in domains %}
+        <option value="{{ d }}">{{ d }}</option>
+{% endfor %}
+      </select>
+      <input type="submit" value="Créer">
+    </form> 
+
+  </body>
+</html>