Init

2023-11-04 16:46:10 +00:00 · 2023-11-04 16:46:10 +00:00 · 1096ce0852
parent 911effbdaf
commit 1096ce0852
11 changed files with 295 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,21 @@
 # HectaMail-website

-A frontend and registration service for the maddy mail server
+A frontend and registration service for the maddy mail server
+
+## Setup
+
+Use your web server to host everything in public, and run app.py with python.
+
+Reverse-proxy app.py to /register.
+
+## Dependencies
+
+System
+
+Any HTTP web server
+Python3
+
+PIP
+
+Flask
+Waitress
--- a/app.py
+++ b/app.py
@ -0,0 +1,55 @@
+from flask import Flask, render_template, request, redirect, url_for
+import subprocess
+import re
+from waitress import serve
+
+allowed_pattern = r'^[a-zA-Z0-9.]+$'
+
+def is_valid_input(input_string):
+    return re.match(allowed_pattern, input_string) is not None
+
+app = Flask(__name__)
+
+def create_email_account(username, password):
+    if is_valid_input(password) and is_valid_input(username):
+        try:
+            # Use echo to securely pass the password to the command
+            cmd = ["echo", password, "|", "doas", "-u", "maddy", "maddy", "creds", "create", f"{username}@hectabit.org"]
+            result = subprocess.run(" ".join(cmd), shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+
+            if result.returncode == 0:
+                # Command executed successfully
+                return True
+            else:
+                # Handle errors, log them, and return False
+                error_message = result.stderr.decode("utf-8")
+                print(f"Error creating email account: {error_message}")
+                return False
+        except Exception as e:
+            # Handle exceptions and return False
+            print(f"Error creating email account: {str(e)}")
+            return False
+    else:
+        print(f"Injection Bypass! Very bad!")
+        return False
+
+@app.route('/')
+def index():
+    return render_template('index.html')
+
+@app.route('/api', methods=['POST'])
+def register():
+    username = request.form.get('username')
+    password = request.form.get('password')
+
+    if not is_valid_input(password) or not is_valid_input(username):
+        return render_template('num.html'), 400
+
+    if create_email_account(username, password):
+        return render_template('ok.html')
+    else:
+        return render_template('err.html'), 500
+
+
+if __name__ == '__main__':
+    serve(app, host='0.0.0.0', port=8050)
--- a/public/cta/index.html
+++ b/public/cta/index.html
@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <title>Email Account Registration</title>
+    <link rel="stylesheet" href="/static/css/main.css">
+</head>
+<body>
+    <div class="headerbar">
+        <a class="main" href="/">HectaMail</a>
+        <a href="/register">Sign up</a>
+    </div>
+    <div class="content">
+        <h1>You found an egg!</h1>
+        <p1>Goverment: You have to hand over this user's IP because we want it.</p1>
+	<br>
+        <p1>Me:</p1>
+	<br>
+	<br>
+	<iframe style="border: 0;" src="https://mail.hectabit.org/cta/political.mov"></iframe>
+    </div>
+</body><style type="text/css"></style></html>
--- a/public/cta/political.mov
+++ b/public/cta/political.mov
--- a/public/index.html
+++ b/public/index.html
@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <title>Email Account Registration</title>
+    <link rel="stylesheet" href="/static/css/main.css">
+</head>
+<body>
+    <div class="headerbar">
+        <a class="main" href="/">HectaMail</a>
+        <a href="/register">Sign up</a>
+    </div>
+    <div class="content">
+        <h1>Welcome to HectaMail!</h1>
+        <p1>HectaMail is a Free, Open Source, and privacy respecting email service.</p1>
+        <p1>You can have our absolute assurance that noone will spy on your data.</p1>
+	<p1>HectaMail supports IMAP and SMTP, on all SSL standards, on all standard ports.<p1>
+	<p1>We have no filesize limit, but if you start spamming, you can (will) be banned.</p1>
+	<p1>Thank you for respecting this community service!</p1>
+	<h1>Email Setup</h1>
+	<p1>Hostname: mail.hectabit.org</p1>
+	<br>
+	<p1>SMTP: Port 465 (SSL/TLS), 587 (StartTLS) or 25 (PlainText, not recommended)</p1>
+	<br>
+	<p1>IMAP: Port 993 (SSL/TLS) or 143 (StartTLS)</p1>
+	<br>
+	<p1>Login: Normal Password</p1>
+	<h1>Great! How much is it?</h1>
+	<p1>HectaMail isn't just Free as in Freedom, it's also Free as in Beer. Enjoy HectaMail as much as you want!</p1>
+    </div>
+</body><style type="text/css"></style></html>
--- a/public/static/css/main.css
+++ b/public/static/css/main.css
@ -0,0 +1,81 @@
+@import url('https://fonts.googleapis.com/css2?family=Roboto+Mono:wght@100&display=swap');
+
+body {
+    color: white;
+    text-align: center;
+    font-family: Roboto Mono;
+    background-color: rgb(20, 10, 30);
+}
+
+input {
+    padding: 10px;
+    background-color: rgb(67, 0, 166);
+    color: white;
+    border-style: none;
+    border-radius: 5px;
+    margin-top: 5px;
+}
+
+button {
+    padding: 10px;
+    background-color: rgb(67, 0, 166);
+    color: white;
+    border-style: none;
+    border-radius: 5px;
+    margin-top: 5px;
+}
+
+.pswdbox {
+    margin-top: 5px;
+}
+
+.spacer {
+    margin-top: 5px;
+}
+
+.spacer2 {
+    margin-top: 30px;
+}
+
+input[type="password"],
+input[type="text"] {
+    background-color: rgb(91, 91, 91);
+}
+
+.headerbar {
+    position: fixed;
+    top: 0px;
+    left: 0px;
+    right: 0px;
+    background-color: #23064f;
+    height: 60px;
+    align-items: center;
+    display: flex;
+}
+
+.content {
+    position: fixed;
+    left: 0px;
+    right: 0px;
+    top: 60px;
+}
+
+.main {
+    font-size: 20px;
+    padding: 20px;
+    color: white;
+    text-decoration: none;
+    font-weight: bold;
+    background-color: #140a1e
+}
+
+a {
+    padding: 20px;
+    font-size: 18px;
+    text-decoration: none;
+    color: white;
+}
+
+a:hover {
+    background-color: #140a1e
+}
--- a/requirements.txt
+++ b/requirements.txt
@ -0,0 +1,2 @@
+flask
+waitress
--- a/templates/err.html
+++ b/templates/err.html
@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <title>Email Account Registration</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='css/main.css') }}">
+</head>
+<body>
+    <div class="headerbar">
+        <a href="/">HectaMail</a>
+        <a class="main" href="/register">Sign up</a>
+    </div>
+    <div class="content">
+        <h1>Error!</h1>
+        <p1>Something went wrong on our end - the mail server could be down. Please try again later.</p1>
+        <div class=spacer2>
+          <button onclick="history.back()">Go Back</button>
+        </div>
+    </div>
+</body><style type="text/css"></style></html>
--- a/templates/index.html
+++ b/templates/index.html
@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <title>Email Account Registration</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='css/main.css') }}">
+</head>
+<body>
+    <div class="headerbar">
+        <a href="/">HectaMail</a>
+        <a class="main" href="/register">Sign up</a>
+    </div>
+    <div class="content">
+        <h1>Register an Email Account</h1>
+        <form method="POST" action="/register/api">
+            <label for="username">Username</label>
+	    <div class="spacer">
+                <input type="text" name="username" required="">
+	    </div>
+            <br>
+	    <div class="pswdbox">
+                <label for="password">Password</label>
+	        <div class="spacer">
+                    <input type="password" name="password" required="">
+	        </div>
+	    </div>
+            <br>
+            <input type="submit" value="Register">
+        </form>
+    </div>
+</body><style type="text/css"></style></html>
--- a/templates/num.html
+++ b/templates/num.html
@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <title>Email Account Registration</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='css/main.css') }}">
+</head>
+<body>
+    <div class="headerbar">
+        <a href="/">HectaMail</a>
+        <a class="main" href="/register">Sign up</a>
+    </div>
+    <div class="content">
+        <h1>Error!</h1>
+        <p1>You can only have Alphanumerical characters and periods in your username / password.</p1>
+        <div class=spacer2>
+          <button onclick="history.back()">Go Back</button>
+        </div>
+    </div>
+</body><style type="text/css"></style></html>
--- a/templates/ok.html
+++ b/templates/ok.html
@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html><head>
+<meta http-equiv="content-type" content="text/html; charset=UTF-8">
+    <title>Email Account Registration</title>
+    <link rel="stylesheet" href="{{ url_for('static', filename='css/main.css') }}">
+</head>
+<body>
+    <div class="headerbar">
+        <a href="/">HectaMail</a>
+        <a class="main" href="/register">Sign up</a>
+    </div>
+    <div class="content">
+        <h1>Done!</h1>
+        <p1>Success! Add this to your favourite email program with the infomation noted on the main page!</p1>
+        <div class=spacer2>
+          <button onclick="window.location.replace('/')">Go to home</button>
+        </div>
+    </div>
+</body><style type="text/css"></style></html>