Adrià Casajús
3a75686898
Generate a web session from an api key ( #1224 )
...
* Create a token to exchange for a cookie
* Added Route to exchange token for cookie
* add missing migration
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-10 18:48:32 +02:00
Adrià Casajús
25fde11a86
Refactor alias suffix ( #1194 )
...
* Extract suffix generation and validation to a module
* Updated tests
* Make custom alias use signed suffixes
* Added the signature check to the module
* Fix invalid route
* Move more suffix related stuff
* Fix tests
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-27 17:40:22 +02:00
Adrià Casajús
06c1c7f2f7
Restrict the number of free alias for new free users ( #1155 )
...
* Restrict the number of free alias for new free users
* Fix test
* Make flag reverse
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-20 11:09:22 +02:00
Adrià Casajús
67be5ba050
Enforce int params in routes ( #1159 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-15 17:10:00 +02:00
Adrià Casajús
aabcc8e72a
Feature: Add delete account route for the api ( #1132 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-02 16:45:58 +02:00
Adrià Casajús
aac493ad2f
Update docs and error message for sudo route ( #1117 )
...
* Update docs and error message for sudo route
* Fix
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-28 14:40:06 +02:00
Adrià Casajús
de31e6d072
Allow to set sudo mode for api requests ( #1108 )
...
* Allow to set sudo mode for api requests
* Rebase migration on top of master
* PR comments
* Added missing migration
* Removed unused import
* Apply suggestions from code review
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-23 14:26:36 +02:00
Son Nguyen Kim
83d58c7bca
handle case empty latest_receipt_info ( #1081 )
2022-06-13 12:42:56 +02:00
Son Nguyen Kim
0afd414a66
use responseBody.Latest_receipt_info and not responseBody.Receipt.In_app ( #1066 )
...
https://developer.apple.com/documentation/appstorereceipts/responsebody/receipt/in_app
2022-06-10 15:50:09 +02:00
Adrià Casajús
5dde39eb37
Prevent free users from creating reverse-alias
2022-05-12 13:20:05 +02:00
Son
a2c477a816
support "enabled" param in /api/v2/aliases
2022-04-28 17:24:35 +02:00
Son
7b7cb0b571
prevent disabled user from using the api
2022-04-27 16:24:38 +02:00
Son
58b332b7bc
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
Son
debed67c68
return whether a domain is custom or primary in GET /api/v5/alias/options
2022-04-14 17:28:40 +02:00
Adrià Casajús
2b149747f5
Also track login and register events from the api routes
2022-04-11 16:11:01 +02:00
Son Nguyen Kim
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
...
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
Adrià Casajús
b15facb6e4
Use secrets instead of random
2022-03-29 18:40:52 +02:00
Adrià Casajús
c5b0f5304e
Format
2022-03-29 18:18:11 +02:00
Adrià Casajús
d6df5e0ea0
Add limiters to auth routes
2022-03-29 18:14:13 +02:00
Son
9dc7cff87f
add rate limiting for /auth/mfa
2022-03-21 14:23:35 +01:00
Son
a662ef4aee
remove g.deduct_limit in api auth endpoint
2022-03-21 14:23:20 +01:00
Son
4faf0d7636
optimize dashboard page: load custom domain using joinedload() instead of explicit join
2022-02-26 17:34:53 +01:00
Son
7da06ba424
return 422 if account not activated
2022-02-22 22:12:36 +01:00
Son
5b62f5a745
add rate limit to /auth/register
2022-02-07 18:45:41 +01:00
Son
4d1c4cfdff
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:49 +01:00
Son Nguyen Kim
89a800eed9
Merge pull request #753 from FozzieHi/totp-invalid-login-email
...
Invalid TOTP and recovery code email notifications
2022-01-24 18:35:52 +01:00
Son
5b7949f346
return title in /api/notifications
2022-01-24 15:20:59 +01:00
george
50122da0fe
Implement API notifications and use a function in email_utils
2022-01-20 17:42:11 +00:00
Son
b929dc5462
check if alias is not none
2022-01-18 09:40:50 +01:00
Son
0806f9243e
return custom domain json in patch
2022-01-16 17:26:11 +01:00
Son
6cd8e45d21
return the default sender format (AT) in case user uses a non-supported sender format
2022-01-12 10:19:25 +01:00
Son
a0727435eb
use warning level
2022-01-09 20:13:41 +01:00
Son
1bdae7fbe8
handle CannotCreateContactForReverseAlias when user creates a new contact
2022-01-07 10:47:36 +01:00
Son
9ff323c746
make sure to set custom_domain_id when creating a new alias
2022-01-06 15:29:37 +01:00
Son
b7e8324e5a
move get_custom_domain() to alias_utils
2022-01-06 15:20:09 +01:00
Son
4d8c89105f
GET /api/phone/reservations/:reservation_id
2022-01-04 16:22:41 +01:00
Son
61226545c2
handle the 2 consecutive dots in alias
2021-12-31 11:15:24 +01:00
Son
a6f5b755aa
set apple_sub.product_id
2021-12-30 16:20:31 +01:00
Son
30ba566457
take into account _MACAPP_MONTHLY_PRODUCT_ID in verify_receipt
2021-12-30 16:15:33 +01:00
Son
f439e39580
cache smtp server and remove POSTFIX_PORT_FORWARD
2021-12-29 16:26:37 +01:00
Son
a270c72d60
add random_alias_suffix to settings api
2021-12-28 15:24:58 +01:00
Son
eec2880c41
fix case signed_suffix is None
2021-12-15 17:12:27 +01:00
Son
226ce9333c
return error if invalid alias address
2021-12-02 16:17:41 +01:00
Son
b5c2d9ee2a
fix custom domain not correctly set on /v2/alias/custom/new and /v3/alias/custom/new
2021-11-22 16:20:50 +01:00
Son
b2c31ef658
fix the pagination error display
2021-11-19 18:30:36 +01:00
Son
fdfa286d3e
allow contact email to be case sensitive
2021-11-18 16:44:04 +01:00
Son
67377a0f22
do not show subdomains on the domain page
2021-11-17 11:52:33 +01:00
Son
6eb702870c
handle the case alias is in trash
2021-11-17 10:56:43 +01:00
Son
abc074ea9b
make sure password can't be longer than 100 chars
2021-11-16 19:41:05 +01:00
Son
416eafaeb9
use the first alias suffix when creating a new random alias
2021-11-12 11:04:00 +01:00