f367acbeaf
Add next bill date on admin UI ( #1154 )
...
* add subscription next bill date on admin
* small refactor: remove unused param
2022-07-12 18:17:39 +02:00
f75bdd006a
Fix: Allow internal link independent of enable log in with proton ( #1151 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-11 09:41:20 +02:00
82d0f44cab
Fix: Check if required session headers exist ( #1145 )
...
* Check session keys exist
* Update message
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-05 22:26:48 +02:00
494005eaa5
Fix: Add weird encodings to the list ( #1146 )
...
(cherry picked from commit cfed4061e7bf3e34c52518b905065055acb8858e)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-05 12:19:14 +02:00
38d305da23
Bypass 2FA if Login with Proton ( #1142 )
...
* Bypass 2FA if Login with Proton
* Fix formatting of template
2022-07-04 16:24:49 +02:00
c2bb6488e4
Allow to login with proton to enter sudo mode ( #1141 )
...
* Allow to login with proton to enter sudo mode
* Updated wording
* lint
* Only enabled if the user has the account linked
* Add exit-sudo route for tests
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-04 16:09:36 +02:00
e2f9ea4ae1
Capture exception on Login with Proton ( #1140 )
2022-07-04 15:40:17 +02:00
6d86e64d65
show msg on /internal/integrations/proton ( #1139 )
...
* show msg on /internal/integrations/proton
* highlight the connect with Proton section
* djlint
2022-07-04 15:39:12 +02:00
38c9138cdb
Fix: When logging with parter create accounts with lowercase emails ( #1137 )
...
* Fix: When logging with parter create accounts with lowercase emails
* Sanitize emails instead of just lowercase them
* linting
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-04 11:51:43 +02:00
66a2152ea3
Compute Proton metrics ( #1135 )
...
* compute nb_proton_premium
* compute nb_proton_user
2022-07-04 11:40:29 +02:00
02b39f98b7
fix cron job ( #1134 )
2022-07-04 11:05:42 +02:00
8799691f99
allow admin to disable spoofing check on an alias ( #1133 )
2022-07-04 11:05:13 +02:00
aabcc8e72a
Feature: Add delete account route for the api ( #1132 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-02 16:45:58 +02:00
88dd07e48d
Feature: Use new job status to retry killed jobs ( #1130 )
...
* Feature: Use new job status to retry killed jobs
* Set attermpts and time via config
* Update timing condition
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-01 11:14:53 +02:00
8b89a428e0
Fix: clear next in the session before triggering a login ( #1129 )
...
* Fix: clear next in the session before triggering a login
* Format
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-30 15:41:50 +02:00
21feced342
Refactor unsubscribe handling ( #1090 )
...
* Refactor unsubscribe email handling
* MR comments
* Moved all unsub logic to the encoder
* remove unused
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-30 11:40:01 +02:00
d06470a3c6
Activate users created with account link ( #1124 )
2022-06-29 16:55:20 +02:00
9abb8aa47f
Validate user uploaded image ( #1123 )
...
* Validate user uploaded image
* Fix test/data path detection
2022-06-29 15:04:55 +02:00
f6a7ee981a
do not send double subscription email ( #1118 )
...
* do not send double subscription email
* remove unused import
* remove unused test
2022-06-28 17:51:44 +02:00
75c710a6ab
small refactoring ( #1120 )
2022-06-28 17:21:23 +02:00
aac493ad2f
Update docs and error message for sudo route ( #1117 )
...
* Update docs and error message for sudo route
* Fix
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-28 14:40:06 +02:00
07b7f40371
Fix prompt user to upgrade to proton account ( #1116 )
2022-06-28 12:36:21 +02:00
89062edc06
show cancel status in "Current plan" section ( #1114 )
...
* show cancel status in "Current plan" section
* do not show upgrade button for canceled paddle sub
2022-06-28 11:58:04 +02:00
dd0598a4dd
Send welcome email when user created by login with proton ( #1115 )
...
* Send welcome email when user created by login with proton
* Add dedicated test to user.created_by_partner
2022-06-28 11:57:21 +02:00
5fa41d6ccf
Add state management to job ( #1113 )
...
* Add state management to job
* Add migration
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-28 09:22:48 +02:00
686f4f3f68
Always check redirect_uri for oauth ( #1111 )
...
* Always check redirect_uri for oauth
* Fix OAuth tests
2022-06-27 13:20:18 +02:00
f58c4a9a50
Show premium subscription managed by partner ( #1112 )
2022-06-27 13:17:30 +02:00
de31e6d072
Allow to set sudo mode for api requests ( #1108 )
...
* Allow to set sudo mode for api requests
* Rebase migration on top of master
* PR comments
* Added missing migration
* Removed unused import
* Apply suggestions from code review
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-23 14:26:36 +02:00
9cc9d38dce
Propose upgrade proton account for proton partner users without paid mail plan ( #1106 )
...
* Propose upgrade proton account for proton partner users without paid mail plan
* Reformat js
* Initial display via jinja
* tweak ui: add a ---OR--- separator
* use collapse to show SL upgrade option
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son <nguyenkims@users.noreply.github.com>
2022-06-23 12:26:02 +02:00
09cec0cdec
allow to hide some public domains and set their order ( #1107 )
2022-06-22 18:21:19 +02:00
99ce10a1bc
Send email to users with a subscription and a partner plan upgrade ( #1101 )
...
* Send email to users with a subscription and a partner plan upgrade
* Update double-subscription-partner.html
* Update double-subscription-partner.txt.jinja2
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son Nguyen Kim <nguyenkims@users.noreply.github.com>
2022-06-20 14:34:20 +02:00
fbb59a1531
Send welcome mail to proton created users ( #1099 )
...
* Send welcome mail to proton created users
* Skip import
* Use new logo
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-20 11:36:16 +02:00
5ee5e386e5
Allow to create users from partner ( #1095 )
...
* Allow to create users from partner
* Fix tests
* Update tests/test_account_linking.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
* Fix lint
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-06-16 10:25:50 +02:00
ba6c5f93ac
Add extension_redirect endpoint ( #1093 )
...
* Add extension_redirect endpoint
* Add test for extension_redirect
2022-06-16 09:56:00 +02:00
332fcb27d9
Fix double backslash open redirect ( #1096 )
2022-06-16 09:55:08 +02:00
58990ec762
Hide proton integration behind cookie ( #1092 )
...
* Hide proton integration behind cookie
* Make cookie name configurable via config
2022-06-15 15:42:41 +02:00
3b47e79fae
Emit events on proton actions ( #1089 )
...
* Emit events on proton actions
* Update app/account_linking.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
* Update app/account_linking.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-06-15 08:24:11 +02:00
cf5ff6fa23
Allow extra headers on proton connection ( #1087 )
2022-06-14 10:29:18 +02:00
39aeb81f9a
add dkim signature for export data email ( #1083 )
...
* add dkim signature for export data email
* fix
2022-06-14 10:08:04 +02:00
83d58c7bca
handle case empty latest_receipt_info ( #1081 )
2022-06-13 12:42:56 +02:00
efa534fd3e
Store transfer tokens hashed in the db and only allow them to be valid for 24 hours ( #1080 )
...
* Store transfer tokens hashed in the db and only allow them to be valid for 30 mins
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-13 12:41:47 +02:00
56ec95bc93
Fix proton integration issues ( #1071 )
...
* Fix proton integration issues
* Make external_user_id non nullable
* Fix tests
2022-06-10 16:21:56 +02:00
a0a92a7562
require user password before transferring an alias ( #1070 )
2022-06-10 15:50:44 +02:00
0afd414a66
use responseBody.Latest_receipt_info and not responseBody.Receipt.In_app ( #1066 )
...
https://developer.apple.com/documentation/appstorereceipts/responsebody/receipt/in_app
2022-06-10 15:50:09 +02:00
a9a44c378a
Do not report complaints for deleted aliases ( #1067 )
...
* Do not report complaints for deleted aliases
* revert reorder
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-10 15:44:59 +02:00
c0fe10def6
Raise proper exception on account already linked error ( #1069 )
...
* Raise proper exception on account already linked error
* Update app/account_linking.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
* Fix FMT
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-06-10 12:23:04 +02:00
c0a4c44e94
Separate code for proton callback handler ( #1040 )
...
* Separate code for proton callback handler
* Upgrade migration
* Use simple_login endpoint from Proton API
* Remove unused classes
* Rename Dto class to Data
* Push rename
* Moved link to PartnerUser to allow subscriptions to depend only on it
* Fix test
* PR comments
* Add unique user_id constraint to PartnerUser
* Added more logs
* Added more logs
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-09 10:19:49 +02:00
faf67ff338
Add missing rate limits ( #1065 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-08 17:36:03 +02:00
9cf2f44166
only allow to copy the api key when it is created ( #1059 )
...
* show api key created time
* only allow user to copy the api key when it is created
* typo
2022-06-08 10:31:58 +02:00
e688f04d6b
Send full user report asynchronously on request ( #1029 )
...
* Send full user report asynchronously
* Fix test
* Filter some fields before exporting
* Fix: Domain -> CustomDomain
* format settings html
* not include RefusedEmail as they are not usable by user and are automatically deleted
* send the export to the user email
* change email and setting wording
* fix user can only export data once
* remove alias export section
* remove unused import
* fix flake8
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son <nguyenkims@users.noreply.github.com>
2022-06-07 10:45:04 +02:00
dba56f0dae
Store hmaced partner api tokens ( #1028 )
...
* Store hmaced partner api tokens
* MR comments
2022-06-02 11:24:04 +02:00
7ba9bcb9e2
Save unsent emails to disk to be resent later ( #1022 )
...
* Initial save to disk
* Store unsent messages to disk so they can be retried later
* Set back not sending emails
* Fixed decorator
* Add general exceptions to the catchall
* Have dummy server just to make sure
* Added several server test cases
* ADded tests for bounced and error status
* Moved dir creation to config parse time
* Set LOG.e
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-05-30 11:52:10 +02:00
f14e003a38
Merge pull request #1021 from simple-login/ac-verp-unpack
...
Fix: check if verp return is None before unpack
2022-05-24 08:11:23 +02:00
2b8f7139b8
Fix: check if verp return is None before unpack
2022-05-24 07:54:07 +02:00
687b51be0f
Merge pull request #1019 from simple-login/feature/proton-callback-receive-partner_id-as-param
...
Receive partner as param in ProtonCallbackHandler
2022-05-23 16:49:34 +02:00
5ab943e12c
Remove get_proton_partner_id function
2022-05-23 16:43:06 +02:00
8c6c144ba2
Fix global Partner instance
2022-05-23 16:38:50 +02:00
0064729ca7
Update app/proton/proton_callback_handler.py
...
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-05-23 16:22:23 +02:00
ed9d2ed816
Receive partner as param in ProtonCallbackHandler
2022-05-23 16:11:58 +02:00
b26d04e82c
Merge pull request #1017 from simple-login/remove-flask-sqlalchemy
...
remove flask-sqlalchemy and upgrade sqlalchemy from 1.3.19 to 1.3.24
2022-05-23 15:26:03 +02:00
631254a1cd
redirect user to dashboard instead of the account activation page for now
2022-05-23 14:44:24 +02:00
3897d723ea
remove flask-sqlalchemy and upgrade sqlalchemy from 1.3.19 to 1.3.24
2022-05-23 14:41:06 +02:00
e5f23e3517
make sure to only send test emails to user's alias
2022-05-20 18:15:54 +02:00
0f9232eeeb
improve wording
2022-05-20 18:05:05 +02:00
9ba5464bc9
allow to create reverse alias for NOREPLY
2022-05-20 17:59:41 +02:00
a90e880b24
Merge pull request #1010 from simple-login/fix-upgrade
...
do not show upgrade button for lifetime user
2022-05-20 15:16:38 +02:00
c87e503701
Merge pull request #1004 from simple-login/feature/add-new-page-for-account-activated
...
Add new page for account activated
2022-05-20 15:16:21 +02:00
afb7f5ef42
Simplify redirect condition on account_activated
2022-05-20 11:50:50 +02:00
521f6b5822
Update app/onboarding/views/account_activated.py
...
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-05-20 11:44:49 +02:00
a7d419eec3
do not show upgrade button for lifetime user
2022-05-20 11:00:11 +02:00
f7e27ce0da
Add login_required to the account_activated page
2022-05-20 10:52:46 +02:00
893520c361
Add edge to the browser detection process
2022-05-20 09:46:52 +02:00
a1f37f0841
Detect mobile device and redirect them to dashboard
2022-05-20 09:40:03 +02:00
e5770de329
Add account_activated page prompting user to install the extension
2022-05-20 09:40:03 +02:00
0e3be23acc
Merge pull request #997 from simple-login/feature/adapt-extension-setup
...
Adapt extension setup
2022-05-20 09:01:35 +02:00
7ce4aa6e96
Code quality
2022-05-20 08:58:02 +02:00
39b5fa50d8
Use is_authenticated
2022-05-20 08:48:01 +02:00
3330625426
Allow mailer to keep in mem mails to validate tests
2022-05-19 12:27:06 +02:00
b4da667a5e
Add TODO for removing the cookie on extension onboarding
2022-05-19 11:49:13 +02:00
e6acff13e5
Send extension setup message if user is logged in
2022-05-19 11:47:22 +02:00
88c60f5387
Allow '7-bit' encoding for Content-Transfer-Encoding
2022-05-18 09:56:30 +02:00
8ac87217d2
Adapt extension setup
2022-05-17 12:22:38 +02:00
41c6e8fd79
add quote
2022-05-16 19:23:24 +02:00
e61bf038be
allow to use a different from for send_email()
2022-05-16 19:17:56 +02:00
2adcbf52be
Merge pull request #963 from simple-login/ac-complaints
...
Handle complaints that have multiple recipients
2022-05-16 10:30:14 +02:00
0da2fd94f1
Set header as a constant
2022-05-16 10:16:42 +02:00
d86a7877a8
Merge pull request #994 from simple-login/remove-admin-notif
...
no need to notify admin when someone uses a coupon
2022-05-16 10:09:21 +02:00
f0263b812e
Merge pull request #986 from simple-login/feature/add-extension-onboarding-pages
...
Add extension onboarding pages
2022-05-16 09:12:52 +02:00
5fc8245b8b
Remove link to support from test email
2022-05-16 08:27:23 +02:00
54e78786b0
no need to notify admin when someone uses a coupon
2022-05-15 19:57:45 +02:00
3578c61366
Use header
2022-05-13 19:18:20 +02:00
64c67f4429
PR comments
2022-05-13 18:14:21 +02:00
34ad81c7c0
Merge pull request #921 from simple-login/ac-free-no-reverse-alias
...
Prevent free users from creating reverse-alias
2022-05-13 17:13:48 +02:00
2e62a9f00c
Remove support email from test email
2022-05-13 12:16:55 +02:00
bef71b7be3
Update contact instructions on test_email
2022-05-13 10:55:13 +02:00
933237e73b
Implement "Send me an email" button on final extension onboarding
2022-05-13 08:53:31 +02:00
710f4d0709
Start adding extension onboarding pages
2022-05-13 08:21:35 +02:00
52cd9d2692
Simplify condition
2022-05-12 19:02:06 +02:00
75dd20ebcc
Fix condition
2022-05-12 19:01:04 +02:00
0c896100a4
Update html
2022-05-12 18:46:42 +02:00
bfb1ae6371
PR comments
2022-05-12 18:42:16 +02:00
39b035a123
Added docs
2022-05-12 18:36:12 +02:00
9066116b7e
Simplified method
2022-05-12 18:33:13 +02:00
4d07bc9d31
Moved global flag to config
2022-05-12 18:30:46 +02:00
caff70ea38
Set global config to enable/disable feature
2022-05-12 16:35:51 +02:00
975eacc969
Remove config.SHA1 in favour of build_info.SHA1
2022-05-12 16:26:04 +02:00
9959848d74
Use python version file
2022-05-12 16:21:36 +02:00
c3792dc333
Obtain git information from version file
2022-05-12 16:11:20 +02:00
5dde39eb37
Prevent free users from creating reverse-alias
2022-05-12 13:20:05 +02:00
d2fad44003
create a constant for paddle grace days
2022-05-11 19:03:27 +02:00
2573c68e82
use a grace period of 14 days for paddle subscription
2022-05-11 17:24:52 +02:00
e09d7a2b71
Fix open redirect
2022-05-11 14:50:37 +02:00
48554369bd
Get the mailbox if possible from the email log
2022-05-10 23:34:57 +02:00
d2111d4768
Added doc comments
2022-05-10 18:26:56 +02:00
6c13f7de05
refactored to reduce duplicated codepaths
2022-05-10 18:23:14 +02:00
a2f141d3cc
Get recipient address from the complaint report when possible
2022-05-10 17:54:51 +02:00
44b0aba4f3
fix verp generation
2022-05-10 11:19:25 +02:00
5b60ef1e35
Preserve next_url in oauth login
2022-05-09 12:20:14 +02:00
7e00dfddc3
Merge pull request #954 from simple-login/fix-proton-login
...
allow the code to run without proton partner
2022-05-09 08:25:07 +02:00
c95bfb80a2
Add OAuth hook for checking the status code
2022-05-06 14:41:52 +02:00
b720dfc381
allow the code to run without proton partner
2022-05-05 15:05:39 +02:00
8d4683e59e
Add login with proton
2022-05-05 12:20:55 +02:00
c48247e852
Remove deprecated verp email validation
2022-05-04 16:17:51 +02:00
66c6db773f
Align db with models for the audit_log
2022-05-03 16:48:54 +02:00
6936d99779
Set default state for provider complaint
2022-05-03 14:16:04 +02:00
56159765d9
Rename
2022-05-02 11:53:32 +02:00
ba46ce5208
Format
2022-04-29 16:02:45 +02:00
baddc0fe67
Fix: sqlalchemy only suports str as server_default
2022-04-29 15:58:48 +02:00
e62022f032
Merge remote-tracking branch 'origin/master' into ac-store-contact-bounces
...
* origin/master: (29 commits)
PR comments
support "enabled" param in /api/v2/aliases
Update PGPy to 0.5.4 to allow for python 3.10
Also install libpq-dev
Fix python 3.10
Add methods to check if alias will be auto-created
PR comments
Allow sending messages in a background thread
Use the proper import for newrelic agent
not send emails to inform about an alias can't be created to disabled user
prevent disabled user from using the api
make sure disabled user can't create new alias
Put version version between " so it is 3.10 instead of 3.1
Add workflow for python 3.10
Remove it for all creds
Do not send the transports to the js part since we have not stored them previously
move help to menu on small screen
only show the help button on desktop
use another logo for mobile
add new parameter disabled in /GET /api/v2/aliases
...
2022-04-29 15:56:09 +02:00
cca709ed48
formatting
2022-04-29 15:50:52 +02:00
04399e827e
Merge pull request #940 from simple-login/ac-check-auto-create
...
Add methods to check if an alias will be auto-created
2022-04-29 12:05:18 +02:00
1f040fcebc
PR comments
2022-04-28 18:43:10 +02:00
a2c477a816
support "enabled" param in /api/v2/aliases
2022-04-28 17:24:35 +02:00
46646f4ee2
Merge pull request #932 from simple-login/ac-fix-webauthn-transport
...
Do not send the transports to the js part since we have not stored them previously
2022-04-28 16:53:00 +02:00
bb4207c3a1
Merge pull request #938 from simple-login/ac-fix-invalid-import
...
Use the proper import for newrelic agent
2022-04-28 16:52:09 +02:00
74b31eac66
PR comments
2022-04-28 15:24:45 +02:00
7fd9bdc5a7
PR comments
2022-04-28 15:23:52 +02:00
8e35a09788
Add methods to check if alias will be auto-created
2022-04-28 15:10:38 +02:00
f9a390c1a2
PR comments
2022-04-28 15:03:14 +02:00
9a04376894
Allow sending messages in a background thread
2022-04-28 14:43:24 +02:00
25c3626226
Use the proper import for newrelic agent
2022-04-28 13:02:45 +02:00
93ae82aa46
Merge pull request #936 from simple-login/disable-user-cannot-use-api
...
prevent disabled user from using the api
2022-04-28 12:13:14 +02:00
845b53b03f
not send emails to inform about an alias can't be created to disabled user
2022-04-28 12:10:40 +02:00
7b7cb0b571
prevent disabled user from using the api
2022-04-27 16:24:38 +02:00
eab7606f93
make sure disabled user can't create new alias
2022-04-27 16:06:54 +02:00
657cae53a6
Remove it for all creds
2022-04-26 18:44:57 +02:00
ff33380bed
Do not send the transports to the js part since we have not stored them previously
2022-04-26 18:41:12 +02:00
5208c549fa
Rename TransactionalComplaint to ProviderComplaint
2022-04-25 14:40:42 +02:00
58b332b7bc
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
fcd2ab6fed
Set data to non-nullable
2022-04-22 14:53:04 +02:00
89d94963d7
PR comments
2022-04-22 14:49:03 +02:00
5053d9f1f5
Merge pull request #918 from simple-login/handle-error-as-bytes
...
handle the AttributeError that can also be raised by as_bytes()
2022-04-22 10:51:55 +02:00
68ec159d91
catch all exception in to_bytes
2022-04-22 10:20:43 +02:00
2bcc22c391
Merge pull request #906 from simple-login/ac-hash-change
...
Support python>3.8 for verp emails and reduce size by truncating hmac and storing time in minutes since 2022-01-01
2022-04-22 10:11:31 +02:00
0f14c3e74e
Move some comments as docstrings
2022-04-21 15:25:06 +02:00
112b2c77c3
Add backwards compat with shake128 signed verp emails
2022-04-21 11:30:39 +02:00
0f7ccec51a
handle the AttributeError that can also be raised by as_bytes()
2022-04-21 11:28:11 +02:00
c573ef655e
Store bounces in the reply phase to prevent abuse
2022-04-21 11:23:58 +02:00
bddb5e500a
able to handle several noreply addresses
...
This prepares the change of noreply@simplelogin.co to noreply@simplelogin.io
2022-04-21 08:59:46 +02:00
af24876c71
Use sha3 and truncate to 8 bytes and store time in minutes starting at 2022-01-01
2022-04-20 20:46:35 +02:00
9b624edf11
Merge pull request #901 from simple-login/no-dot-in-reverse-alias
...
use _ instead of . in reverse alias
2022-04-19 18:24:37 +02:00
bad9202cf8
Calculate proper padding when decoding base32
2022-04-19 10:50:25 +02:00
259851a04e
Merge pull request #860 from acasajus/remove-softfail
...
Generate secure transactional emails from address
2022-04-19 09:28:47 +02:00
8dfdac79bf
use _ instead of . in reverse alias
...
to avoid AC_FROM_MANY_DOTS SpamAssassin rule
2022-04-15 17:34:29 +02:00
d28980a810
Format
2022-04-14 18:27:20 +02:00
4bcc728222
Merge remote-tracking branch 'origin/master' into remove-softfail
...
* origin/master: (34 commits)
fix flake8
add link to the anti phishing page
improve email wording
Move tests
Only send enum names
Only send enum name for events intead of the full class.enum
Also track login and register events from the api routes
typo
revert changes
Added fix for parts that are not messages
Add missing formatting place
Revert unwanted changes
Do not show an error if we receive an unsubscribe from a different address
Revert changes to pgp_utils
fix import
Send newrelic events on login and register
PR changes
format
Move dmarc management to its own file
ignore VERPTransactional
...
2022-04-14 18:25:03 +02:00
debed67c68
return whether a domain is custom or primary in GET /api/v5/alias/options
2022-04-14 17:28:40 +02:00
a957cbb3c0
fix flake8
2022-04-14 09:47:58 +02:00
1709de93ef
add link to the anti phishing page
2022-04-14 09:28:26 +02:00
95770de4d5
improve email wording
2022-04-14 09:23:49 +02:00
ca93c8e603
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase
...
* origin/master:
Only send enum name for events intead of the full class.enum
Also track login and register events from the api routes
typo
revert changes
Added fix for parts that are not messages
Add missing formatting place
Revert unwanted changes
Do not show an error if we receive an unsubscribe from a different address
Revert changes to pgp_utils
Send newrelic events on login and register
2022-04-12 12:48:46 +02:00
0f91effce9
Only send enum names
2022-04-12 09:34:05 +02:00
9928525cf9
Only send enum name for events intead of the full class.enum
2022-04-12 09:04:57 +02:00
7a0fd34823
Merge pull request #886 from simple-login/ac-fix-unauthorized-email
...
Do not assume all parts in multipart messages are processed as messages
2022-04-11 17:54:35 +02:00
2b149747f5
Also track login and register events from the api routes
2022-04-11 16:11:01 +02:00
8da4293305
typo
2022-04-11 16:04:28 +02:00
c16fd25b2e
Added fix for parts that are not messages
2022-04-11 15:52:31 +02:00
ae8824a356
Revert unwanted changes
2022-04-11 14:20:56 +02:00
7649f6b822
Do not show an error if we receive an unsubscribe from a different address
2022-04-11 14:19:32 +02:00
dc59b61fba
Revert changes to pgp_utils
2022-04-11 10:20:02 +02:00
f333bb00c5
fix import
2022-04-11 10:19:25 +02:00
60a070731e
Send newrelic events on login and register
2022-04-11 10:18:22 +02:00
7fdd7d7f6a
PR changes
2022-04-11 09:28:57 +02:00
0dbe504329
format
2022-04-08 14:23:59 +02:00
8df6d98522
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase
2022-04-08 11:34:12 +02:00
68e58c0876
Move dmarc management to its own file
2022-04-08 11:28:14 +02:00
b128d64563
Moved spamd check to a custom file and cached the result
2022-04-07 19:17:37 +02:00
0e3c46d944
Save original envelope for debugging
2022-04-06 17:31:46 +02:00
8ca1be0166
Apply dmarc policy to the reply phase
2022-04-06 12:51:04 +02:00
451e69a3c4
More rebase fixes
2022-03-30 16:09:17 +02:00
dce9e633bf
fix
2022-03-30 16:02:05 +02:00
db06ce0ae6
Create signed email addresses for VERP emails
2022-03-30 16:00:02 +02:00
67c2c6afad
add warning to email content when dmarc softfail
2022-03-30 19:48:07 +07:00
110f2f2f2c
Merge pull request #861 from acasajus/spf-dmarc-backscatter
...
Reduce backscatter by checking return-path domain SPF status
2022-03-30 19:44:39 +07:00
f7a98bc7d2
Merge pull request #862 from simple-login/ac/sanitize-next
...
Properly validate //host.com urls
2022-03-30 19:40:36 +07:00
83fc8964a8
PR comments
2022-03-30 09:53:35 +02:00
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
...
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
1555bc6346
fix test
2022-03-29 21:03:55 +02:00
19e87a7156
More random to secrets
2022-03-29 18:42:28 +02:00
b15facb6e4
Use secrets instead of random
2022-03-29 18:40:52 +02:00
97ef5ff765
Fix oauth redirect when clientid is invalid
2022-03-29 18:37:01 +02:00
a9e31cff26
Fix tests
2022-03-29 18:34:13 +02:00
c5b0f5304e
Format
2022-03-29 18:18:11 +02:00
d6df5e0ea0
Add limiters to auth routes
2022-03-29 18:14:13 +02:00
e91fd26964
Sanitized missing places
2022-03-29 18:03:18 +02:00
fe9161b101
Properly validate //host.com urls when redirecting after receiving a next param
2022-03-29 17:53:00 +02:00
085c166cb2
Replace 5XX with 2XX for return path that fail SPF check
2022-03-29 15:09:10 +02:00
7d36256b7c
Check return-path spf record before bouncing a message
2022-03-29 10:52:11 +02:00
0d7d56c0ea
send email when an email is put to quarantine
2022-03-25 18:02:17 +01:00
63b1100a8b
log event when there's no dmarc result
2022-03-25 16:19:11 +01:00
ce2d2a3b3a
fix case where header isn't string
2022-03-25 16:17:58 +01:00
32fd65b69b
add more log for alias transfer
2022-03-23 18:33:33 +01:00
3d30870395
Merge pull request #849 from acasajus/new/parse-rpamd-headers
...
Return 200 on fishy dmarc result
2022-03-22 17:36:45 +01:00
99b05034b0
Merge pull request #843 from acasajus/new/parse-rpamd-headers
...
Parse rspamd headers and apply dmarc policy if found.
2022-03-22 17:13:11 +01:00
517bcb632e
MR changes
2022-03-22 17:02:59 +01:00
5b3688b6df
set a domain for message-id
2022-03-22 11:02:02 +01:00
5f831d593a
CamelCase to snake_case
2022-03-21 17:59:43 +01:00
45459d65be
PR comments
2022-03-21 17:43:26 +01:00
f554375f23
decode, replace and encode for base64 encoding
2022-03-21 17:29:22 +01:00
1952f368a8
require password to use the api key page
2022-03-21 14:40:47 +01:00
9dc7cff87f
add rate limiting for /auth/mfa
2022-03-21 14:23:35 +01:00
a662ef4aee
remove g.deduct_limit in api auth endpoint
2022-03-21 14:23:20 +01:00
06a1363e92
Updated MR comments
2022-03-21 12:03:11 +01:00
cdea0f5ee2
Rename header
2022-03-21 10:43:19 +01:00
44dd06fabf
Added spoofed email test
2022-03-21 10:43:18 +01:00
c9cbaeb460
format
2022-03-21 10:43:17 +01:00
e8013f8e0c
Initial parse of rpamd extra headers
2022-03-21 10:43:17 +01:00
0931642d11
use 10.0.0.0 network instead of 240.0.0.0
2022-03-20 10:38:58 +01:00
fa2f83dbf4
fix and refactor
2022-03-16 10:24:59 +01:00
7e0992b767
add mime version header for transactional email
2022-03-14 19:23:38 +01:00
79154378f2
Merge pull request #836 from cquintana92/feature/allow-to-edit-manual-subscription
...
Allow to edit manual subscription
2022-03-14 18:07:07 +01:00
ed58e811d1
Allow to edit manual subscription
2022-03-14 16:47:30 +01:00
479a7420cb
Useful time format
2022-03-14 15:40:50 +01:00
b463ba8f41
Added filter
2022-03-14 15:33:09 +01:00
bf177ac5ba
Remove unused
2022-03-14 15:29:17 +01:00
9b16143e59
Show nicer admin logs
2022-03-14 15:28:53 +01:00
553d8976be
Added extend subscription log
2022-03-14 15:07:51 +01:00
549c6ec7d3
Comment changes
2022-03-11 11:37:14 +01:00
4368fd323f
Less changes
2022-03-10 18:13:33 +01:00
d0860cd54d
Merge remote-tracking branch 'origin/master' into new/admin-audit-trail
...
* origin/master: (35 commits)
reduce nb of commit
show "more" only when a notification has a title. Show either title or message. Use bold font when a notification isn't read
create a notification when an alias is disabled
mark a notification as read when user arrives on the notification page
Use plausible outbound link tracking
add more log
fix discover page
fix
fix "local variable 'alias_id' referenced before assignment"
make sure to close session in monitoring
use Date instead of date for header value
lessen alias automatic disable check
refactor
return the block reason in should_disable()
add adhoc upgrade on admin
add extend subscription for 1 month to admin
disable edition on admin
comment out some admin pages
fix migration
fix duplicated stats
...
2022-03-10 18:10:13 +01:00
733efc387c
Updated admin view
2022-03-10 17:49:30 +01:00
98c942d84a
Added admin log view
2022-03-10 17:32:35 +01:00
bc82bab1eb
Added alembic migration
2022-03-10 16:37:21 +01:00
1d15af53b7
Add an audit log for the admin panel
2022-03-10 16:13:31 +01:00
0e3a5c3d3c
mark a notification as read when user arrives on the notification page
2022-03-09 17:58:26 +01:00
6f80edfd64
fix discover page
2022-03-08 16:38:03 +01:00
a64a70cbc8
use Date instead of date for header value
2022-03-07 15:57:29 +01:00
350f498b94
lessen alias automatic disable check
2022-03-07 15:50:58 +01:00
71136669e9
return the block reason in should_disable()
2022-03-07 15:44:27 +01:00
f7ba3873d0
add adhoc upgrade on admin
2022-03-02 19:05:17 +01:00
Son Nguyen Kim
Adrià Casajús
Carlos Quintana
Adrià Casajús
Carlos Quintana
Carlos Quintana