Mirror/app-MAIL-temp
1
0
Fork 0
mirror of https://github.com/simple-login/app.git synced 2024-11-10 21:27:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,821 Commits 60 Branches 231 Tags 22 MiB
3afc90d3fb
Commit Graph

189 Commits

Author SHA1 Message Date
Carlos Quintana
2f9489fe39
Only allow relative redirects 2022-02-15 15:16:31 +01:00
george
50122da0fe
Implement API notifications and use a function in email_utils 2022-01-20 17:42:11 +00:00
george
42407a0543
Send the email after the local error. 2022-01-20 16:44:15 +00:00
george
f7f91afc1e
Send a notification email for invalid recovery codes. 2022-01-20 16:41:42 +00:00
george
6d736aa915
Implement rate limiting with send_email_with_rate_control. 2022-01-20 15:05:18 +00:00
george
0eb2984b9c
Add invalid TOTP login email notifications. 2022-01-20 14:18:47 +00:00
Son
733a9c42b0 delete activation code before sending email to avoid any delay 2021-12-29 10:26:42 +01:00
Son
abc074ea9b make sure password can't be longer than 100 chars 2021-11-16 19:41:05 +01:00
Son
0fbd351bed handle the referral url that has ?slref=code part 2021-10-25 15:02:02 +02:00
Son
372466ab06 do not use flask-sqlalchemy 
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
 2021-10-12 14:36:47 +02:00
Son
5d7e10f776 make sure when user changes password, log user out on other browsers 2021-10-11 11:30:41 +02:00
Son Nguyen Kim
5ac78f2694 reformat 2021-09-08 11:29:55 +02:00
Son Nguyen Kim
cc650f9fae remove unused import 2021-07-12 18:56:43 +02:00
Son Nguyen Kim
99599bb09f make sure user needs to go through MFA when resetting password 2021-07-12 18:56:09 +02:00
Son NK
09d00df363 reformat imports 2021-06-27 17:50:36 +02:00
Son NK
f3b04b9d81 add more logging 2021-04-16 18:37:16 +02:00
Son NK
b476e207fa take into account ?next param in login 2021-01-27 10:11:48 +01:00
Son NK
e9adb3270d use sanitize_email instead of .lower().strip().replace(" ", "") 2021-01-11 12:29:40 +01:00
Son NK
ef7fae32b1 remove the "Hi {name}" from email template 2021-01-11 10:23:34 +01:00
Renaud Boyer
c09b6ef675 linting 2020-12-06 22:08:35 +01:00
Renaud Boyer
1c73f07d18 linting 2020-12-06 22:08:05 +01:00
Son NK
0a4fc76b61 optimize import 2020-10-15 16:45:28 +02:00
Son NK
90163220cf rename email_domain_can_be_used_as_mailbox -> email_can_be_used_as_mailbox 2020-10-15 16:05:47 +02:00
Son NK
7e425c0338 disable login if user is disabled 2020-10-04 12:49:43 +02:00
Son NK
fdedc24358 black new version 2020-08-27 10:20:48 +02:00
Son NK
b7cbaa6e84 delete the expired ChangeEmail object 2020-08-13 10:59:39 +02:00
Son NK
b395c2ebd0 use warning log for FIDO error 2020-08-12 12:48:51 +02:00
Son NK
efe1ab641f add hCaptcha check 2020-07-23 12:43:55 +02:00
Son NK
6437ee46e0 use LOG.exception instead of LOG.error to provide stacktrace 2020-07-17 12:59:07 +02:00
Son NK
c41bffbbae refactor: use SESSION_COOKIE_NAME instead of hardcoding "slapp" 2020-06-28 21:17:18 +02:00
Son NK
4ee38823b8 make sure to strip and lower email 2020-06-11 23:35:24 +02:00
Son NK
fa06c5cd4b make sure user cannot reuse the old password 2020-05-30 19:50:33 +02:00
Sibren Vasse
31a1f94a5f Implement rate limiting 2020-05-25 11:39:33 +02:00
Sibren Vasse
3c7e03f83d Add remember option to FIDO mfa path 2020-05-24 19:23:16 +02:00
Sibren Vasse
097ac771b0 Prevent OTP replay attacks by invalidating last token 2020-05-24 19:23:16 +02:00
Sibren Vasse
35bb1645a3 Allow user to disable mfa for browser for 30 days 2020-05-24 19:23:16 +02:00
Sibren Vasse
8c946d7026 Remove token when submitted value is incorrect 2020-05-24 19:23:16 +02:00
Son Nguyen Kim
eb60028b1f
Merge pull request #199 from developStorm/webauthn-multiple-keys 
Support Multiple Keys for WebAuthn
 2020-05-24 18:56:42 +02:00
Son NK
93d972df09 make sure to use lowercase for alias email 2020-05-20 18:12:14 +02:00
devStorm
7bd97e13b0
fido_model -> fidos 2020-05-18 13:55:38 -07:00
devStorm
ea914e0378
Rename FIDO->Fido 2020-05-18 13:54:05 -07:00
devStorm
35f0c094fe
black 2020-05-18 01:04:45 -07:00
devStorm
419aa95f1f
more verify 2020-05-18 01:02:58 -07:00
devStorm
ec91d280bb
Verify 2020-05-18 00:08:06 -07:00
Son NK
87d52216cb reformat 2020-05-17 10:35:11 +02:00
Son NK
20e66edbaa fix redirection to next page 2020-05-17 10:28:00 +02:00
Son NK
2e208ed505 display recovery code options on mfa and fido page 2020-05-17 10:27:20 +02:00
Son NK
da4e0bf384 create /auth/recovery page 2020-05-17 10:17:52 +02:00
Son NK
7ed77a66b2 format 2020-05-15 23:18:42 +02:00
Son NK
2978bfb281 Fix user cannot change personal email back and better naming. 
Happens when user
- changes their personal email
- wants to change back: they can't as this email is already used as mailbox
 2020-05-15 23:18:30 +02:00
devStorm
a9967c9a4d
Auto activate WebAuthn authentication 2020-05-11 19:17:51 -07:00
Son NK
cde8452e5b Fix Google oauth_state KeyError 2020-05-10 11:34:32 +02:00
Son NK
b95b758692 Optimize imports 2020-05-09 20:49:38 +02:00
devStorm
d236f906ad
🐛 WebAuthn bug fixes 
- User may not have name
- user_verification should be discouraged to work on iOS
 2020-05-08 14:21:38 -07:00
Son NK
ccb30a2def disable sign-up via social login 2020-05-07 22:01:14 +02:00
Son NK
18d62a81d1 add User.can_use_fido 2020-05-07 17:56:25 +02:00
Son NK
84c529c867 optimize import 2020-05-07 17:49:29 +02:00
Son NK
fe1262686e black format 2020-05-07 17:48:44 +02:00
devStorm
2290a90b09
Use try-else 9b8340f3e0 (r421465450) 2020-05-07 05:41:34 -07:00
devStorm
b0c39635a5
Remove credential_id variable 2020-05-07 05:37:03 -07:00
devStorm
e4895b52a0
fix SITE_URL 2020-05-07 05:34:17 -07:00
devStorm
f7e3320242
model - fido_enabled 2020-05-07 05:32:52 -07:00
devStorm
9b8340f3e0
Black formatted 2020-05-07 02:53:28 -07:00
devStorm
0052dad13e
Do not show full error msg to user 2020-05-07 02:48:56 -07:00
devStorm
282cbe25a3
Calculate RP_ID in config 2020-05-07 02:39:30 -07:00
devStorm
3ab3f819b7
Make RP_ID a constant 2020-05-07 02:33:24 -07:00
devStorm
b8b1313db9
typo 'infomation' 2020-05-07 02:31:42 -07:00
devStorm
ced02a8f20
remove debug code 2020-05-05 14:26:26 -07:00
devStorm
fc001cfc24
fix exception handling 2020-05-05 14:13:01 -07:00
devStorm
9da6054ec0
Allow to use either OTP or FIDO for 2FA 2020-05-05 05:16:33 -07:00
devStorm
650d6e35f0
FIDO login middleware 2020-05-05 05:03:29 -07:00
devStorm
286b1143ca
Store sign count 2020-05-05 03:16:52 -07:00
Son NK
96366ddcfa Deprecate social login, prettify some pages 2020-04-27 23:08:21 +02:00
Son NK
a069fe7b6a do not return error when user doesn't exist on forgot_password 2020-04-27 22:57:55 +02:00
Son NK
26a094469b remove logout.html 2020-04-27 22:56:44 +02:00
Son NK
ca6350cc27 optimize import in all files 2020-04-25 13:49:39 +02:00
Son NK
6a67f7946f fix facebook might not return email 2020-04-24 09:17:21 +02:00
Son NK
3c9e6fc991 make sure to strip and lower email in input 2020-04-15 21:12:45 +02:00
Son NK
8fc88b8253 Set referral when creating User 2020-04-09 22:22:26 +02:00
Son NK
b8093aefa3 Handle invalid email when user signs up 2020-03-21 11:11:52 +01:00
Son NK
abd2278c24 make sure to set File.user_id 2020-03-20 09:52:00 +01:00
Son NK
cb3ea63066 show error if no such email exists from Github 2020-03-05 16:46:02 +01:00
Son NK
90dc05725a use github email that is "verified" and "primary" 2020-03-05 16:45:49 +01:00
Son NK
ca70d26285 black format 2020-03-05 11:00:58 +01:00
Son NK
a0372a15de fix github email can contain uppercase char 2020-03-05 10:58:58 +01:00
Son NK
16718806ba fix 2020-02-27 22:57:37 +07:00
Son NK
87b6df9408 save which social network user uses in SocialAuth table 2020-02-27 22:16:12 +07:00
Son NK
5f9ad01849 take into account the case an email is primary but not verified on github 2020-02-19 23:56:07 +07:00
Son NK
821372fdfd add email_already_used() and use it when creating user 2020-02-10 23:16:30 +07:00
Son NK
01abc48f62 add trial information into welcome email 2020-01-30 13:54:33 +07:00
Son NK
e810c99970 fix formatting 2020-01-30 00:18:31 +07:00
Son NK
48edb85fc9 Fix email case on register 2020-01-30 00:16:04 +07:00
Son NK
f76bdd8fe6 set DISABLE_REGISTRATION param to disable registration 2020-01-28 11:50:25 +07:00
Son NK
99ffd6149d use can_be_used_as_personal_email when user registers or change emails 2020-01-26 19:51:43 +07:00
Son NK
bdf75951f1 support ALIAS_DOMAINS 
- use verify_prefix_suffix() in /api/alias/custom/new
-
 2020-01-22 10:24:17 +01:00
Son NK
356b95ef80 fix formatting 2020-01-11 22:28:06 +01:00
Son NK
8c9512e61e do not ask for user name when register 2020-01-11 22:26:59 +01:00
Son NK
d6aa6e7b94 Make sure to user lowercase for user email 2020-01-04 10:24:01 +01:00
Son NK
837ab8258e redirect to login page instead 2020-01-03 23:50:34 +01:00
Son NK
4208ba379f Fix user could go to MFA page directly 2020-01-03 23:42:35 +01:00