Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Send a notification email for invalid recovery codes.

This commit is contained in:
george 2022-01-20 16:41:42 +00:00
parent 6b4d276ffe
commit f7f91afc1e
No known key found for this signature in database
GPG Key ID: D30164B91DE6EEE3
4 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/auth/views/mfa.py
View File

@ -97,8 +97,14 @@ def mfa():
ALERT_INVALID_TOTP_LOGIN, ALERT_INVALID_TOTP_LOGIN,
user.email, user.email,
"There was an unsuccessful login on your SimpleLogin account", "There was an unsuccessful login on your SimpleLogin account",
render("transactional/invalid-totp-login.txt"), render(
render("transactional/invalid-totp-login.html"), "transactional/invalid-totp-login.txt",
type="TOTP",
),
render(
"transactional/invalid-totp-login.html",
type="TOTP",
),
1, 1,
) )
flash("Incorrect token", "warning") flash("Incorrect token", "warning")

18
app/auth/views/recovery.py
View File

@ -5,8 +5,9 @@ from flask_wtf import FlaskForm
from wtforms import StringField, validators from wtforms import StringField, validators
from app.auth.base import auth_bp from app.auth.base import auth_bp
from app.config import MFA_USER_ID from app.config import MFA_USER_ID, ALERT_INVALID_TOTP_LOGIN
from app.db import Session from app.db import Session
from app.email_utils import send_email_with_rate_control, render
from app.extensions import limiter from app.extensions import limiter
from app.log import LOG from app.log import LOG
from app.models import User, RecoveryCode from app.models import User, RecoveryCode
@ -67,6 +68,21 @@ def recovery_route():
else: else:
# Trigger rate limiter # Trigger rate limiter
g.deduct_limit = True g.deduct_limit = True
send_email_with_rate_control(
user,
ALERT_INVALID_TOTP_LOGIN,
user.email,
"There was an unsuccessful login on your SimpleLogin account",
render(
"transactional/invalid-totp-login.txt",
type="recovery",
),
render(
"transactional/invalid-totp-login.html",
type="recovery",
),
1,
)
flash("Incorrect code", "error") flash("Incorrect code", "error")
return render_template("auth/recovery.html", recovery_form=recovery_form) return render_template("auth/recovery.html", recovery_form=recovery_form)

2
templates/emails/transactional/invalid-totp-login.html
View File

@ -2,7 +2,7 @@
{% block content %} {% block content %}
{{ render_text("There has been an unsuccessful login attempt on your SimpleLogin account.") }} {{ render_text("There has been an unsuccessful login attempt on your SimpleLogin account.") }}
{{ render_text("An invalid TOTP code was provided <b>but the email and password were provided correctly.</b>") }} {{ render_text("An invalid " ~ type ~ " code was provided <b>but the email and password were provided correctly.</b>") }}
{{ render_text("This request was blocked. However, if this was <b>not</b> you, please <b>change your password immediately.</b>") }} {{ render_text("This request was blocked. However, if this was <b>not</b> you, please <b>change your password immediately.</b>") }}
{{ render_button("Change your password", URL ~ "/dashboard/setting#change_password") }} {{ render_button("Change your password", URL ~ "/dashboard/setting#change_password") }}

2
templates/emails/transactional/invalid-totp-login.txt
View File

@ -1,5 +1,5 @@
There has been an unsuccessful login attempt on your SimpleLogin account. There has been an unsuccessful login attempt on your SimpleLogin account.
An invalid TOTP code was provided but the email and password were provided correctly. An invalid {{type}} code was provided but the email and password were provided correctly.
This request was blocked. However, if this was not you, please change your password immediately. This request was blocked. However, if this was not you, please change your password immediately.
{{URL}}/dashboard/setting#change_password {{URL}}/dashboard/setting#change_password