add basic auth

.env.dev

@@ -11,4 +11,5 @@ alarminator_api=""
 alarminator_token=""
 alarminator_zvies_use_PEALGRP="False"
 printer=DEFAULT
-print_num=0
+print_num=0
+BASIC_AUTH_PASSWORD=""

Dockerfile

@@ -14,6 +14,7 @@ ENV print_num=0
 ENV printer="DEFAULT"
 ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
 ENV MAPS_API_KEY=""
+ENV BASIC_AUTH_PASSWORD=""
 
 
 COPY *.deb /
@@ -62,4 +63,4 @@ COPY ./app .
 COPY *.crt /usr/local/share/ca-certificates/
 RUN update-ca-certificates
 
-CMD [ "sh","-c","/etc/init.d/cups start && python3 /usr/src/app/http.py" ]
+CMD [ "sh","-c","/etc/init.d/cups start && python3 /usr/src/app/app.py" ]

app/app.py

@@ -1,22 +1,25 @@
 from flask import Flask, flash, request, redirect, send_from_directory, get_flashed_messages
-from werkzeug.utils import secure_filename
 import os
 import glob
 import securecad_parser
 import datetime
 from hooks import webhook, alarminator_api, cups_print
 from pathlib import Path
+from flask_basicauth import BasicAuth
 
 app = Flask(__name__)
 app.secret_key = 'super secret key'
 app.config['SESSION_TYPE'] = 'filesystem'
+app.config['BASIC_AUTH_USERNAME'] = 'admin'
+app.config['BASIC_AUTH_PASSWORD'] = os.environ.get('BASIC_AUTH_PASSWORD','password')
+basic_auth = BasicAuth(app)
 
 def wrapHtml(innerHtml):
     return '''<html lang="en">
   <head>
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
-    <title>Bootstrap demo</title>
+    <title>JFW Alarm</title>
     <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">
   </head>
   <body><div class="container text-center">
@@ -62,6 +65,7 @@ def allowed_file(filename:str):
         
 
 @app.route("/")
+@basic_auth.required
 def root():
     html = ""
     file = request.args.get('sendalarm')
@@ -84,6 +88,7 @@ def root():
     return wrapHtml(html)
 
 @app.route('/files', methods=['POST'])
+@basic_auth.required
 def upload_file():
     # check if the post request has the file part
     print(request.files)
@@ -102,11 +107,13 @@ def upload_file():
     return redirect('/files')
     
 @app.route('/files/<path:filename>', methods=['GET'])
+@basic_auth.required
 def download(filename):
     uploads = alarmsPath()
     return send_from_directory(uploads, filename, as_attachment=True)
 
 @app.route("/files", methods=['GET'])
+@basic_auth.required
 def files():
     Path(alarmsPath()).mkdir(parents=True, exist_ok=True)
     file = request.args.get('del')

docker-compose.yaml

@@ -2,9 +2,12 @@ version: "2"
 services:
   app:
     build: ./
-    image: gitea.simonzeyer.de/simon/wnd_ils_alarmfax_parser:latest
+    #image: gitea.simonzeyer.de/simon/wnd_ils_alarmfax_parser:latest
     restart: always
     privileged: true
+    # ports:
+    #   - 631:631
+    #   - 5000:5000
     environment:
       - username=${username}
       - password=${password}