5e48d86efa
Canonicalize emails from google and proton before registering users ( #1493 )
...
* Revert "Revert "Use canonical email when registering users (#1458 )" (#1474 )"
This reverts commit c8ab1c747e
2022-12-14 11:50:36 +01:00
c8ab1c747e
Revert "Use canonical email when registering users ( #1458 )" ( #1474 )
...
* Revert "Use canonical email when registering users (#1458 )"
This reverts commit f728b0175a
2022-12-08 10:57:46 +01:00
327b672f24
Set the user name on creation to the original email ( #1462 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-01 13:07:36 +01:00
0996378537
Revert "Keep the dirty email after registering ( #1459 )" ( #1460 )
...
This reverts commit 0664e3b80c
2022-12-01 09:19:15 +01:00
0664e3b80c
Keep the dirty email after registering ( #1459 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-30 18:38:48 +01:00
f728b0175a
Use canonical email when registering users ( #1458 )
...
* Use canonical email for registration, check both when checking if user exists
* Fix test
* Set pagesize to 100
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-30 17:19:55 +01:00
b849d1cfa7
Simpler csv export ( #1383 )
...
* Export alias in csv
* reformating
* template
* Improved contributing script and doc
* Updated test
* removed csv export from GDPR export archive
* added test for new route
* fix trailing space
* moved test to new utils file
2022-11-23 13:51:08 +01:00
02f42821c5
fix 21004 error ( #1380 )
2022-10-27 14:03:11 +02:00
7f9ce5641f
Feat: Added parallel limiter to prevent sqlalchemy transaction issues ( #1360 )
...
* Feat: Added parallel limiter to prevent sqlalchemy transaction issues
* Remove logs
* Moved initialization to its own file
* Throw exception
* Added test
* Add redis to gh actions
* Added v6 to the name
* Removed debug prints
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 10:07:02 +02:00
2f769b38ad
Apple in app fix ( #1369 )
...
* error log if issue with apple sub
* use the right secret when polling apple sub
2022-10-25 19:45:53 +02:00
b5aff490ef
Store session in redis if redis is enabled ( #1288 )
...
* Store sesions in redis to prevent saving old cookies
* Format
* Rename sid to session_id
* Logout session completely
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-21 11:11:17 +02:00
f69c9583fb
fix proton partner error when self host ( #1255 )
...
* fix proton partner error when self host
* fix test
* fix test
* remove a@b.c
2022-09-01 14:59:16 +02:00
7eb44a5947
Fixes for connect with proton on mobile ( #1230 )
...
* Fixes for connect with proton on mobile
* Added a test
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-12 13:17:21 +02:00
3a75686898
Generate a web session from an api key ( #1224 )
...
* Create a token to exchange for a cookie
* Added Route to exchange token for cookie
* add missing migration
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-10 18:48:32 +02:00
25fde11a86
Refactor alias suffix ( #1194 )
...
* Extract suffix generation and validation to a module
* Updated tests
* Make custom alias use signed suffixes
* Added the signature check to the module
* Fix invalid route
* Move more suffix related stuff
* Fix tests
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-27 17:40:22 +02:00
06c1c7f2f7
Restrict the number of free alias for new free users ( #1155 )
...
* Restrict the number of free alias for new free users
* Fix test
* Make flag reverse
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-20 11:09:22 +02:00
67be5ba050
Enforce int params in routes ( #1159 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-15 17:10:00 +02:00
aabcc8e72a
Feature: Add delete account route for the api ( #1132 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-02 16:45:58 +02:00
aac493ad2f
Update docs and error message for sudo route ( #1117 )
...
* Update docs and error message for sudo route
* Fix
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-28 14:40:06 +02:00
de31e6d072
Allow to set sudo mode for api requests ( #1108 )
...
* Allow to set sudo mode for api requests
* Rebase migration on top of master
* PR comments
* Added missing migration
* Removed unused import
* Apply suggestions from code review
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-23 14:26:36 +02:00
83d58c7bca
handle case empty latest_receipt_info ( #1081 )
2022-06-13 12:42:56 +02:00
0afd414a66
use responseBody.Latest_receipt_info and not responseBody.Receipt.In_app ( #1066 )
...
https://developer.apple.com/documentation/appstorereceipts/responsebody/receipt/in_app
2022-06-10 15:50:09 +02:00
5dde39eb37
Prevent free users from creating reverse-alias
2022-05-12 13:20:05 +02:00
a2c477a816
support "enabled" param in /api/v2/aliases
2022-04-28 17:24:35 +02:00
7b7cb0b571
prevent disabled user from using the api
2022-04-27 16:24:38 +02:00
58b332b7bc
add new parameter disabled in /GET /api/v2/aliases
2022-04-25 09:22:29 +02:00
debed67c68
return whether a domain is custom or primary in GET /api/v5/alias/options
2022-04-14 17:28:40 +02:00
2b149747f5
Also track login and register events from the api routes
2022-04-11 16:11:01 +02:00
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
...
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
b15facb6e4
Use secrets instead of random
2022-03-29 18:40:52 +02:00
c5b0f5304e
Format
2022-03-29 18:18:11 +02:00
d6df5e0ea0
Add limiters to auth routes
2022-03-29 18:14:13 +02:00
9dc7cff87f
add rate limiting for /auth/mfa
2022-03-21 14:23:35 +01:00
a662ef4aee
remove g.deduct_limit in api auth endpoint
2022-03-21 14:23:20 +01:00
4faf0d7636
optimize dashboard page: load custom domain using joinedload() instead of explicit join
2022-02-26 17:34:53 +01:00
7da06ba424
return 422 if account not activated
2022-02-22 22:12:36 +01:00
5b62f5a745
add rate limit to /auth/register
2022-02-07 18:45:41 +01:00
4d1c4cfdff
support pinned parameter in /api/v2/aliases
2022-02-03 11:16:49 +01:00
89a800eed9
Merge pull request #753 from FozzieHi/totp-invalid-login-email
...
Invalid TOTP and recovery code email notifications
2022-01-24 18:35:52 +01:00
5b7949f346
return title in /api/notifications
2022-01-24 15:20:59 +01:00
50122da0fe
Implement API notifications and use a function in email_utils
2022-01-20 17:42:11 +00:00
b929dc5462
check if alias is not none
2022-01-18 09:40:50 +01:00
0806f9243e
return custom domain json in patch
2022-01-16 17:26:11 +01:00
6cd8e45d21
return the default sender format (AT) in case user uses a non-supported sender format
2022-01-12 10:19:25 +01:00
a0727435eb
use warning level
2022-01-09 20:13:41 +01:00
1bdae7fbe8
handle CannotCreateContactForReverseAlias when user creates a new contact
2022-01-07 10:47:36 +01:00
9ff323c746
make sure to set custom_domain_id when creating a new alias
2022-01-06 15:29:37 +01:00
b7e8324e5a
move get_custom_domain() to alias_utils
2022-01-06 15:20:09 +01:00
4d8c89105f
GET /api/phone/reservations/:reservation_id
2022-01-04 16:22:41 +01:00
61226545c2
handle the 2 consecutive dots in alias
2021-12-31 11:15:24 +01:00
Adrià Casajús
Spitfireap
Son Nguyen Kim
Carlos Quintana
Adrià Casajús
george