Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-16 17:08:30 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #51 from simple-login/check-personal-email

Browse source 
Check personal email
This commit is contained in:
Son Nguyen Kim 2020-01-26 21:47:16 +07:00 committed by GitHub
commit 3abcae01c1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 83 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/auth/views/facebook.py
View file

@ -11,6 +11,7 @@ from app.extensions import db
from app.log import LOG from app.log import LOG
from app.models import User from app.models import User
from .login_utils import after_login from .login_utils import after_login
from ...email_utils import can_be_used_as_personal_email
_authorization_base_url = "https://www.facebook.com/dialog/oauth" _authorization_base_url = "https://www.facebook.com/dialog/oauth"
_token_url = "https://graph.facebook.com/oauth/access_token" _token_url = "https://graph.facebook.com/oauth/access_token"
@ -102,6 +103,12 @@ def facebook_callback():
# create user # create user
else: else:
if not can_be_used_as_personal_email(email):
flash(
f"You cannot use {email} as your personal inbox.", "error",
)
return redirect(url_for("auth.login"))
LOG.d("create facebook user with %s", facebook_user_data) LOG.d("create facebook user with %s", facebook_user_data)
user = User.create( user = User.create(
email=email.lower(), name=facebook_user_data["name"], activated=True email=email.lower(), name=facebook_user_data["name"], activated=True

9
app/auth/views/github.py
View file

@ -1,4 +1,4 @@
from flask import request, session, redirect, flash from flask import request, session, redirect, flash, url_for
from flask_login import login_user from flask_login import login_user
from requests_oauthlib import OAuth2Session from requests_oauthlib import OAuth2Session
@ -6,6 +6,7 @@ from app import email_utils
from app.auth.base import auth_bp from app.auth.base import auth_bp
from app.auth.views.login_utils import after_login from app.auth.views.login_utils import after_login
from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL from app.config import GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET, URL
from app.email_utils import can_be_used_as_personal_email
from app.extensions import db from app.extensions import db
from app.log import LOG from app.log import LOG
from app.models import User from app.models import User
@ -84,6 +85,12 @@ def github_callback():
# create user # create user
if not user: if not user:
if not can_be_used_as_personal_email(email):
flash(
f"You cannot use {email} as your personal inbox.", "error",
)
return redirect(url_for("auth.login"))
LOG.d("create github user") LOG.d("create github user")
user = User.create( user = User.create(
email=email.lower(), name=github_user_data.get("name") or "", activated=True email=email.lower(), name=github_user_data.get("name") or "", activated=True

9
app/auth/views/google.py
View file

@ -1,4 +1,4 @@
from flask import request, session, redirect, flash from flask import request, session, redirect, flash, url_for
from flask_login import login_user from flask_login import login_user
from requests_oauthlib import OAuth2Session from requests_oauthlib import OAuth2Session
@ -10,6 +10,7 @@ from app.log import LOG
from app.models import User, File from app.models import User, File
from app.utils import random_string from app.utils import random_string
from .login_utils import after_login from .login_utils import after_login
from ...email_utils import can_be_used_as_personal_email
_authorization_base_url = "https://accounts.google.com/o/oauth2/v2/auth" _authorization_base_url = "https://accounts.google.com/o/oauth2/v2/auth"
_token_url = "https://www.googleapis.com/oauth2/v4/token" _token_url = "https://www.googleapis.com/oauth2/v4/token"
@ -92,6 +93,12 @@ def google_callback():
db.session.commit() db.session.commit()
# create user # create user
else: else:
if not can_be_used_as_personal_email(email):
flash(
f"You cannot use {email} as your personal inbox.", "error",
)
return redirect(url_for("auth.login"))
LOG.d("create google user with %s", google_user_data) LOG.d("create google user with %s", google_user_data)
user = User.create( user = User.create(
email=email.lower(), name=google_user_data["name"], activated=True email=email.lower(), name=google_user_data["name"], activated=True

31
app/auth/views/register.py
View file

@ -6,7 +6,7 @@ from wtforms import StringField, validators
from app import email_utils from app import email_utils
from app.auth.base import auth_bp from app.auth.base import auth_bp
from app.config import URL from app.config import URL
from app.email_utils import email_belongs_to_alias_domains from app.email_utils import can_be_used_as_personal_email
from app.extensions import db from app.extensions import db
from app.log import LOG from app.log import LOG
from app.models import User, ActivationCode from app.models import User, ActivationCode
@ -32,26 +32,25 @@ def register():
if form.validate_on_submit(): if form.validate_on_submit():
email = form.email.data email = form.email.data
if email_belongs_to_alias_domains(email): if not can_be_used_as_personal_email(email):
flash( flash(
"You cannot use alias as your personal inbox. Nice try though 😉", "You cannot use this email address as your personal inbox.", "error",
"error",
) )
user = User.filter_by(email=email).first()
if user:
flash(f"Email {form.email.data} already exists", "warning")
else: else:
LOG.debug("create user %s", form.email.data) user = User.filter_by(email=email).first()
user = User.create(
email=form.email.data.lower(), name="", password=form.password.data,
)
db.session.commit()
send_activation_email(user, next_url) if user:
flash(f"Email {form.email.data} already exists", "warning")
else:
LOG.debug("create user %s", form.email.data)
user = User.create(
email=form.email.data.lower(), name="", password=form.password.data,
)
db.session.commit()
return render_template("auth/register_waiting_activation.html") send_activation_email(user, next_url)
return render_template("auth/register_waiting_activation.html")
return render_template("auth/register.html", form=form, next_url=next_url) return render_template("auth/register.html", form=form, next_url=next_url)

9
app/dashboard/views/setting.py
View file

@ -11,7 +11,10 @@ from wtforms import StringField, validators
from app import s3, email_utils from app import s3, email_utils
from app.config import URL from app.config import URL
from app.dashboard.base import dashboard_bp from app.dashboard.base import dashboard_bp
from app.email_utils import email_belongs_to_alias_domains from app.email_utils import (
email_belongs_to_alias_domains,
can_be_used_as_personal_email,
)
from app.extensions import db from app.extensions import db
from app.log import LOG from app.log import LOG
from app.models import ( from app.models import (
@ -93,9 +96,9 @@ def setting():
or DeletedAlias.get_by(email=new_email) or DeletedAlias.get_by(email=new_email)
): ):
flash(f"Email {new_email} already used", "error") flash(f"Email {new_email} already used", "error")
elif email_belongs_to_alias_domains(new_email): elif not can_be_used_as_personal_email(new_email):
flash( flash(
"You cannot use alias as your personal inbox. Nice try though 😉", "You cannot use this email address as your personal inbox.",
"error", "error",
) )
else: else:

20
app/email_utils.py
View file

@ -288,3 +288,23 @@ def email_belongs_to_alias_domains(email: str) -> bool:
return True return True
return False return False
def can_be_used_as_personal_email(email: str) -> bool:
"""return True if an email can be used as a personal email. Currently the only condition is email domain is not
- one of ALIAS_DOMAINS
- one of custom domains
"""
domain = get_email_domain_part(email)
if not domain:
return False
if domain in ALIAS_DOMAINS:
return False
from app.models import CustomDomain
if CustomDomain.get_by(domain=domain, verified=True):
return False
return True

19
tests/test_email_utils.py
View file

@ -4,7 +4,10 @@ from app.email_utils import (
get_email_local_part, get_email_local_part,
get_email_domain_part, get_email_domain_part,
email_belongs_to_alias_domains, email_belongs_to_alias_domains,
can_be_used_as_personal_email,
) )
from app.extensions import db
from app.models import User, CustomDomain
def test_get_email_name(): def test_get_email_name():
@ -36,3 +39,19 @@ def test_email_belongs_to_alias_domains():
assert email_belongs_to_alias_domains("hey@d1.test") assert email_belongs_to_alias_domains("hey@d1.test")
assert not email_belongs_to_alias_domains("hey@d3.test") assert not email_belongs_to_alias_domains("hey@d3.test")
def test_can_be_used_as_personal_email(flask_client):
# default alias domain
assert not can_be_used_as_personal_email("ab@sl.local")
assert not can_be_used_as_personal_email("hey@d1.test")
assert can_be_used_as_personal_email("hey@ab.cd")
# custom domain
user = User.create(
email="a@b.c", password="password", name="Test User", activated=True
)
db.session.commit()
CustomDomain.create(user_id=user.id, domain="ab.cd", verified=True)
db.session.commit()
assert not can_be_used_as_personal_email("hey@ab.cd")