Adrià Casajús
7f9ce5641f
Feat: Added parallel limiter to prevent sqlalchemy transaction issues ( #1360 )
...
* Feat: Added parallel limiter to prevent sqlalchemy transaction issues
* Remove logs
* Moved initialization to its own file
* Throw exception
* Added test
* Add redis to gh actions
* Added v6 to the name
* Removed debug prints
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 10:07:02 +02:00
Adrià Casajús
d324e2fa79
Fix: Add csrf verification to directory updates ( #1358 )
...
* Fix: Add csrf verification to directory updates
* Update templates/dashboard/directory.html
* Added csrf for delete account form
* Fix tests
* Added CSRF check for settings page
* Added csrf to batch import
* Added CSRF to alias dashboard and alias transfer
* Added csrf to contact manager
* Added csrf to mailbox
* Added csrf for mailbox detail
* Added csrf to domain detail
* Lint
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 10:04:47 +02:00
Son Nguyen Kim
2f769b38ad
Apple in app fix ( #1369 )
...
* error log if issue with apple sub
* use the right secret when polling apple sub
2022-10-25 19:45:53 +02:00
Son Nguyen Kim
35470613d3
add DailyMetric and Metric as admin page, remove EmailLog admin page ( #1352 )
2022-10-15 19:10:39 +02:00
Son Nguyen Kim
c71824c68e
Init daily metric ( #1351 )
...
* Add DailyMetric model
* increment nb_new_web_non_proton_user
* fix test
* fix test
2022-10-14 17:35:34 +02:00
Son Nguyen Kim
1fc75203f2
Improve test: disable rate limit during test and avoid conflicts between tests ( #1349 )
...
* disable rate limit during test, avoid conflict between tests
* fix test
2022-10-14 16:37:49 +02:00
Son Nguyen Kim
7b24cdd98a
Revert "remove deduct_limit as it has no effect ( #1347 )" ( #1348 )
...
This reverts commit 851ba0a99a
.
2022-10-13 22:00:45 +02:00
Son Nguyen Kim
851ba0a99a
remove deduct_limit as it has no effect ( #1347 )
...
* remove deduct_limit as it has no effect
- disable rate limit during test
- randomize data in test
- support non-empty db in test
* fix more test
2022-10-13 18:55:22 +02:00
Adrià Casajús
72277211bb
For unauthenticated sessions only store them in redis for 5m ( #1345 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-13 15:55:08 +02:00
Adrià Casajús
d5ca316e41
Have custom domains set up multiple dkim records to be able to rotate keys ( #1334 )
...
* Have custom domains set up multiple dkim records to be able to rotate keys
* Apply suggestions from code review
* Some PR comments
* Keep dkim enabled if it is already
* Format
* PR updates
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-11 07:17:37 +02:00
Son Nguyen Kim
1c5a547cd0
do not quarantine an email if fails DMARC but has a small rspamd score ( #1337 )
...
* do not quarantine an email if fails DMARC but has a small rspamd score
* use 0 when cannot parse rspamd score
* use -1 as default value
2022-10-10 10:13:07 +02:00
Son Nguyen Kim
5088604bb8
Replace reverse alias ( #1335 )
...
* replace any reverse alias by real address for all contacts
* improve logging
* fix comment
* Request contacts in batches of 100 to avoid loading the db
* Fix typo
* Added tests for the contact replacement
* Increase batch size to 1k
* Revert and use only reply_email and website_email
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-10 10:00:19 +02:00
Adrià Casajús
faeddc365c
Display recovery codes for mfa only once ( #1317 )
...
* Recovery codes can only be shown after adding a 2FA code and cannot be seen afterwards
* Added recovery codes fix
* Updated models and script
* Formatting
* Format
* Added base code
* Updated wording
* Set the config by default
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-03 12:32:45 +02:00
Adrià Casajús
faaff7e9b9
Handle failed payments subscriptions in paddle ( #1327 )
...
* Handle failed payments subscriptions in paddle
* Added tests
* Remove unused import
* Remove unused import
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-30 17:51:06 +02:00
Carlos Quintana
fa50c23a43
Allow RedisSessionStore to connect to sentinel ( #1307 )
...
* Allow RedisSessionStore to connect to sentinel
* Reuse flask_limiter redis storage
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-23 10:23:07 +02:00
Son Nguyen Kim
72a130e225
do not add mime-version header if already present ( #1302 )
2022-09-22 13:46:32 +02:00
Adrià Casajús
b5aff490ef
Store session in redis if redis is enabled ( #1288 )
...
* Store sesions in redis to prevent saving old cookies
* Format
* Rename sid to session_id
* Logout session completely
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-21 11:11:17 +02:00
Adrià Casajús
9c86e1a820
Fix: Use email directly for DomainDeletedAlias ( #1273 )
...
* Fix: Use email directly for DomainDeletedAlias
* Add handling for reply phase
* Use the first mailbox of the domain for deleted domain aliase
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-08 14:54:32 +02:00
Son Nguyen Kim
753a28e886
handle case msg is string in replace() ( #1271 )
...
should fix https://sentry.io/organizations/simplelogin/issues/3563106404/?alert_rule_id=2478639&alert_timestamp=1662404226476&alert_type=email&environment=production&project=1868546&referrer=alert_email
2022-09-07 10:22:11 +02:00
Son Nguyen Kim
6595d34276
shouldn't count processed batch import ( #1268 )
2022-09-05 15:38:12 +02:00
Son Nguyen Kim
192d03fd68
make sure sl_formataddr always return str ( #1269 )
2022-09-05 15:38:04 +02:00
Son Nguyen Kim
313a928070
Create sl_formataddr to handle unicode for built-in formataddr ( #1265 )
...
* Create sl_formataddr to handle unicode for built-in formataddr
* fix circular import
2022-09-05 08:40:24 +02:00
Son Nguyen Kim
cea139b7d5
Improve handling when pgp key is invalid ( #1264 )
...
* remove unused email statuses
* add more logging
* use text_header if html_header not set
* improve email
* add a header about PGP failure when forward emails can't be encrypted
* remove unused email status
2022-09-02 11:47:04 +02:00
Son Nguyen Kim
25773448c2
admin can go directly to paddle ( #1263 )
2022-09-02 10:39:53 +02:00
Son Nguyen Kim
f69c9583fb
fix proton partner error when self host ( #1255 )
...
* fix proton partner error when self host
* fix test
* fix test
* remove a@b.c
2022-09-01 14:59:16 +02:00
Son Nguyen Kim
9eacd980ef
include_sender_in_reverse_alias set to true for new users ( #1244 )
2022-08-23 11:24:49 +02:00
Carlos Quintana
ba06852dc2
Do not crash if action is unknown ( #1231 )
2022-08-12 15:02:00 +02:00
Carlos Quintana
7eb44a5947
Fixes for connect with proton on mobile ( #1230 )
...
* Fixes for connect with proton on mobile
* Added a test
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-12 13:17:21 +02:00
Carlos Quintana
596dd0b1ee
Support next with Proton Link ( #1226 )
...
* Support next with Proton Link
* Add support for double next
* Fix bug on account relink
2022-08-11 10:38:44 +02:00
Adrià Casajús
3a75686898
Generate a web session from an api key ( #1224 )
...
* Create a token to exchange for a cookie
* Added Route to exchange token for cookie
* add missing migration
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-10 18:48:32 +02:00
Carlos Quintana
a9549c11d7
Rate limiting depending on user authenticated status ( #1221 )
...
* Rate limiting depending on user authenticated status
* Update app/extensions.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
* Add rate_limiting tests
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-08-09 14:57:21 +02:00
Son Nguyen Kim
a88a8ff2be
add more logging ( #1223 )
2022-08-09 10:01:55 +02:00
Son Nguyen Kim
6c6deedf47
Stop paddle sub ( #1216 )
...
* admin can stop a paddle sub
* show admin menu if user is admin
2022-08-04 09:20:07 +02:00
Son Nguyen Kim
d72226aa19
show proton sub info on admin ( #1207 )
2022-08-01 20:49:05 +02:00
Carlos Quintana
a04152a37f
Do not allow SVG image uploads ( #1198 )
2022-07-29 08:52:51 +02:00
Adrià Casajús
25fde11a86
Refactor alias suffix ( #1194 )
...
* Extract suffix generation and validation to a module
* Updated tests
* Make custom alias use signed suffixes
* Added the signature check to the module
* Fix invalid route
* Move more suffix related stuff
* Fix tests
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-27 17:40:22 +02:00
Adrià Casajús
bd044304f0
Added rate limit to resend activation email ( #1192 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-26 14:57:26 +02:00
Adrià Casajús
f4c5198055
Remove ResetCodes after email change ( #1191 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-26 14:43:31 +02:00
Son Nguyen Kim
97805173cb
remove envs used for proton beta link ( #1189 )
...
* remove envs used for proton beta link
* remove is_connect_with_proton_enabled()
2022-07-26 12:38:18 +02:00
Carlos Quintana
827e3a1acb
Implement mode for Login with Proton ( #1186 )
2022-07-26 09:55:24 +02:00
Son Nguyen Kim
6322e03996
admin can manage newsletter and test sending it ( #1177 )
...
* admin can manage newsletter and test sending it
* add comments
* comment
* doc
* not userID not specified, send the newsletter to current user
* automatically match textarea height to content when editing newsletter
* increase text height and limit img size to 100% in email template
* admin can send newsletter to a specific address
2022-07-22 11:24:53 +02:00
Carlos Quintana
7db3ec246e
Mitigate open redirect with OAuth ( #1176 )
...
* Mitigate open redirect with OAuth
* Fix tests
2022-07-21 14:23:08 +02:00
Adrià Casajús
3fa9db9bb7
Change default unsub behaviour to disable alias by default ( #1174 )
...
* Change default unsub behaviour to disable alias by default
* Alter default valut for unsub_behaviouur
* Added comments to the migration
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-20 11:57:34 +02:00
Adrià Casajús
06c1c7f2f7
Restrict the number of free alias for new free users ( #1155 )
...
* Restrict the number of free alias for new free users
* Fix test
* Make flag reverse
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-20 11:09:22 +02:00
Adrià Casajús
f3d47a1eaa
Allow users to keep the original unsub behaviour ( #1148 )
...
* Feature: Preserve original unsubscribe request
* Updated tests
* Updated settings
* PR comments
* reduced prefix length
* Include migrate users for new unsub behaviour
* PR comments
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-19 17:25:21 +02:00
Adrià Casajús
afb2ab3758
Allow to configure mem storage from config ( #1166 )
...
* Allow to configure memory storage from config
* format
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-19 08:25:59 +02:00
Son Nguyen Kim
36547bd82d
Update wording ( #1163 )
...
* rename file
* update wording when adding mailbox
* rename
2022-07-17 15:02:17 +02:00
Adrià Casajús
2837350204
Limit amount of imports ( #1161 )
...
* Limit amount of imports
* Review suggestions
* Format
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-16 18:17:15 +02:00
Adrià Casajús
bcd4383e05
Sanitize the highlight contact id ( #1160 )
...
* Sanitize also parameter
* Formatting
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-15 17:48:42 +02:00
Adrià Casajús
67be5ba050
Enforce int params in routes ( #1159 )
...
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-15 17:10:00 +02:00