adrian/contact-mailer
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

setup local test env

Browse Source
This commit is contained in:
Adrian Amaglio 2021-01-14 00:00:40 +01:00
parent 5ebd46de77
commit 416960ac6c
4 changed files with 53 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
adminer/index.js
View File

@ -4,9 +4,9 @@ var app = new Vue({
type: 'admin_pass', /* admin_pass or token */
password: 'test',
loggedin: false,
mailerHost: 'https://mailer.jean-cloud.net',
//mailerHost: 'https://mailer.jean-cloud.net',
//mailerHost: 'http://localhost:8080',
//mailerHost: '/api',
mailerHost: '/api',
forms: [],
users: [],
newUser: '',

99
server/main.py
View File

@ -96,8 +96,7 @@ def submission ():
if 'token' in request.forms:
token = request.forms.getunicode('token')
else:
response.status = 400
return resp('error', 'Le jeton dautentification est requis')
return resp(400, 'Le jeton dautentification est requis')
# Getting mail address
if 'mail' in request.forms:
@ -110,39 +109,32 @@ def submission ():
try:
form = mongodb_database['forms'].find({'token': token})[0]
except IndexError as e:
response.status = 400
return resp('error', 'Le formulaire demandé est introuvable, merci de vérifier que le token utilisé est le bon')
return resp(400, 'Le formulaire demandé est introuvable, merci de vérifier que le token utilisé est le bon')
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible.')
return resp(500, 'La base de donnée nest pas accessible.')
# Did the bot filled the honeypot field?
if 'honeypotfield' in form and form['honeypotfield'] in request.forms and request.forms.get(form['honeypotfield']) != '':
response.status = 400
print('honeypotfield')
return resp('error', 'We identified you as a bot. If this is an error, try to contact us via another way.')
return resp(400, 'We identified you as a bot. If this is an error, try to contact us via another way.')
# Is the js timer enabled?
if 'timerdelay' in form:
# Did it work?
if 'timerfield' not in request.forms or int(request.forms.get('timerfield')) < int(form['timerdelay']):
print('timer : {}/{}'.format(request.forms.get('timerfield'), form['timerdelay']))
response.status = 400
return resp('error', 'We identified you as a bot. If this is an error, try to contact us via another way.')
return resp(400, 'We identified you as a bot. If this is an error, try to contact us via another way.')
try:
subject_fields = fill_fields(request, get_fields(form['subject']))
content_fields = fill_fields(request, get_fields(form['content']))
except MissingParameterException as e:
response.status = 400
return resp('error', str(e))
return resp(400, str(e))
subject = re.sub(form_regex, r'{\1}', form['subject']).format(**subject_fields)
content = re.sub(form_regex, r'{\1}', form['content']).format(**content_fields)
try:
if not send_mail(from_address, form['mail'], subject, content):
response.status = 500
return resp('error', 'Le mail na pas pu être envoyé.')
return resp(500, 'Le mail na pas pu être envoyé.')
except smtplib.SMTPDataError as e:
response.status = 500
error = 'Le mail a été refusé. Merci de réessayer plus tard.'
@ -156,11 +148,12 @@ def submission ():
# Redirection
#bottle.redirect(success_redirect_default)
origin = request.headers.get('origin')
return resp('success', 'Mail envoyé !')
return resp(200, 'Mail envoyé !')
##################################################### Helpers ############################################
def resp (status, msg, data='{}'):
response.status = status
return '{{"status": "{}", "msg": "{}", "data": {}}}'.format(status, msg, data)
def get_fields (string):
@ -248,30 +241,26 @@ def create_form ():
elif mail_default_subject != '':
subject = mail_default_subject
else:
response.status = 400
return resp('error', 'Le champs « sujet » est requis')
return resp(400, 'Le champs « sujet » est requis')
# Getting mail content
if 'content' in request.forms:
content = request.forms.getunicode('content')
else:
response.status = 400
return resp('error', 'Le champs « contenu » est requis')
return resp(400, 'Le champs « contenu » est requis')
# Getting from address
if 'mail' in request.forms:
mail = request.forms.getunicode('mail')
else:
response.status = 400
return resp('error', 'Le champs « adresse » est requis')
return resp(4000, 'Le champs « adresse » est requis')
user = login(request)
print('post form')
print(user)
if user['_privilege'] > 1:
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(400, 'Privilèges insufisants')
# TODO limit the insertion rate
token = ''.join(random.sample(token_chars, token_len))
@ -290,10 +279,9 @@ def create_form ():
inserted = mongodb_database['forms'].insert_one(newEntry)
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible')
return resp(500, 'La base de donnée nest pas accessible')
return resp('success', 'Créé : ' + token)
return resp(200, 'Créé : ' + token)
@app.post('/form/list')
def list_forms ():
@ -304,13 +292,11 @@ def list_forms ():
elif user['_privilege'] == 1:
filt = {'user_id': user['_id']}
else:
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(400, 'Privilèges insufisants')
data = mongodb_database['forms'].find(filt)
return resp('success','', dumps(list(data)))
return resp(200,'', dumps(list(data)))
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error','La base de donnée nest pas accessible')
return resp(500,'La base de donnée nest pas accessible')
@ -319,18 +305,15 @@ def delete_form(token):
# TODO If admin or form owner
user = login(request)
if user['_privilege'] > 1:
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(400, 'Privilèges insufisants')
# Actually delete
try:
form = mongodb_database['forms'].find({'token':token })[0]
except IndexError as e:
response.status = 400
return resp('error', 'Le token nest pas valide')
return resp(400, 'Le token nest pas valide')
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible')
return resp(500, 'La base de donnée nest pas accessible')
if user['_privilege'] == 0 or (form['user_id'] == user['_id']):
try:
@ -338,11 +321,9 @@ def delete_form(token):
'token': token,
})
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible')
return resp('success', 'Supprimé ' + token)
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(500, 'La base de donnée nest pas accessible')
return resp(200, 'Supprimé ' + token)
return resp(400, 'Privilèges insufisants')
##################################################### Users ############################################
@ -351,58 +332,50 @@ def delete_form(token):
def list_users ():
user = login(request)
if user['_privilege'] > 0:
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(400, 'Privilèges insufisants')
try:
data = mongodb_database['users'].find()
return resp('success', '', dumps(list(data)))
return resp(200, '', dumps(list(data)))
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible')
return resp(500, 'La base de donnée nest pas accessible')
@app.route('/user/<username>', method=['OPTIONS', 'PUT'])
def create_user (username):
user = login(request)
if user['_privilege'] > 0:
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(400, 'Privilèges insufisants')
try:
mongodb_database['users'].find({'username': username})[0]
return resp('error', 'Lutilisateur existe déjà')
return resp(400, 'Lutilisateur existe déjà')
except IndexError as e:
try:
inserted = mongodb_database['users'].insert_one({
'username': username,
'token': ''.join(random.sample(token_chars, token_len))
})
return resp('success', 'Créé : ' + username)
return resp(200, 'Créé : ' + username)
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible')
return resp(500, 'La base de donnée nest pas accessible')
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error','La base de donnée nest pas accessible')
return resp(500,'La base de donnée nest pas accessible')
@app.delete('/user/<username>')
def delete_user (username):
user = login(request)
if user['_privilege'] > 0:
response.status = 400
return resp('error', 'Privilèges insufisants')
return resp(400, 'Privilèges insufisants')
try:
mongodb_database['users'].find({'username': username})[0]
mongodb_database['users'].delete_one({
'username': username,
})
return resp('success', 'Supprimé ' + username)
return resp(200, 'Supprimé ' + username)
except IndexError as e:
response.status = 400
return resp('error', 'Lutilisateur nexiste pas')
return resp(400, 'Lutilisateur nexiste pas')
except pymongo.errors.ServerSelectionTimeoutError as e:
response.status = 500
return resp('error', 'La base de donnée nest pas accessible')
return resp(500, 'La base de donnée nest pas accessible')
##################################################### app startup ############################################

12
test/docker-compose.yml
View File

@ -17,13 +17,21 @@ services:
SMTP_SERVER_USERNAME: toto
SMTP_SERVER_PASSWORD: lol
SMTP_SERVER_SENDER: moi
ADMIN_PASSWORD: admin
ADMIN_PASSWORD: test
SMTP_SSL: 'true'
UID: 101
MOUNT: /api
proxy:
image: nginx
ports:
- 8080:8080
volumes:
- ./nginx.conf:/etc/nginx.conf
- ./nginx.conf:/etc/nginx/nginx.conf
- ../:/usr/app
- ./uwsgi:/tmp/uwsgi
environment:
nginx_uid: 1000
depends_on:
- mailer

7
test/nginx.conf
View File

@ -24,7 +24,7 @@ http {
add_header 'Access-Control-Allow-Methods' 'GET, POST, DELETE, OPTIONS';
listen 8080;
location /admin {
root /usr/app/adminer;
alias /usr/app/adminer;
index index.html;
}
location / {
@ -32,7 +32,10 @@ http {
index test.html;
}
location /api/ {
proxy_pass http://mailer:8080;
include uwsgi_params;
uwsgi_pass unix:/tmp/uwsgi/uwsgi.sock;
#uwsgi_param PATH_INFO "$1";
#uwsgi_param SCRIPT_NAME /;
}
}
}