101 lines
3.5 KiB
Python
101 lines
3.5 KiB
Python
from __future__ import annotations
|
|
|
|
import time
|
|
from typing import Any
|
|
|
|
from flask import jsonify, g
|
|
|
|
from .. import settings
|
|
from ..keycloak import admin_client, require_auth, require_account_access
|
|
from ..utils import best_effort_post, random_password
|
|
|
|
|
|
def register(app) -> None:
|
|
@app.route("/api/account/overview", methods=["GET"])
|
|
@require_auth
|
|
def account_overview() -> Any:
|
|
ok, resp = require_account_access()
|
|
if not ok:
|
|
return resp
|
|
|
|
username = g.keycloak_username
|
|
mailu_username = ""
|
|
if g.keycloak_email and g.keycloak_email.lower().endswith(f"@{settings.MAILU_DOMAIN.lower()}"):
|
|
mailu_username = g.keycloak_email
|
|
elif username:
|
|
mailu_username = f"{username}@{settings.MAILU_DOMAIN}"
|
|
|
|
mailu_app_password = ""
|
|
if admin_client().ready() and username:
|
|
try:
|
|
user = admin_client().find_user(username)
|
|
user_id = (user or {}).get("id") or ""
|
|
if user_id:
|
|
full = admin_client().get_user(str(user_id))
|
|
attrs = full.get("attributes") or {}
|
|
if isinstance(attrs, dict):
|
|
values = attrs.get("mailu_app_password") or []
|
|
if isinstance(values, list) and values:
|
|
mailu_app_password = str(values[0])
|
|
except Exception:
|
|
mailu_app_password = ""
|
|
|
|
mailu_status = "ready"
|
|
jellyfin_status = "ready"
|
|
|
|
if not admin_client().ready():
|
|
mailu_status = "server not configured"
|
|
jellyfin_status = "server not configured"
|
|
|
|
return jsonify(
|
|
{
|
|
"user": {"username": username, "email": g.keycloak_email, "groups": g.keycloak_groups},
|
|
"mailu": {"status": mailu_status, "username": mailu_username, "app_password": mailu_app_password},
|
|
"jellyfin": {"status": jellyfin_status, "username": username},
|
|
}
|
|
)
|
|
|
|
@app.route("/api/account/mailu/rotate", methods=["POST"])
|
|
@require_auth
|
|
def account_mailu_rotate() -> Any:
|
|
ok, resp = require_account_access()
|
|
if not ok:
|
|
return resp
|
|
if not admin_client().ready():
|
|
return jsonify({"error": "server not configured"}), 503
|
|
|
|
username = g.keycloak_username
|
|
if not username:
|
|
return jsonify({"error": "missing username"}), 400
|
|
|
|
password = random_password()
|
|
try:
|
|
admin_client().set_user_attribute(username, "mailu_app_password", password)
|
|
except Exception:
|
|
return jsonify({"error": "failed to update mail password"}), 502
|
|
|
|
best_effort_post(settings.MAILU_SYNC_URL)
|
|
return jsonify({"password": password})
|
|
|
|
@app.route("/api/account/jellyfin/rotate", methods=["POST"])
|
|
@require_auth
|
|
def account_jellyfin_rotate() -> Any:
|
|
ok, resp = require_account_access()
|
|
if not ok:
|
|
return resp
|
|
if not admin_client().ready():
|
|
return jsonify({"error": "server not configured"}), 503
|
|
|
|
username = g.keycloak_username
|
|
if not username:
|
|
return jsonify({"error": "missing username"}), 400
|
|
|
|
password = random_password()
|
|
try:
|
|
admin_client().set_user_attribute(username, "jellyfin_app_password", password)
|
|
except Exception:
|
|
return jsonify({"error": "failed to update jellyfin password"}), 502
|
|
|
|
best_effort_post(settings.JELLYFIN_SYNC_URL)
|
|
return jsonify({"password": password})
|