Flask app

.gitignore

@@ -0,0 +1,15 @@
+# Byte-compiled / optimized / DLL files
+dist
+build
+__pycache__
+*.py[cod]
+*$py.class
+*.swp
+*.egg-info
+_build
+.tox
+.coverage
+coverage
+
+# Virtualenv
+venv

MANIFEST.in

@@ -0,0 +1,2 @@
+recursive-include ghostream/templates *
+recursive-include ghostream/static *

ghostream/__init__.py

@@ -0,0 +1,46 @@
+from flask import Flask, request, redirect, render_template
+import ldap
+
+app = Flask(__name__)
+app.logger.setLevel(20)  # log info
+app.config.from_object('ghostream.default_settings')
+app.config.from_envvar('GHOSTREAM_SETTINGS')
+
+@app.route('/')
+def index():
+    """Welcome page"""
+    return render_template('index.html')
+
+@app.route('/<path:path>')
+def viewer(path):
+    """Show stream that match this path"""
+    return render_template('viewer.html', path=path)
+
+@app.route('/auth', methods=['POST'])
+def auth():
+    """Authentication on stream start"""
+    # Limit to NGINX auth
+    if request.remote_addr != '127.0.0.1':
+        return "Permission denied", 403
+
+    name = request.form.get('name')
+    password = request.form.get('pass')
+
+    # Stream need a name and password
+    if name is None or password is None:
+        # When login success, the RTMP is redirected to remove the "?pass=xxx"
+        # so just ignore login here, and NGINX will still allow streaming.
+        return "Malformed request", 400
+
+    bind_dn = f"cn={name},{app.config.LDAP_USER_DN}"
+    try:
+        # Try to bind LDAP as the user
+        connect = ldap.initialize(app.config.LDAP_URI)
+        connect.bind_s(bind_dn, password)
+        connect.unbind_s()
+        app.logger.info("%s logged in successfully", name)
+        # Remove "?pass=xxx" from RTMP URL
+        return redirect(f"rtmp://127.0.0.1:1925/app/{name}", code=302)
+    except:
+        app.logger.warning("%s failed to log in", name)
+        return 'Incorrect credentials', 401

ghostream/default_settings.py

@@ -0,0 +1,9 @@
+# Default configuration
+
+# LDAP
+LDAP_URI = "ldap://127.0.0.1:389"
+LDAP_USER_DN = "cn=users,dc=example,dc=com"
+
+# Web page
+SITE_NAME = "Ghostream"
+FAVICON = "/favicon.ico"

ghostream/static/style.css

@@ -0,0 +1,17 @@
+body, html {
+  height: 100%;
+}
+
+body {
+  background-color: #3b4b5b;
+  user-select: none;
+}
+
+.text-select {
+  user-select: text;
+}
+
+.my-row {
+  display: flex;
+  height: 100%;
+}

ghostream/templates/base.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+  <meta charset="UTF-8">
+  <title>{% block title %}{{ config.SITE_NAME }}{% endblock %}</title>
+  <link href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" integrity="sha384-JcKb8q3iqJ61gNV9KGb8thSsNjpSL0n8PARn9HuZOnIxN0hoP+VmmDGMN5t9UJ0Z" rel="stylesheet">
+  <link href="{{ url_for('static', filename='style.css') }}" rel="stylesheet">
+  <link rel="shortcut icon" href="{{ config.FAVICON }}">
+</head>
+<body>
+  {% block content %}{% endblock %}
+</body>
+</html>

setup.py

@@ -0,0 +1,12 @@
+from setuptools import setup, find_packages
+
+setup(
+    name='ghostream',
+    version='1.0',
+    packages=find_packages(),
+    include_package_data=True,
+    install_requires=[
+        'flask>=1.1.1',
+        'python-ldap>=3.2.0',
+    ],
+)