beenull
/
opentrashmail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

moved admin stuff behind admin panel with opt. password closes #68

This commit is contained in:
Chris 2023-12-01 12:19:29 +01:00
parent 6ded9f5368
commit 2c248dac12
12 changed files with 105 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -2,6 +2,7 @@
## UNRELEASED
- Added support for webhooks
- Moved account list and logs to admin site with optional passwords
## V1.3.0
- Added TLS and STARTTLS support

4
README.md
View File

@ -78,6 +78,8 @@ Just edit the `config.ini` You can use the following settings
- `TLS_CERTIFICATE` -> Path to the certificate (chain). Can be relative to the /python directory or absolute
- `TLS_PRIVATE_KEY` -> Path to the private key of the certificate. Can be relative to the /python directory or absolute
- `WEBHOOK_URL` -> If set, will send a POST request to this URL with the JSON data of the email as body. Can be used to integrate OpenTrashmail in your own projects
- `ADMIN_ENABLED` -> Enables the admin menu. Default `false`
- `ADMIN_PASSWORD` -> If set, needs this password to access the admin menu
## Docker env vars
In Docker you can use the following environment variables:
@ -98,6 +100,8 @@ In Docker you can use the following environment variables:
| TLS_CERTIFICATE | Path to the certificate (chain). Can be relative to the /python directory or absolute | `/certs/cert.pem` or `cert.pem` if it's inside the python directory |
| TLS_PRIVATE_KEY | Path to the private key of the certificate. Can be relative to the /python directory or absolute | `/certs/privkey.pem` or `key.pem` if it's inside the python directory |
| WEBHOOK_URL | If set, will send a POST request to this URL with the JSON data of the email as body. Can be used to integrate OpenTrashmail in your own projects | `https://example.com/webhook` |
| ADMIN_ENABLED | Enables the admin menu. Default `false` | `false` / `true` |
| ADMIN_PASSWORD | If set, needs this password to access the admin menu | `123456` |
## TLS
Since v1.3.0 TLS and STARTTLS are supported by OpenTrashmail.

2
docker-compose-dev.yml
View File

@ -15,6 +15,8 @@ services:
- DISCARD_UNKNOWN=false
- SHOW_ACCOUNT_LIST=true
- SHOW_LOGS=true
- ADMIN_ENABLED=true
#- ADMIN_PASSWORD=
# - PASSWORD=123456
# - ALLOWED_IPS=192.168.0.0/16,2a02:ab:cd:ef::/60
# - ATTACHMENTS_MAX_SIZE=10000000

2
docker-compose.yml
View File

@ -11,6 +11,8 @@ services:
- DATEFORMAT=D.M.YYYY HH:mm
- SKIP_FILEPERMISSIONS=true
- DISCARD_UNKNOWN=false
- ADMIN_ENABLED=true
# - ADMIN_PASSWORD=123456
# - PASSWORD=123456
# - ALLOWED_IPS=192.168.0.0/16,2a02:ab:cd:ef::/60
# - ATTACHMENTS_MAX_SIZE=10000000

9
docker/rootfs/start.sh
View File

@ -30,9 +30,6 @@ _buildConfig() {
echo "[GENERAL]"
echo "DOMAINS=${DOMAINS:-localhost}"
echo "URL=${URL:-http://localhost:8080}"
echo "SHOW_ACCOUNT_LIST=${SHOW_ACCOUNT_LIST:-false}"
echo "ADMIN=${ADMIN:-}"
echo "SHOW_LOGS=${SHOW_LOGS:-false}"
echo "PASSWORD=${PASSWORD:-}"
echo "ALLOWED_IPS=${ALLOWED_IPS:-}"
echo ""
@ -52,6 +49,12 @@ _buildConfig() {
echo ""
echo "[WEBHOOK]"
echo "WEBHOOK_URL=${WEBHOOK_URL:-}"
echo ""
echo "[ADMIN]"
echo "ADMIN_ENABLED=${ADMIN_ENABLED:-}"
echo "SHOW_ACCOUNT_LIST=${SHOW_ACCOUNT_LIST:-false}"
echo "ADMIN=${ADMIN:-}"
echo "SHOW_LOGS=${SHOW_LOGS:-false}"
}
_buildConfig > /var/www/opentrashmail/config.ini

31
example.config.ini
View File

@ -9,16 +9,6 @@ DOMAINS=yourdomain,sub.yourdomain,*.mydom.com
; The URL of your webserver hosting the GUI. No trailing slash
URL="http://localhost:8080"
; Enable to show a list of all existing accounts with mail
;SHOW_ACCOUNT_LIST=true
; Enter the admin email address. If you choose this email on the website you will see all emails from all users
; The email doesn't really have to exist or have mail but must look like an email address
;ADMIN=some@random.email
; Enable to show logs on the website
;SHOW_LOGS=false
; Password authentication for Web UI and API
; Passwords have to be sent via the HTTP header "PWD" or as a GET/Post parameter "password"
;PASSWORD=mystrongpassword
@ -56,8 +46,27 @@ DATEFORMAT="D.M.YYYY HH:mm"
DELETE_OLDER_THAN_DAYS=false
[WEBHOOK]
WEBHOOK_URL=
; Configure the URL of a webhook to be called when a new email is received. The BODY of the POST request will contain the email as JSON
; WEBHOOK_URL=
[ADMIN]
; This section is for the admin panel.
; Enable the admin panel. If false the link will not be shown on the web UI
ADMIN_ENABLED=false
; The password to access the admin panel If empty or not set, no password will be needed to access the admin page
;ADMIN_PASSWORD=123456
; Enable to show a list of all existing accounts with mail
;SHOW_ACCOUNT_LIST=true
; Enter the admin email address. If you choose this email on the website you will see all emails from all users
; The email doesn't really have to exist or have mail but must look like an email address
;ADMIN=some@random.email
; Enable to show logs on the admin website
;SHOW_LOGS=false
; NOT IMPLEMENTED YET
; NOT IMPLEMENTED YET

30
web/css/opentrashmail.css
View File

@ -84,4 +84,32 @@ tr.htmx-swapping td {
display: block;
text-align: left;
}
}
}
/** tab support for admin page **/
[role="tabs"] {
display: flex;
}
[role="tabs"] section {
display: flex;
flex-wrap: wrap;
width: 100%;
}
[role="tabs"] figure {
flex-grow: 1;
width: 100%;
height: 100%;
display: none;
}
[role="tabs"] [type="radio"]:checked + figure {
display: block;
}
nav[role="tab-control"] label.active {
color: var(--primary);
cursor: pointer;
}

6
web/inc/OpenTrashmailBackend.class.php
View File

@ -45,6 +45,12 @@ class OpenTrashmailBackend{
'configfile' => ROOT.DS.'../config.ini',
]);
else return '403 Forbidden';
case 'admin':
if($this->settings['ADMIN_ENABLED']==true)
return $this->renderTemplate('admin.html',[
'settings'=>$this->settings,
]);
else return '403 Not activated in config.ini';
default:
return false;
}

4
web/index.php
View File

@ -18,9 +18,11 @@ if($settings['ALLOWED_IPS'])
exit("Your IP ($ip) is not allowed to access this site.");
}
if($settings['PASSWORD'] || $settings['ADMIN_PASSWORD']) // let's only start a session if we need one
session_start();
if($settings['PASSWORD']) //site requires a password
{
session_start();
$pw = $settings['PASSWORD'];
$auth = false;
//first check for auth header or POST/GET variable

26
web/templates/admin.html.php Normal file
View File

@ -0,0 +1,26 @@
<h1>Admin</h1>
<?php
if($_REQUEST['password'] && $_REQUEST['password'] == $settings['ADMIN_PASSWORD'])
$_SESSION['admin'] = true;
else if($_REQUEST['password'] && $_REQUEST['password'] != $settings['ADMIN_PASSWORD'])
echo '<div class="error">Wrong password</div>';
?>
<?php if($settings['ADMIN_PASSWORD'] != "" && !$_SESSION['admin']): ?>
<form method="post" hx-post="/api/admin" hx-target="#main">
<input type="password" name="password" placeholder="password" />
<input type="submit" value="Login" />
</form>
<?php return; endif; ?>
<nav>
<ul>
<li><?php if($settings['SHOW_ACCOUNT_LIST']): ?><a href="/listaccounts" hx-get="/api/listaccounts" hx-target="#adminmain" hx-push-url="/listaccounts"><i class="fas fa-list"></i> List accounts</a><?php endif; ?></li>
<li><?php if($settings['SHOW_LOGS']==true): ?><a href="/logs" hx-get="/api/logs" hx-target="#adminmain" hx-push-url="/logs"><i class="fas fa-list"></i> Show logs</a><?php endif; ?></li>
</ul>
</nav>
<div id="adminmain"></div>

3
web/templates/index.html.php
View File

@ -16,8 +16,7 @@
<a href="/"><img src="/imgs/logo-50.png" width="50px" /> Open Trashmail <small class="version"><?=getVersion()?></small></a>
<a><input id="email" hx-post="/api/address" hx-target="#main" name="email" type="email" style="margin-bottom:0px" hx-trigger="input changed delay:500ms" placeholder="email address" aria-label="email address"></a>
<a href="/random" hx-get="/api/random" hx-target="#main"><i class="fas fa-random"></i> Generate random</a>
<?php if($settings['SHOW_ACCOUNT_LIST']): ?><a href="/listaccounts" hx-get="/api/listaccounts" hx-target="#main" hx-push-url="/listaccounts"><i class="fas fa-list"></i> List accounts</a><?php endif; ?>
<?php if($settings['SHOW_LOGS']==true): ?><a href="/logs" hx-get="/api/logs" hx-target="#main" hx-push-url="/logs"><i class="fas fa-list"></i> Show logs</a><?php endif; ?>
<?php if($this->settings['ADMIN_ENABLED']==true):?><a href="/admin" hx-get="/api/admin" hx-target="#main" hx-push-url="/admin"><i class="fas fa-user-shield"></i> Admin</a><?php endif; ?>
<a href="javascript:void(0);" class="icon" onclick="navbarmanager()">
<i class="fa fa-bars"></i>
</a>

10
web/templates/logs.html.php
View File

@ -1,8 +1,8 @@
<a href="#" hx-push-url="/logs/10" hx-get="/api/logs/10" <?= $lines==10?'disabled':'' ?> hx-target="#main" role="button">Last 10 lines</a>
<a href="#" hx-push-url="/logs/50" hx-get="/api/logs/50" <?= $lines==50?'disabled':'' ?> hx-target="#main" role="button">Last 50 lines</a>
<a href="#" hx-push-url="/logs/100" hx-get="/api/logs/100" <?= $lines==100?'disabled':'' ?> hx-target="#main" role="button">Last 100 lines</a>
<a href="#" hx-push-url="/logs/200" hx-get="/api/logs/200" <?= $lines==200?'disabled':'' ?> hx-target="#main" role="button">Last 200 lines</a>
<a href="#" hx-push-url="/logs/500" hx-get="/api/logs/500" <?= $lines==500?'disabled':'' ?> hx-target="#main" role="button">Last 500 lines</a>
<a href="#" hx-push-url="/logs/10" hx-get="/api/logs/10" <?= $lines==10?'disabled':'' ?> hx-target="#adminmain" role="button">Last 10 lines</a>
<a href="#" hx-push-url="/logs/50" hx-get="/api/logs/50" <?= $lines==50?'disabled':'' ?> hx-target="#adminmain" role="button">Last 50 lines</a>
<a href="#" hx-push-url="/logs/100" hx-get="/api/logs/100" <?= $lines==100?'disabled':'' ?> hx-target="#adminmain" role="button">Last 100 lines</a>
<a href="#" hx-push-url="/logs/200" hx-get="/api/logs/200" <?= $lines==200?'disabled':'' ?> hx-target="#adminmain" role="button">Last 200 lines</a>
<a href="#" hx-push-url="/logs/500" hx-get="/api/logs/500" <?= $lines==500?'disabled':'' ?> hx-target="#adminmain" role="button">Last 500 lines</a>
<hr>