client/index.js

@@ -1,6 +1,3 @@
-/* Executed after page loading */
-(function () {
-
 class JeanCloudContactFormNotifier {
     constructor (theme, messageContainer) {
         /* Choose the theme */
@@ -115,6 +112,7 @@ function jeanCloudContactFormIntercept (formId, notifier) {
     }
 }
 
+(function () {
     /* Get the current js file location */
     const path = (document.currentScript.src[-1] == '/' ? document.currentScript.src : document.currentScript.src.replace(/\/[^\/]*$/, ''))
     
@@ -127,15 +125,6 @@ function jeanCloudContactFormIntercept (formId, notifier) {
     link.integrity   = 'sha384-D12RSMaIURTgZZljhdQqYlQzgEfXvOFwtiqzkWnNcDbKFwMWXcmsCRFO5BNii0MB'
     // cat style.css | openssl dgst -sha384 -binary | openssl base64 -A
     document.head.appendChild(link);
-
-    /* Load the targeted forms */
-    var configs = document.getElementsByClassName('contact-form-config')
-    for (var i=0; i<configs.length; i++) {
-        var formId = configs[i].getAttribute('form-id')
-        var theme  = configs[i].getAttribute('notify-theme')
-        jeanCloudContactFormIntercept(formId, new JeanCloudContactFormNotifier(theme))
-    }
-
-    var contactMailerPageLoadedTime = Date.now()
 })()
 
+var contactMailerPageLoadedTime = Date.now()

client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "jean-cloud-contact-mailer-client",
-  "version": "1.1.6",
+  "version": "1.1.5",
   "description": "",
   "main": "index.js",
   "scripts": {

main.py

@@ -28,6 +28,23 @@ class StripPathMiddleware(object):
         e['PATH_INFO'] = e['PATH_INFO'].rstrip('/')
         return self.a(e, h)
 
+class EnableCors(object):
+    name = 'enable_cors'
+    api = 2
+
+    def apply(self, fn, context):
+        def _enable_cors(*args, **kwargs):
+            # set CORS headers
+            response.headers['Access-Control-Allow-Origin'] = '*'
+            response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
+            response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token'
+
+            if bottle.request.method != 'OPTIONS':
+                # actual request; reply with the actual response
+                return fn(*args, **kwargs)
+
+        return _enable_cors
+
 app = application = bottle.Bottle(catchall=False)
 
 ##################################################### Configuration ############################################
@@ -222,7 +239,7 @@ def login(request):
     Privileges : 0=admin 1=loggedIn 1000=guest
     """
     if 'admin_pass' in request.forms and request.forms['admin_pass'] == admin_password:
-        return {'_privilege':0, '_id':'-1'}
+        return {'_privilege':0}
     if 'token' in request.forms:
         token = request.forms.getunicode('token')
         try:
@@ -231,9 +248,9 @@ def login(request):
             return user
         except IndexError as e:
             pass
-        #except pymongo.errors.ServerSelectionTimeoutError as e:
+        except pymongo.errors.ServerSelectionTimeoutError as e:
-        #    response.status = 500
+            response.status = 500
-        #    return {'_error': True} # anonymous
+            return 'La base de donnée n’est pas accessible'
 
     return {'_privilege': 1000} # anonymous
 
@@ -267,8 +284,6 @@ def create_form ():
         return resp('error', 'Le champs « adresse » est requis')
 
     user = login(request)
-    print('post form')
-    print(user)
     if user['_privilege'] > 1:
         response.status = 400
         return resp('error', 'Privilèges insufisants')
@@ -316,7 +331,7 @@ def list_forms ():
 
 @app.delete('/form/<token>')
 def delete_form(token):
-    # TODO If admin or form owner
+    # If admin or form owner
     user = login(request)
     if user['_privilege'] > 1:
         response.status = 400
@@ -405,7 +420,10 @@ def delete_user (username):
         return resp('error', 'La base de donnée n’est pas accessible')
 
 
+
 ##################################################### app startup ############################################
-prod_app = StripPathMiddleware(app)
 if __name__ == '__main__':
-    bottle.run(app=prod_app, host=listen_address, port=listen_port, debug=True)
+    app.install(EnableCors())
+    bottle.run(app=StripPathMiddleware(app), host=listen_address, port=listen_port, debug=True)
+else:
+    prod_app = StripPathMiddleware(app)

test.html

@@ -6,9 +6,9 @@
 </head>
 <body>
 <div id="contact-mailer-message"></div>
-<form action="/api/submit" method="POST" id="contact-mailer-form">
+<form action="http://localhost:8080/submit" method="POST" id="contact-mailer-form">
     <noscript>Les protections anti-spam, nécéssitent l’utilisation de javascript. Rien d’intrusif normalement.</noscript>
-    <input type="hidden" name="token" value="5NwE8KOzhinBLVloZrvfb71WJeQ6sXc4xgC0AqFPDHGMjIdmUk" />
+    <input type="hidden" name="token" value="PK8gQHDx9VoJ7yuEhbj5iCZkcUOAqTYlRSN14XFtdfr3LBs0zn" />
     <div>
       <label for="nom">Votre nom&nbsp;:</label>
       <input type="text" name="nom" required="required"/>
@@ -27,10 +27,11 @@
     </div>
     <div>
       <label for="objet">Votre message&nbsp;:</label>
-      <textarea name="message"></textarea>
+      <textarea name="message" required="required"></textarea>
     </div>
     <input type="submit" />
 </form>
-<script class="contact-form-config" form-id="contact-mailer-form" notify-theme="dark" src="./client/index.js"></script>
+<script src="./client/index.js"></script>
+<script> jeanCloudContactFormIntercept ('contact-mailer-form', new JeanCloudContactFormNotifier()) </script>
 </body>
 </html>

test_env.sh

@@ -1,5 +0,0 @@
-#!/bin/sh
-
-# docker run -it --rm --network host mongo
-# nginx -c "$(pwd)"/nginx.conf -g "pid '$(pwd)/nginx.pid';"
-# . venv/bin/activate ; python3 main.py