Adrià Casajús
6faec9ba4d
Enforce user match on mailbox verification and improve logging ( #2172 )
2024-07-30 15:43:32 +02:00
Adrià Casajús
d11c2686b9
Move mailbox management to a module ( #2164 )
2024-07-30 13:36:48 +02:00
Adrià Casajús
10cfc21fe9
Revert back to poetry ( #2171 )
2024-07-30 10:38:19 +02:00
Adrià Casajús
09d955e6ea
Update redis dependency
2024-07-30 09:52:24 +02:00
LamTrinh.Dev
daad62b6eb
Update README.md ( #2167 )
...
Enhance Markdown for highlight DISABLE_REGISTRATION and DISABLE_ONBOARDING param in simplelogin.env .
2024-07-29 19:44:01 +00:00
Adrià Casajús
02a0f7bf98
Fix hatchling packaging ( #2169 )
2024-07-29 14:49:06 +00:00
Adrià Casajús
08a64f0fa6
Force contraints location
2024-07-29 13:41:43 +02:00
Adrià Casajús
02b506ba0f
Fix positional args
2024-07-25 17:03:55 +02:00
Adrià Casajús
32488284ec
Update yacron
2024-07-25 16:46:20 +02:00
Adrià Casajús
127bb5b98c
Replace poetry with rye ( #2163 )
2024-07-25 16:18:49 +02:00
Adrià Casajús
574a916cff
Remove requred from positional args
2024-07-25 10:08:15 +02:00
Adrià Casajús
8262390bf0
Close sessions between loops to make sure we leave no lock ( #2162 )
...
* Close sessions between loops to make sure we leave no lock
* Close at the end
* Close before sleeps
* Use python generic empty list in case the events is an iterator
2024-07-24 14:49:55 +00:00
Adrià Casajús
666bf86441
Rename method to account for domain being a string and not an int ( #2161 )
2024-07-23 15:58:52 +00:00
Adrià Casajús
1407c969d2
Only allow latest activation code to be used ( #2160 )
...
(cherry picked from commit dd09297bead4ea27731ac3bd60fcf2a3e7001268)
2024-07-23 14:23:37 +00:00
Adrià Casajús
a7aec0c37a
Move set default domain for alias to an external function ( #2158 )
...
* Move set default alias to a separate method to reuse it
* Add tests
* Find domains by domain not by id
* Revert models and setting changes
* Remove non required function
2024-07-23 14:17:23 +00:00
Carlos Quintana
71ce0f6253
chore: add retry counter to event ( #2159 )
2024-07-23 14:11:16 +00:00
Adrià Casajús
25022b4ad8
Several fixes ( #2157 )
...
* Ensure uploaded pictures are images and delete the previous ones
* Add CSRF protection to admin routes
* Only allow https urls in the client envs
* Close connection to try to get a new one
* Missing parameter
* start_time can be non existant. Set a default value
2024-07-18 12:48:18 +00:00
Adrià Casajús
3afc90d3fb
Disable the enforced header until all extensions are updated and add a fallback option to trigger a manual login ( #2155 )
2024-07-12 15:27:11 +00:00
Adrià Casajús
1482bb4a33
Add to static js also the headers ( #2153 )
...
* Add to static js also the headers
* Move all header generation to a function
2024-07-11 12:28:22 +00:00
Adrià Casajús
e0d4ee9f8c
Set session to lax
2024-07-10 14:06:26 +02:00
Adrià Casajús
747dfc04bb
Fix base test class ( #2152 )
2024-07-10 11:41:50 +00:00
Adrià Casajús
d8f7cb2852
Use header in api tests
2024-07-10 13:14:42 +02:00
Adrià Casajús
5d48b5878f
Restrict cookie usage on api endpoints ( #2151 )
2024-07-10 10:48:46 +00:00
Carlos Quintana
cccd65d93a
fix: contact duplicate key ( #2150 )
2024-07-10 10:46:54 +00:00
Carlos Quintana
87e55605b8
fix: coinbase float user id ( #2149 )
2024-07-10 07:58:17 +00:00
Carlos Quintana
ae9f47d5a5
fix: remove unnecessary staticmethod ( #2147 )
2024-07-10 07:40:37 +00:00
Carlos Quintana
f05f01bf77
chore: QOL improvements on alias delete due to cascade FKs ( #2144 )
2024-07-08 14:39:18 +00:00
Adrià Casajús
2d841e9bc0
Update render function to receive user always as a param ( #2141 )
...
* Update render function to receive user always as a param
(cherry picked from commit fb53632298b08ab40bb82b8c8724a0bf254b2632)
* Add user to the kwargs
2024-07-03 12:59:16 +00:00
danfate
e71d6264a7
convert POSTFIX_TIMEOUT to int ( #2135 )
2024-07-02 12:24:50 +00:00
Adrià Casajús
24e211ac68
Add warning to subject when possible phishing is detected ( #2137 )
...
(cherry picked from commit 8f714b9fab49354bfcc10dad8e149a8a0aefdc4c)
(cherry picked from commit 21490ec1934b74de7d2e38326735329a87cf5dfd)
2024-07-01 16:43:48 +00:00
Adrià Casajús
faae37b6bc
Use partner emails when the user has used alias from a partner ( #2136 )
...
* Update base templates based on the parter user
* Update template
* Fix missing check
* Check if the user is set
* Hide flag usage
2024-06-28 13:34:16 +00:00
Ggcu
3fd9884c56
fix emails ( #2111 )
...
* Update trial-end.html
* Update trial-end.txt.jinja2
* Update subscription-end.txt
* Update subscription-end.html
2024-06-28 10:33:17 +00:00
ghisch
4817dfdcaf
[Security] Remediate 2FA bypass with hashed recovery code ( #2132 )
...
* Fix Vuln (allow 2FA bypass with hashed recovery code)
Remove comparison of hashed recovery code from db with the user input.
* Formatting
* Remove Comment
2024-06-26 16:26:46 +00:00
Adrià Casajús
1ecc5eb89b
Log when a partner user is unlinked ( #2133 )
2024-06-26 10:17:24 +00:00
Son Nguyen Kim
209ed65ebc
Disable pgp onboarding proton mail ( #2122 )
...
* show app page
* Do not send onboarding PGP email to Proton mailbox
---------
Co-authored-by: Son NK <son@simplelogin.io>
2024-06-10 11:58:04 +00:00
Adrià Casajús
8a77a8b251
Create jobs to trigger sending all alias as create events ( #2126 )
...
* Create jobs to trigger sending all alias as create events
* Set events in past tense
* fix test
* Removed debug log
* Log messages
2024-06-07 13:36:18 +00:00
Carlos Quintana
b931518620
Add create alias list event ( #2125 )
...
* chore: add alias create list proto event
* chore: generate python files from proto
2024-06-06 09:05:47 +00:00
Carlos Quintana
9d2a35b9c2
fix: monitoring table name ( #2120 )
2024-05-24 11:09:10 +02:00
Carlos Quintana
5f190d4b46
fix: monitoring table name
2024-05-24 10:52:08 +02:00
Carlos Quintana
6862ed3602
fix: event listener ( #2119 )
...
* fix: commit transaction after taking event
* feat: allow to reconnect to postgres for event listener
* chore: log sync events pending to process to metrics
* fix: make dead_letter runner able to process events without needing to have lock on the event
* chore: close Session after reconnect
* refactor: make EventSource emit only events that can be processed
2024-05-24 10:21:19 +02:00
Carlos Quintana
450322fff1
feat: allow to disable event-webhook ( #2118 )
2024-05-23 16:50:54 +02:00
Carlos Quintana
aad6f59e96
Improve error handling on event sink ( #2117 )
...
* chore: make event_sink return success
* fix: add return to ConsoleEventSink
2024-05-23 15:05:47 +02:00
Carlos Quintana
8eccb05e33
feat: implement HTTP event sink ( #2116 )
...
* feat: implement HTTP event sink
* Update events/event_sink.py
---------
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2024-05-23 11:32:45 +02:00
Carlos Quintana
3e0b7bb369
Add sync events ( #2113 )
...
* feat: add protocol buffers for events
* chore: add EventDispatcher
* chore: add WebhookEvent class
* chore: emit events
* feat: initial version of event listener
* chore: emit user plan change with new timestamp
* feat: emit metrics + add alias status to create event
* chore: add newrelic decorator to functions
* fix: event emitter fixes
* fix: take null end_time into account
* fix: avoid double-commits
* chore: move UserDeleted event to User.delete method
* db: add index to sync_event created_at and taken_time columns
* chore: add index to model
2024-05-23 10:27:08 +02:00
Son Nguyen Kim
60ab8c15ec
show app page ( #2110 )
...
Co-authored-by: Son NK <son@simplelogin.io>
2024-05-22 15:43:36 +02:00
Son Nguyen Kim
b5b167479f
Fix admin loop ( #2103 )
...
* mailbox page requires sudo
* fix the loop when non-admin user visits an admin URL
https://github.com/simple-login/app/issues/2101
---------
Co-authored-by: Son NK <son@simplelogin.io>
2024-05-10 18:52:12 +02:00
Adrià Casajús
8f12fabd81
Make hibp rate configurable ( #2105 )
2024-05-10 18:51:16 +02:00
Daniel Mühlbachler-Pietrzykowski
b6004f3336
feat: use oidc well-known url ( #2077 )
2024-05-02 16:17:10 +02:00
Adrià Casajús
80c8bc820b
Do not double count AlilasMailboxes with Aliases ( #2095 )
...
* Do not double count aliasmailboxes with aliases
* Keep Sl-Queue-id
2024-04-30 16:41:47 +02:00
Son Nguyen Kim
037bc9da36
mailbox page requires sudo ( #2094 )
...
Co-authored-by: Son NK <son@simplelogin.io>
2024-04-23 22:25:37 +02:00