From 67df0e95c45fe142cc9db6997bf73a39a7bfbe06 Mon Sep 17 00:00:00 2001
From: Son NK <son@simplelogin.io>
Date: Tue, 9 Apr 2024 13:34:57 +0200
Subject: [PATCH] user can turn on/off the data breach check

---
 app/dashboard/views/setting.py   | 15 +++++++++
 templates/dashboard/setting.html | 52 +++++++++++++++++++++++++++++---
 2 files changed, 63 insertions(+), 4 deletions(-)

diff --git a/app/dashboard/views/setting.py b/app/dashboard/views/setting.py
index cefbaf58..857905ab 100644
--- a/app/dashboard/views/setting.py
+++ b/app/dashboard/views/setting.py
@@ -227,6 +227,21 @@ def setting():
             Session.commit()
             flash("Your preference has been updated", "success")
             return redirect(url_for("dashboard.setting"))
+        elif request.form.get("form-name") == "enable_data_breach_check":
+            if not current_user.is_premium():
+                flash(
+                    "Only premium plan can add enable data breach monitoring", "warning"
+                )
+                return redirect(url_for("dashboard.setting"))
+            choose = request.form.get("enable_data_breach_check")
+            if choose == "on":
+                current_user.enable_data_breach_check = True
+                flash("Data breach monitoring is enabled", "success")
+            else:
+                current_user.enable_data_breach_check = False
+                flash("Data breach monitoring is disabled", "info")
+            Session.commit()
+            return redirect(url_for("dashboard.setting"))
         elif request.form.get("form-name") == "sender-in-ra":
             choose = request.form.get("enable")
             if choose == "on":
diff --git a/templates/dashboard/setting.html b/templates/dashboard/setting.html
index 03403766..ab6d865c 100644
--- a/templates/dashboard/setting.html
+++ b/templates/dashboard/setting.html
@@ -249,6 +249,42 @@
       </div>
     </div>
     <!-- END Random alias -->
+    <!-- Data breach check -->
+    <div class="card" id="data-breach">
+      <div class="card-body">
+        <div class="card-title">Data breach monitoring</div>
+        <div class="mt-1 mb-3">
+          {% if not current_user.is_premium() %}
+
+            <div class="alert alert-info" role="alert">
+              This feature is only available on Premium plan.
+              <a href="{{ url_for('dashboard.pricing') }}"
+                 target="_blank"
+                 rel="noopener noreferrer">
+                Upgrade<i class="fe fe-external-link"></i>
+              </a>
+            </div>
+          {% endif %}
+          If enabled, we will inform you via email if one of your aliases appears in a data breach.
+          <br>
+          SimpleLogin uses <a href="https://haveibeenpwned.com/">HaveIBeenPwned</a> API for checking for data breaches.
+        </div>
+        <form method="post" action="#data-breach">
+          {{ csrf_form.csrf_token }}
+          <input type="hidden" name="form-name" value="enable_data_breach_check">
+          <div class="form-check">
+            <input type="checkbox"
+                   id="enable_data_breach_check"
+                   name="enable_data_breach_check"
+                   {% if current_user.enable_data_breach_check %} checked{% endif %}
+                   class="form-check-input">
+            <label for="enable_data_breach_check">Enable data breach monitoring</label>
+          </div>
+          <button type="submit" class="btn btn-outline-primary">Update</button>
+        </form>
+      </div>
+    </div>
+    <!-- END Data breach check -->
     <!-- Sender Format -->
     <div class="card" id="sender-format">
       <div class="card-body">
@@ -285,7 +321,9 @@
               No Name (i.e. only reverse-alias)
             </option>
           </select>
-          <button class="btn btn-outline-primary mt-3">Update</button>
+          <button class="btn btn-outline-primary mt-3">
+            Update
+          </button>
         </form>
       </div>
     </div>
@@ -295,7 +333,9 @@
       <div class="card-body">
         <div class="card-title">
           Reverse Alias Replacement
-          <div class="badge badge-warning">Experimental</div>
+          <div class="badge badge-warning">
+            Experimental
+          </div>
         </div>
         <div class="mb-3">
           When replying to a forwarded email, the <b>reverse-alias</b> can be automatically included
@@ -312,9 +352,13 @@
                    name="replace-ra"
                    {% if current_user.replace_reverse_alias %} checked{% endif %}
                    class="form-check-input">
-            <label for="replace-ra">Enable replacing reverse alias</label>
+            <label for="replace-ra">
+              Enable replacing reverse alias
+            </label>
           </div>
-          <button type="submit" class="btn btn-outline-primary">Update</button>
+          <button type="submit" class="btn btn-outline-primary">
+            Update
+          </button>
         </form>
       </div>
     </div>