diff --git a/buranun.conf.example b/buranun.conf.example index 3b6f61e..d05dc55 100644 --- a/buranun.conf.example +++ b/buranun.conf.example @@ -10,7 +10,11 @@ url_prefix = /board # when it is behind a reverse proxy # ssl controls whether cookies set the Secure attribute, meaning they are only # sent over an encrypted connection -ssl = True +ssl = yes +# The host and port where Buranun is accessible +# outside_port can be left empty if you're using port 80 (no ssl) or 443 (ssh) +outside_host = ahti-saarelainen.zgrep.org +outside_port = [site] # This is the site name displayed on e.g. the index page diff --git a/config.py b/config.py index 8992e78..0c0f811 100644 --- a/config.py +++ b/config.py @@ -2,7 +2,7 @@ import configparser def load(filename): """Populate the config variables""" - global port, ssl, url_prefix + global port, ssl, url_prefix, outside_host, outside_port global site_name global database_file @@ -10,8 +10,10 @@ def load(filename): config.read(filename) port = int(config['server']['port']) - ssl = bool(config['server']['ssl']) + ssl = {'yes': True, 'no': False}[config['server']['ssl']] url_prefix = config['server']['url_prefix'] + outside_host = config['server']['outside_host'] + outside_port = config['server']['outside_port'] site_name = config['site']['name'] diff --git a/server.py b/server.py index 3445775..819d272 100644 --- a/server.py +++ b/server.py @@ -11,22 +11,28 @@ class HTTPRequestHandler(http.server.BaseHTTPRequestHandler): #protocol_version = 'HTTP/1.1' protocol_version = 'HTTP/1.0' - def __send_html(self, html, *, status_code = 200): - encoded = html.encode('utf-8') + def __redirect(self, path = '/', buranun_session = None): + # Construct the URL to redirect to + protocol = 'https' if config.ssl else 'http' + host_port = config.outside_host if config.outside_port == '' else '%s:%s' % (config.outside_host, config.outside_port) + url = '%s://%s%s%s' % (protocol, host_port, config.url_prefix, path) + + encoded = url.encode('utf-8') length = len(encoded) + self.send_response(303) + self.send_header('Location', url) + self.send_header('Content-Type', 'text/plain; charset=utf-8') + self.send_header('Content-Length', length) + # TODO: Make this more sensical sent_cookies = http.cookies.SimpleCookie() - sent_cookies['buranun_session'] = 'dihutenosa' + sent_cookies['buranun_session'] = buranun_session sent_cookies['buranun_session']['path'] = config.url_prefix if config.url_prefix != '' else '/' sent_cookies['buranun_session']['max-age'] = 60 sent_cookies['buranun_session']['secure'] = config.ssl sent_cookies['buranun_session']['httponly'] = True - self.send_response(status_code) - self.send_header('Content-Type', 'text/html; charset=utf-8') - self.send_header('Content-Length', length) - # Since http.cookies doesn't play nicely with http.server we need to do this manually self.flush_headers() self.wfile.write(sent_cookies.output().encode('utf-8') + b'\r\n') @@ -35,11 +41,43 @@ class HTTPRequestHandler(http.server.BaseHTTPRequestHandler): self.wfile.write(encoded) + def __send_html(self, html, *, status_code = 200): + encoded = html.encode('utf-8') + length = len(encoded) + + self.send_response(status_code) + self.send_header('Content-Type', 'text/html; charset=utf-8') + self.send_header('Content-Length', length) + + self.end_headers() + + self.wfile.write(encoded) def __send_404(self, path): html = generate_html.error_404(path) self.__send_html(html, status_code = 404) + def do_POST(self): + path = urllib.parse.unquote(self.path) + + path_components = [component for component in path.split('/') if component != ''] + + # Read the POST data + post_data_length = int(self.headers['Content-Length']) + post_data = bytearray() + while len(post_data) < post_data_length: + data = self.rfile.read(post_data_length - len(post_data)) + post_data.extend(data) + + post_keys = urllib.parse.parse_qs(post_data.decode('utf-8'), keep_blank_values = True) + + if len(path_components) == 1 and path_components[0] == 'login': + print(post_keys['username'], post_keys['password']) + self.__redirect(buranun_session = 'dihutenosa') + + else: + self.__send_404(path) + def do_GET(self): # TODO: Do something with the session cookies_string = self.headers['cookie']