Commit graph

160 commits

Author SHA1 Message Date
Adrià Casajús
82d0f44cab
Fix: Check if required session headers exist (#1145)
* Check session keys exist

* Update message

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-05 22:26:48 +02:00
Carlos Quintana
38d305da23
Bypass 2FA if Login with Proton (#1142)
* Bypass 2FA if Login with Proton

* Fix formatting of template
2022-07-04 16:24:49 +02:00
Adrià Casajús
c2bb6488e4
Allow to login with proton to enter sudo mode (#1141)
* Allow to login with proton to enter sudo mode

* Updated wording

* lint

* Only enabled if the user has the account linked

* Add exit-sudo route for tests

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-04 16:09:36 +02:00
Carlos Quintana
e2f9ea4ae1
Capture exception on Login with Proton (#1140) 2022-07-04 15:40:17 +02:00
Adrià Casajús
8b89a428e0
Fix: clear next in the session before triggering a login (#1129)
* Fix: clear next in the session before triggering a login

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-30 15:41:50 +02:00
Adrià Casajús
99ce10a1bc
Send email to users with a subscription and a partner plan upgrade (#1101)
* Send email to users with a subscription and a partner plan upgrade

* Update double-subscription-partner.html

* Update double-subscription-partner.txt.jinja2

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son Nguyen Kim <nguyenkims@users.noreply.github.com>
2022-06-20 14:34:20 +02:00
Carlos Quintana
58990ec762
Hide proton integration behind cookie (#1092)
* Hide proton integration behind cookie

* Make cookie name configurable via config
2022-06-15 15:42:41 +02:00
Carlos Quintana
cf5ff6fa23
Allow extra headers on proton connection (#1087) 2022-06-14 10:29:18 +02:00
Carlos Quintana
c0a4c44e94
Separate code for proton callback handler (#1040)
* Separate code for proton callback handler

* Upgrade migration

* Use simple_login endpoint from Proton API

* Remove unused classes

* Rename Dto class to Data

* Push rename

* Moved link to PartnerUser to allow subscriptions to depend only on it

* Fix test

* PR comments

* Add unique user_id constraint to PartnerUser

* Added more logs

* Added more logs

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-09 10:19:49 +02:00
Adrià Casajús
faf67ff338
Add missing rate limits (#1065)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-08 17:36:03 +02:00
Carlos Quintana
ed9d2ed816
Receive partner as param in ProtonCallbackHandler 2022-05-23 16:11:58 +02:00
Son
631254a1cd redirect user to dashboard instead of the account activation page for now 2022-05-23 14:44:24 +02:00
Carlos Quintana
e5770de329
Add account_activated page prompting user to install the extension 2022-05-20 09:40:03 +02:00
Carlos Quintana
5b60ef1e35
Preserve next_url in oauth login 2022-05-09 12:20:14 +02:00
Carlos Quintana
c95bfb80a2
Add OAuth hook for checking the status code 2022-05-06 14:41:52 +02:00
Carlos Quintana
8d4683e59e
Add login with proton 2022-05-05 12:20:55 +02:00
Adrià Casajús
657cae53a6
Remove it for all creds 2022-04-26 18:44:57 +02:00
Adrià Casajús
ff33380bed
Do not send the transports to the js part since we have not stored them previously 2022-04-26 18:41:12 +02:00
Adrià Casajús
8da4293305
typo 2022-04-11 16:04:28 +02:00
Adrià Casajús
60a070731e
Send newrelic events on login and register 2022-04-11 10:18:22 +02:00
Adrià Casajús
e91fd26964
Sanitized missing places 2022-03-29 18:03:18 +02:00
Carlos Quintana
2f9489fe39
Only allow relative redirects 2022-02-15 15:16:31 +01:00
george
50122da0fe
Implement API notifications and use a function in email_utils 2022-01-20 17:42:11 +00:00
george
42407a0543
Send the email after the local error. 2022-01-20 16:44:15 +00:00
george
f7f91afc1e
Send a notification email for invalid recovery codes. 2022-01-20 16:41:42 +00:00
george
6d736aa915
Implement rate limiting with send_email_with_rate_control. 2022-01-20 15:05:18 +00:00
george
0eb2984b9c
Add invalid TOTP login email notifications. 2022-01-20 14:18:47 +00:00
Son
733a9c42b0 delete activation code before sending email to avoid any delay 2021-12-29 10:26:42 +01:00
Son
abc074ea9b make sure password can't be longer than 100 chars 2021-11-16 19:41:05 +01:00
Son
0fbd351bed handle the referral url that has ?slref=code part 2021-10-25 15:02:02 +02:00
Son
372466ab06 do not use flask-sqlalchemy
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Son
5d7e10f776 make sure when user changes password, log user out on other browsers 2021-10-11 11:30:41 +02:00
Son Nguyen Kim
5ac78f2694 reformat 2021-09-08 11:29:55 +02:00
Son Nguyen Kim
cc650f9fae remove unused import 2021-07-12 18:56:43 +02:00
Son Nguyen Kim
99599bb09f make sure user needs to go through MFA when resetting password 2021-07-12 18:56:09 +02:00
Son NK
09d00df363 reformat imports 2021-06-27 17:50:36 +02:00
Son NK
f3b04b9d81 add more logging 2021-04-16 18:37:16 +02:00
Son NK
b476e207fa take into account ?next param in login 2021-01-27 10:11:48 +01:00
Son NK
e9adb3270d use sanitize_email instead of .lower().strip().replace(" ", "") 2021-01-11 12:29:40 +01:00
Son NK
ef7fae32b1 remove the "Hi {name}" from email template 2021-01-11 10:23:34 +01:00
Renaud Boyer
c09b6ef675 linting 2020-12-06 22:08:35 +01:00
Renaud Boyer
1c73f07d18 linting 2020-12-06 22:08:05 +01:00
Son NK
0a4fc76b61 optimize import 2020-10-15 16:45:28 +02:00
Son NK
90163220cf rename email_domain_can_be_used_as_mailbox -> email_can_be_used_as_mailbox 2020-10-15 16:05:47 +02:00
Son NK
7e425c0338 disable login if user is disabled 2020-10-04 12:49:43 +02:00
Son NK
fdedc24358 black new version 2020-08-27 10:20:48 +02:00
Son NK
b7cbaa6e84 delete the expired ChangeEmail object 2020-08-13 10:59:39 +02:00
Son NK
b395c2ebd0 use warning log for FIDO error 2020-08-12 12:48:51 +02:00
Son NK
efe1ab641f add hCaptcha check 2020-07-23 12:43:55 +02:00
Son NK
6437ee46e0 use LOG.exception instead of LOG.error to provide stacktrace 2020-07-17 12:59:07 +02:00