mirror of
https://github.com/simple-login/app.git
synced 2024-11-16 17:08:30 +01:00
Merge pull request #51 from simple-login/check-personal-email
Check personal email
This commit is contained in:
commit
3abcae01c1
7 changed files with 83 additions and 21 deletions
|
@ -11,6 +11,7 @@ from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User
|
from app.models import User
|
||||||
from .login_utils import after_login
|
from .login_utils import after_login
|
||||||
|
from ...email_utils import can_be_used_as_personal_email
|
||||||
|
|
||||||
_authorization_base_url = "https://www.facebook.com/dialog/oauth"
|
_authorization_base_url = "https://www.facebook.com/dialog/oauth"
|
||||||
_token_url = "https://graph.facebook.com/oauth/access_token"
|
_token_url = "https://graph.facebook.com/oauth/access_token"
|
||||||
|
@ -102,6 +103,12 @@ def facebook_callback():
|
||||||
|
|
||||||
# create user
|
# create user
|
||||||
else:
|
else:
|
||||||
|
if not can_be_used_as_personal_email(email):
|
||||||
|
flash(
|
||||||
|
f"You cannot use {email} as your personal inbox.", "error",
|
||||||
|
)
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
LOG.d("create facebook user with %s", facebook_user_data)
|
LOG.d("create facebook user with %s", facebook_user_data)
|
||||||
user = User.create(
|
user = User.create(
|
||||||
email=email.lower(), name=facebook_user_data["name"], activated=True
|
email=email.lower(), name=facebook_user_data["name"], activated=True
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from flask import request, session, redirect, flash
|
from flask import request, session, redirect, flash, url_for
|
||||||
from flask_login import login_user
|
from flask_login import login_user
|
||||||
from requests_oauthlib import OAuth2Session
|
from requests_oauthlib import OAuth2Session
|
||||||
|
|
||||||
|
@ -6,6 +6,7 @@ from app import email_utils
|
||||||
from app.auth.base import auth_bp
|
from app.auth.base import auth_bp
|
||||||
from app.auth.views.login_utils import after_login
|
from app.auth.views.login_utils import after_login
|
||||||
from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL
|
from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL
|
||||||
|
from app.email_utils import can_be_used_as_personal_email
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User
|
from app.models import User
|
||||||
|
@ -84,6 +85,12 @@ def github_callback():
|
||||||
|
|
||||||
# create user
|
# create user
|
||||||
if not user:
|
if not user:
|
||||||
|
if not can_be_used_as_personal_email(email):
|
||||||
|
flash(
|
||||||
|
f"You cannot use {email} as your personal inbox.", "error",
|
||||||
|
)
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
LOG.d("create github user")
|
LOG.d("create github user")
|
||||||
user = User.create(
|
user = User.create(
|
||||||
email=email.lower(), name=github_user_data.get("name") or "", activated=True
|
email=email.lower(), name=github_user_data.get("name") or "", activated=True
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
from flask import request, session, redirect, flash
|
from flask import request, session, redirect, flash, url_for
|
||||||
from flask_login import login_user
|
from flask_login import login_user
|
||||||
from requests_oauthlib import OAuth2Session
|
from requests_oauthlib import OAuth2Session
|
||||||
|
|
||||||
|
@ -10,6 +10,7 @@ from app.log import LOG
|
||||||
from app.models import User, File
|
from app.models import User, File
|
||||||
from app.utils import random_string
|
from app.utils import random_string
|
||||||
from .login_utils import after_login
|
from .login_utils import after_login
|
||||||
|
from ...email_utils import can_be_used_as_personal_email
|
||||||
|
|
||||||
_authorization_base_url = "https://accounts.google.com/o/oauth2/v2/auth"
|
_authorization_base_url = "https://accounts.google.com/o/oauth2/v2/auth"
|
||||||
_token_url = "https://www.googleapis.com/oauth2/v4/token"
|
_token_url = "https://www.googleapis.com/oauth2/v4/token"
|
||||||
|
@ -92,6 +93,12 @@ def google_callback():
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
# create user
|
# create user
|
||||||
else:
|
else:
|
||||||
|
if not can_be_used_as_personal_email(email):
|
||||||
|
flash(
|
||||||
|
f"You cannot use {email} as your personal inbox.", "error",
|
||||||
|
)
|
||||||
|
return redirect(url_for("auth.login"))
|
||||||
|
|
||||||
LOG.d("create google user with %s", google_user_data)
|
LOG.d("create google user with %s", google_user_data)
|
||||||
user = User.create(
|
user = User.create(
|
||||||
email=email.lower(), name=google_user_data["name"], activated=True
|
email=email.lower(), name=google_user_data["name"], activated=True
|
||||||
|
|
|
@ -6,7 +6,7 @@ from wtforms import StringField, validators
|
||||||
from app import email_utils
|
from app import email_utils
|
||||||
from app.auth.base import auth_bp
|
from app.auth.base import auth_bp
|
||||||
from app.config import URL
|
from app.config import URL
|
||||||
from app.email_utils import email_belongs_to_alias_domains
|
from app.email_utils import can_be_used_as_personal_email
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import User, ActivationCode
|
from app.models import User, ActivationCode
|
||||||
|
@ -32,12 +32,11 @@ def register():
|
||||||
|
|
||||||
if form.validate_on_submit():
|
if form.validate_on_submit():
|
||||||
email = form.email.data
|
email = form.email.data
|
||||||
if email_belongs_to_alias_domains(email):
|
if not can_be_used_as_personal_email(email):
|
||||||
flash(
|
flash(
|
||||||
"You cannot use alias as your personal inbox. Nice try though 😉",
|
"You cannot use this email address as your personal inbox.", "error",
|
||||||
"error",
|
|
||||||
)
|
)
|
||||||
|
else:
|
||||||
user = User.filter_by(email=email).first()
|
user = User.filter_by(email=email).first()
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
|
|
|
@ -11,7 +11,10 @@ from wtforms import StringField, validators
|
||||||
from app import s3, email_utils
|
from app import s3, email_utils
|
||||||
from app.config import URL
|
from app.config import URL
|
||||||
from app.dashboard.base import dashboard_bp
|
from app.dashboard.base import dashboard_bp
|
||||||
from app.email_utils import email_belongs_to_alias_domains
|
from app.email_utils import (
|
||||||
|
email_belongs_to_alias_domains,
|
||||||
|
can_be_used_as_personal_email,
|
||||||
|
)
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import (
|
from app.models import (
|
||||||
|
@ -93,9 +96,9 @@ def setting():
|
||||||
or DeletedAlias.get_by(email=new_email)
|
or DeletedAlias.get_by(email=new_email)
|
||||||
):
|
):
|
||||||
flash(f"Email {new_email} already used", "error")
|
flash(f"Email {new_email} already used", "error")
|
||||||
elif email_belongs_to_alias_domains(new_email):
|
elif not can_be_used_as_personal_email(new_email):
|
||||||
flash(
|
flash(
|
||||||
"You cannot use alias as your personal inbox. Nice try though 😉",
|
"You cannot use this email address as your personal inbox.",
|
||||||
"error",
|
"error",
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
|
|
|
@ -288,3 +288,23 @@ def email_belongs_to_alias_domains(email: str) -> bool:
|
||||||
return True
|
return True
|
||||||
|
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
def can_be_used_as_personal_email(email: str) -> bool:
|
||||||
|
"""return True if an email can be used as a personal email. Currently the only condition is email domain is not
|
||||||
|
- one of ALIAS_DOMAINS
|
||||||
|
- one of custom domains
|
||||||
|
"""
|
||||||
|
domain = get_email_domain_part(email)
|
||||||
|
if not domain:
|
||||||
|
return False
|
||||||
|
|
||||||
|
if domain in ALIAS_DOMAINS:
|
||||||
|
return False
|
||||||
|
|
||||||
|
from app.models import CustomDomain
|
||||||
|
|
||||||
|
if CustomDomain.get_by(domain=domain, verified=True):
|
||||||
|
return False
|
||||||
|
|
||||||
|
return True
|
||||||
|
|
|
@ -4,7 +4,10 @@ from app.email_utils import (
|
||||||
get_email_local_part,
|
get_email_local_part,
|
||||||
get_email_domain_part,
|
get_email_domain_part,
|
||||||
email_belongs_to_alias_domains,
|
email_belongs_to_alias_domains,
|
||||||
|
can_be_used_as_personal_email,
|
||||||
)
|
)
|
||||||
|
from app.extensions import db
|
||||||
|
from app.models import User, CustomDomain
|
||||||
|
|
||||||
|
|
||||||
def test_get_email_name():
|
def test_get_email_name():
|
||||||
|
@ -36,3 +39,19 @@ def test_email_belongs_to_alias_domains():
|
||||||
|
|
||||||
assert email_belongs_to_alias_domains("hey@d1.test")
|
assert email_belongs_to_alias_domains("hey@d1.test")
|
||||||
assert not email_belongs_to_alias_domains("hey@d3.test")
|
assert not email_belongs_to_alias_domains("hey@d3.test")
|
||||||
|
|
||||||
|
|
||||||
|
def test_can_be_used_as_personal_email(flask_client):
|
||||||
|
# default alias domain
|
||||||
|
assert not can_be_used_as_personal_email("ab@sl.local")
|
||||||
|
assert not can_be_used_as_personal_email("hey@d1.test")
|
||||||
|
|
||||||
|
assert can_be_used_as_personal_email("hey@ab.cd")
|
||||||
|
# custom domain
|
||||||
|
user = User.create(
|
||||||
|
email="a@b.c", password="password", name="Test User", activated=True
|
||||||
|
)
|
||||||
|
db.session.commit()
|
||||||
|
CustomDomain.create(user_id=user.id, domain="ab.cd", verified=True)
|
||||||
|
db.session.commit()
|
||||||
|
assert not can_be_used_as_personal_email("hey@ab.cd")
|
||||||
|
|
Loading…
Reference in a new issue