Commit Graph

2731 Commits

Author SHA1 Message Date
Carlos Quintana
f2a840016b
chore: allow redis to support rediss (#1526) 2023-01-11 16:25:35 +01:00
Adrià Casajús
9378b8a17d
Fix: Return email in the get_communication_email always and search for the alias when needed (#1497)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-19 09:23:53 +01:00
Adrià Casajús
3f84a63e6d
Extend validity of totp tokens for up to a minute. (#1494)
* Feat: Allow TOTP for up to one minute in the future and in the past

* Feat: Allow TOTP for up to one minute in the future and in the past

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-16 17:54:46 +01:00
Adrià Casajús
5e48d86efa
Canonicalize emails from google and proton before registering users (#1493)
* Revert "Revert "Use canonical email when registering users (#1458)" (#1474)"

This reverts commit c8ab1c747e.

* Only canonicalize gmail and proton

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-14 11:50:36 +01:00
Adrià Casajús
9dcf063337
Rate limit changing user settings (#1491)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-13 18:48:44 +01:00
Adrià Casajús
73c0429cad
Fix: Set oneclick link for unsubscribe of the newsletter for tx emails (#1465)
* Feat: Add unsub oneclick to the base transactional email template

* Format

* Removed unused

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-13 16:59:14 +01:00
Adrià Casajús
21e9fce3ba
Set the admin view to show 100 entries by default (#1490)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-13 16:58:27 +01:00
Adrià Casajús
c8ab1c747e
Revert "Use canonical email when registering users (#1458)" (#1474)
* Revert "Use canonical email when registering users (#1458)"

This reverts commit f728b0175a.

* missing chang

* typo
2022-12-08 10:57:46 +01:00
Adrià Casajús
7e360bcbd9
Fix: Add mising csrf validation for contact pgp key modification (#1463)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-02 15:13:38 +01:00
Adrià Casajús
327b672f24
Set the user name on creation to the original email (#1462)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-01 13:07:36 +01:00
Adrià Casajús
0996378537
Revert "Keep the dirty email after registering (#1459)" (#1460)
This reverts commit 0664e3b80c.

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-01 09:19:15 +01:00
Adrià Casajús
0664e3b80c
Keep the dirty email after registering (#1459)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-30 18:38:48 +01:00
Adrià Casajús
f728b0175a
Use canonical email when registering users (#1458)
* Use canonical email for registration, check both when checking if user exists

* Fix test

* Set pagesize to 100

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-30 17:19:55 +01:00
Adrià Casajús
53ef99562c
Add unsub link to newsletters (#1455)
* Add unsub link to newsletters

* Remove debug statement

* Updated unsub link

* Update unsub style

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-28 15:08:46 +01:00
Adrià Casajús
3c36f37a12
Feat: Add enable/disable options in the admin panel (#1450)
* Feat: Add enable/disable options in the admin panel

* Fix duplicate method

* Black format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-28 10:39:18 +01:00
Spitfireap
b849d1cfa7
Simpler csv export (#1383)
* Export alias in csv

* reformating

* template

* Improved contributing script and doc

* Updated test

* removed csv export from GDPR export archive

* added test for new route

* fix trailing space

* moved test to new utils file
2022-11-23 13:51:08 +01:00
Son Nguyen Kim
989358af34
Fix empty authorized address (#1423)
* not allow empty authorized address

* check authorized address before adding

* use github for flake8

* fix test
2022-11-15 16:04:31 +01:00
Adrià Casajús
4661972f97
Fix: When re-sending emails if they trigger exceptions move out of failed dir (#1411)
* Fix: When re-sending emails if they trigger exceptions move out of failed dir

* Use proper timeout

* Lint

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-10 13:24:46 +01:00
Son Nguyen Kim
25743da161
Dmarc transactional (#1402)
* make sure transactional email use the same domain for header from and envelope from

* fix import
2022-11-04 14:22:28 +01:00
Adrià Casajús
5bbf6a2654
Fix: Only override postfix port when enabling TLS if the port is set to be 25 (#1401)
* Fix: Only override postfix port when enabling TLS if the port is set to be 25

* Add connection timeout

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-04 11:13:19 +01:00
Adrià Casajús
dace2b1233
Fix: Do not re-re-deliver unsent mails on failure to re-deliver (#1397)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-03 17:48:09 +01:00
Adrià Casajús
90d60217a4
Feat: Re-deliver mails (#1394)
* Feat: Send undelivered emails

* Add cron job

* Added to the crontab

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-02 15:51:14 +01:00
Adrià Casajús
3bc976c322
Feature: Add app name to each db connection (#1393)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-02 15:41:48 +01:00
Son Nguyen Kim
36d1626972
Notify another mailbox about an email sent by a mailbox to a reverse alias (#1381)
* Notify another mailbox about an email sent by a mailbox to a reverse alias

* keep reverse alias in CC and To header

* use alias as From to hint that the email is sent from the alias

* keep original subject, improve wording

* only add DKIM if custom domain has DKIM enabled
2022-10-30 19:59:42 +01:00
Son Nguyen Kim
02f42821c5
fix 21004 error (#1380) 2022-10-27 14:03:11 +02:00
Adrià Casajús
a5056b3fcc
Fix: Use source ip if user is not authenticated (#1379)
* Fix: Use source ip if user is not authenticated

* Fix lint

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 13:37:45 +02:00
Adrià Casajús
f6463a5adc
Change: Do not sleep on exclusive zones (#1375)
* Change: Do not sleep on exclusive zones

* Update test

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 10:40:33 +02:00
Adrià Casajús
7f9ce5641f
Feat: Added parallel limiter to prevent sqlalchemy transaction issues (#1360)
* Feat: Added parallel limiter to prevent sqlalchemy transaction issues

* Remove logs

* Moved initialization to its own file

* Throw exception

* Added test

* Add redis to gh actions

* Added v6 to the name

* Removed debug prints

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 10:07:02 +02:00
Adrià Casajús
d324e2fa79
Fix: Add csrf verification to directory updates (#1358)
* Fix: Add csrf verification to directory updates

* Update templates/dashboard/directory.html

* Added csrf for delete account form

* Fix tests

* Added CSRF check for settings page

* Added csrf to batch import

* Added CSRF to alias dashboard and alias transfer

* Added csrf to contact manager

* Added csrf to mailbox

* Added csrf for mailbox detail

* Added csrf to domain detail

* Lint

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-27 10:04:47 +02:00
Son Nguyen Kim
2f769b38ad
Apple in app fix (#1369)
* error log if issue with apple sub

* use the right secret when polling apple sub
2022-10-25 19:45:53 +02:00
Son Nguyen Kim
35470613d3
add DailyMetric and Metric as admin page, remove EmailLog admin page (#1352) 2022-10-15 19:10:39 +02:00
Son Nguyen Kim
c71824c68e
Init daily metric (#1351)
* Add DailyMetric model

* increment nb_new_web_non_proton_user

* fix test

* fix test
2022-10-14 17:35:34 +02:00
Son Nguyen Kim
1fc75203f2
Improve test: disable rate limit during test and avoid conflicts between tests (#1349)
* disable rate limit during test, avoid conflict between tests

* fix test
2022-10-14 16:37:49 +02:00
Son Nguyen Kim
7b24cdd98a
Revert "remove deduct_limit as it has no effect (#1347)" (#1348)
This reverts commit 851ba0a99a.
2022-10-13 22:00:45 +02:00
Son Nguyen Kim
851ba0a99a
remove deduct_limit as it has no effect (#1347)
* remove deduct_limit as it has no effect

- disable rate limit during test
- randomize data in test
- support non-empty db in test

* fix more test
2022-10-13 18:55:22 +02:00
Adrià Casajús
72277211bb
For unauthenticated sessions only store them in redis for 5m (#1345)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-13 15:55:08 +02:00
Adrià Casajús
d5ca316e41
Have custom domains set up multiple dkim records to be able to rotate keys (#1334)
* Have custom domains set up multiple dkim records to be able to rotate keys

* Apply suggestions from code review

* Some PR comments

* Keep dkim enabled if it is already

* Format

* PR updates

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-11 07:17:37 +02:00
Son Nguyen Kim
1c5a547cd0
do not quarantine an email if fails DMARC but has a small rspamd score (#1337)
* do not quarantine an email if fails DMARC but has a small rspamd score

* use 0 when cannot parse rspamd score

* use -1 as default value
2022-10-10 10:13:07 +02:00
Son Nguyen Kim
5088604bb8
Replace reverse alias (#1335)
* replace any reverse alias by real address for all contacts

* improve logging

* fix comment

* Request contacts in batches of 100 to avoid loading the db

* Fix typo

* Added tests for the contact replacement

* Increase batch size to 1k

* Revert and use only reply_email and website_email

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-10 10:00:19 +02:00
Adrià Casajús
faeddc365c
Display recovery codes for mfa only once (#1317)
* Recovery codes can only be shown after adding a 2FA code and cannot be seen afterwards

* Added recovery codes fix

* Updated models and script

* Formatting

* Format

* Added base code

* Updated wording

* Set the config by default

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-10-03 12:32:45 +02:00
Adrià Casajús
faaff7e9b9
Handle failed payments subscriptions in paddle (#1327)
* Handle failed payments subscriptions in paddle

* Added tests

* Remove unused import

* Remove unused import

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-30 17:51:06 +02:00
Carlos Quintana
fa50c23a43
Allow RedisSessionStore to connect to sentinel (#1307)
* Allow RedisSessionStore to connect to sentinel

* Reuse flask_limiter redis storage

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-23 10:23:07 +02:00
Son Nguyen Kim
72a130e225
do not add mime-version header if already present (#1302) 2022-09-22 13:46:32 +02:00
Adrià Casajús
b5aff490ef
Store session in redis if redis is enabled (#1288)
* Store sesions in redis to prevent saving old cookies

* Format

* Rename sid to session_id

* Logout session completely

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-21 11:11:17 +02:00
Adrià Casajús
9c86e1a820
Fix: Use email directly for DomainDeletedAlias (#1273)
* Fix: Use email directly for DomainDeletedAlias

* Add handling for reply phase

* Use the first mailbox of the domain for deleted domain aliase

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-09-08 14:54:32 +02:00
Son Nguyen Kim
753a28e886
handle case msg is string in replace() (#1271)
should fix https://sentry.io/organizations/simplelogin/issues/3563106404/?alert_rule_id=2478639&alert_timestamp=1662404226476&alert_type=email&environment=production&project=1868546&referrer=alert_email
2022-09-07 10:22:11 +02:00
Son Nguyen Kim
6595d34276
shouldn't count processed batch import (#1268) 2022-09-05 15:38:12 +02:00
Son Nguyen Kim
192d03fd68
make sure sl_formataddr always return str (#1269) 2022-09-05 15:38:04 +02:00
Son Nguyen Kim
313a928070
Create sl_formataddr to handle unicode for built-in formataddr (#1265)
* Create sl_formataddr to handle unicode for built-in formataddr

* fix circular import
2022-09-05 08:40:24 +02:00
Son Nguyen Kim
cea139b7d5
Improve handling when pgp key is invalid (#1264)
* remove unused email statuses

* add more logging

* use text_header if html_header not set

* improve email

* add a header about PGP failure when forward emails can't be encrypted

* remove unused email status
2022-09-02 11:47:04 +02:00
Son Nguyen Kim
25773448c2
admin can go directly to paddle (#1263) 2022-09-02 10:39:53 +02:00
Son Nguyen Kim
f69c9583fb
fix proton partner error when self host (#1255)
* fix proton partner error when self host

* fix test

* fix test

* remove a@b.c
2022-09-01 14:59:16 +02:00
Son Nguyen Kim
9eacd980ef
include_sender_in_reverse_alias set to true for new users (#1244) 2022-08-23 11:24:49 +02:00
Carlos Quintana
ba06852dc2
Do not crash if action is unknown (#1231) 2022-08-12 15:02:00 +02:00
Carlos Quintana
7eb44a5947
Fixes for connect with proton on mobile (#1230)
* Fixes for connect with proton on mobile

* Added a test

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-12 13:17:21 +02:00
Carlos Quintana
596dd0b1ee
Support next with Proton Link (#1226)
* Support next with Proton Link

* Add support for double next

* Fix bug on account relink
2022-08-11 10:38:44 +02:00
Adrià Casajús
3a75686898
Generate a web session from an api key (#1224)
* Create a token to exchange for a cookie

* Added Route to exchange token for cookie

* add missing migration



Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-08-10 18:48:32 +02:00
Carlos Quintana
a9549c11d7
Rate limiting depending on user authenticated status (#1221)
* Rate limiting depending on user authenticated status

* Update app/extensions.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Add rate_limiting tests

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-08-09 14:57:21 +02:00
Son Nguyen Kim
a88a8ff2be
add more logging (#1223) 2022-08-09 10:01:55 +02:00
Son Nguyen Kim
6c6deedf47
Stop paddle sub (#1216)
* admin can stop a paddle sub

* show admin menu if user is admin
2022-08-04 09:20:07 +02:00
Son Nguyen Kim
d72226aa19
show proton sub info on admin (#1207) 2022-08-01 20:49:05 +02:00
Carlos Quintana
a04152a37f
Do not allow SVG image uploads (#1198) 2022-07-29 08:52:51 +02:00
Adrià Casajús
25fde11a86
Refactor alias suffix (#1194)
* Extract suffix generation and validation to a module

* Updated tests

* Make custom alias use signed suffixes

* Added the signature check to the module

* Fix invalid route

* Move more suffix related stuff

* Fix tests

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-27 17:40:22 +02:00
Adrià Casajús
bd044304f0
Added rate limit to resend activation email (#1192)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-26 14:57:26 +02:00
Adrià Casajús
f4c5198055
Remove ResetCodes after email change (#1191)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-26 14:43:31 +02:00
Son Nguyen Kim
97805173cb
remove envs used for proton beta link (#1189)
* remove envs used for proton beta link

* remove is_connect_with_proton_enabled()
2022-07-26 12:38:18 +02:00
Carlos Quintana
827e3a1acb
Implement mode for Login with Proton (#1186) 2022-07-26 09:55:24 +02:00
Son Nguyen Kim
6322e03996
admin can manage newsletter and test sending it (#1177)
* admin can manage newsletter and test sending it

* add comments

* comment

* doc

* not userID not specified, send the newsletter to current user

* automatically match textarea height to content when editing newsletter

* increase text height and limit img size to 100% in email template

* admin can send newsletter to a specific address
2022-07-22 11:24:53 +02:00
Carlos Quintana
7db3ec246e
Mitigate open redirect with OAuth (#1176)
* Mitigate open redirect with OAuth

* Fix tests
2022-07-21 14:23:08 +02:00
Adrià Casajús
3fa9db9bb7
Change default unsub behaviour to disable alias by default (#1174)
* Change default unsub behaviour to disable alias by default

* Alter default valut for unsub_behaviouur

* Added comments to the migration

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-20 11:57:34 +02:00
Adrià Casajús
06c1c7f2f7
Restrict the number of free alias for new free users (#1155)
* Restrict the number of free alias for new free users

* Fix test

* Make flag reverse

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-20 11:09:22 +02:00
Adrià Casajús
f3d47a1eaa
Allow users to keep the original unsub behaviour (#1148)
* Feature: Preserve original unsubscribe request

* Updated tests

* Updated settings

* PR comments

* reduced prefix length

* Include migrate users for new unsub behaviour

* PR comments

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-19 17:25:21 +02:00
Adrià Casajús
afb2ab3758
Allow to configure mem storage from config (#1166)
* Allow to configure memory storage from config

* format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-19 08:25:59 +02:00
Son Nguyen Kim
36547bd82d
Update wording (#1163)
* rename file

* update wording when adding mailbox

* rename
2022-07-17 15:02:17 +02:00
Adrià Casajús
2837350204
Limit amount of imports (#1161)
* Limit amount of imports

* Review suggestions

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-16 18:17:15 +02:00
Adrià Casajús
bcd4383e05
Sanitize the highlight contact id (#1160)
* Sanitize also parameter

* Formatting

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-15 17:48:42 +02:00
Adrià Casajús
67be5ba050
Enforce int params in routes (#1159)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-15 17:10:00 +02:00
Son Nguyen Kim
f367acbeaf
Add next bill date on admin UI (#1154)
* add subscription next bill date on admin

* small refactor: remove unused param
2022-07-12 18:17:39 +02:00
Adrià Casajús
f75bdd006a
Fix: Allow internal link independent of enable log in with proton (#1151)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-11 09:41:20 +02:00
Adrià Casajús
82d0f44cab
Fix: Check if required session headers exist (#1145)
* Check session keys exist

* Update message

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-05 22:26:48 +02:00
Adrià Casajús
494005eaa5
Fix: Add weird encodings to the list (#1146)
(cherry picked from commit cfed4061e7bf3e34c52518b905065055acb8858e)

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-05 12:19:14 +02:00
Carlos Quintana
38d305da23
Bypass 2FA if Login with Proton (#1142)
* Bypass 2FA if Login with Proton

* Fix formatting of template
2022-07-04 16:24:49 +02:00
Adrià Casajús
c2bb6488e4
Allow to login with proton to enter sudo mode (#1141)
* Allow to login with proton to enter sudo mode

* Updated wording

* lint

* Only enabled if the user has the account linked

* Add exit-sudo route for tests

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-04 16:09:36 +02:00
Carlos Quintana
e2f9ea4ae1
Capture exception on Login with Proton (#1140) 2022-07-04 15:40:17 +02:00
Son Nguyen Kim
6d86e64d65
show msg on /internal/integrations/proton (#1139)
* show msg on /internal/integrations/proton

* highlight the connect with Proton section

* djlint
2022-07-04 15:39:12 +02:00
Adrià Casajús
38c9138cdb
Fix: When logging with parter create accounts with lowercase emails (#1137)
* Fix: When logging with parter create accounts with lowercase emails

* Sanitize emails instead of just lowercase them

* linting

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-04 11:51:43 +02:00
Son Nguyen Kim
66a2152ea3
Compute Proton metrics (#1135)
* compute nb_proton_premium

* compute nb_proton_user
2022-07-04 11:40:29 +02:00
Son Nguyen Kim
02b39f98b7
fix cron job (#1134) 2022-07-04 11:05:42 +02:00
Son Nguyen Kim
8799691f99
allow admin to disable spoofing check on an alias (#1133) 2022-07-04 11:05:13 +02:00
Adrià Casajús
aabcc8e72a
Feature: Add delete account route for the api (#1132)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-02 16:45:58 +02:00
Adrià Casajús
88dd07e48d
Feature: Use new job status to retry killed jobs (#1130)
* Feature: Use new job status to retry killed jobs

* Set attermpts and time via config

* Update timing condition

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-01 11:14:53 +02:00
Adrià Casajús
8b89a428e0
Fix: clear next in the session before triggering a login (#1129)
* Fix: clear next in the session before triggering a login

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-30 15:41:50 +02:00
Adrià Casajús
21feced342
Refactor unsubscribe handling (#1090)
* Refactor unsubscribe email handling

* MR comments

* Moved all unsub logic to the encoder

* remove unused

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-30 11:40:01 +02:00
Carlos Quintana
d06470a3c6
Activate users created with account link (#1124) 2022-06-29 16:55:20 +02:00
Carlos Quintana
9abb8aa47f
Validate user uploaded image (#1123)
* Validate user uploaded image

* Fix test/data path detection
2022-06-29 15:04:55 +02:00
Son Nguyen Kim
f6a7ee981a
do not send double subscription email (#1118)
* do not send double subscription email

* remove unused import

* remove unused test
2022-06-28 17:51:44 +02:00
Son Nguyen Kim
75c710a6ab
small refactoring (#1120) 2022-06-28 17:21:23 +02:00
Adrià Casajús
aac493ad2f
Update docs and error message for sudo route (#1117)
* Update docs and error message for sudo route

* Fix

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-28 14:40:06 +02:00
Carlos Quintana
07b7f40371
Fix prompt user to upgrade to proton account (#1116) 2022-06-28 12:36:21 +02:00
Son Nguyen Kim
89062edc06
show cancel status in "Current plan" section (#1114)
* show cancel status in "Current plan" section

* do not show upgrade button for canceled paddle sub
2022-06-28 11:58:04 +02:00
Carlos Quintana
dd0598a4dd
Send welcome email when user created by login with proton (#1115)
* Send welcome email when user created by login with proton

* Add dedicated test to user.created_by_partner
2022-06-28 11:57:21 +02:00
Adrià Casajús
5fa41d6ccf
Add state management to job (#1113)
* Add state management to job

* Add migration

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-28 09:22:48 +02:00
Carlos Quintana
686f4f3f68
Always check redirect_uri for oauth (#1111)
* Always check redirect_uri for oauth

* Fix OAuth tests
2022-06-27 13:20:18 +02:00
Carlos Quintana
f58c4a9a50
Show premium subscription managed by partner (#1112) 2022-06-27 13:17:30 +02:00
Adrià Casajús
de31e6d072
Allow to set sudo mode for api requests (#1108)
* Allow to set sudo mode for api requests

* Rebase migration on top of master

* PR comments

* Added missing migration

* Removed unused import

* Apply suggestions from code review

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-23 14:26:36 +02:00
Adrià Casajús
9cc9d38dce
Propose upgrade proton account for proton partner users without paid mail plan (#1106)
* Propose upgrade proton account for proton partner users without paid mail plan

* Reformat js

* Initial display via jinja

* tweak ui: add a ---OR--- separator

* use collapse to show SL upgrade option

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son <nguyenkims@users.noreply.github.com>
2022-06-23 12:26:02 +02:00
Son Nguyen Kim
09cec0cdec
allow to hide some public domains and set their order (#1107) 2022-06-22 18:21:19 +02:00
Adrià Casajús
99ce10a1bc
Send email to users with a subscription and a partner plan upgrade (#1101)
* Send email to users with a subscription and a partner plan upgrade

* Update double-subscription-partner.html

* Update double-subscription-partner.txt.jinja2

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son Nguyen Kim <nguyenkims@users.noreply.github.com>
2022-06-20 14:34:20 +02:00
Adrià Casajús
fbb59a1531
Send welcome mail to proton created users (#1099)
* Send welcome mail to proton created users

* Skip import

* Use new logo

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-20 11:36:16 +02:00
Carlos Quintana
5ee5e386e5
Allow to create users from partner (#1095)
* Allow to create users from partner

* Fix tests

* Update tests/test_account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Fix lint

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-06-16 10:25:50 +02:00
Carlos Quintana
ba6c5f93ac
Add extension_redirect endpoint (#1093)
* Add extension_redirect endpoint

* Add test for extension_redirect
2022-06-16 09:56:00 +02:00
Carlos Quintana
332fcb27d9
Fix double backslash open redirect (#1096) 2022-06-16 09:55:08 +02:00
Carlos Quintana
58990ec762
Hide proton integration behind cookie (#1092)
* Hide proton integration behind cookie

* Make cookie name configurable via config
2022-06-15 15:42:41 +02:00
Carlos Quintana
3b47e79fae
Emit events on proton actions (#1089)
* Emit events on proton actions

* Update app/account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Update app/account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-06-15 08:24:11 +02:00
Carlos Quintana
cf5ff6fa23
Allow extra headers on proton connection (#1087) 2022-06-14 10:29:18 +02:00
Son Nguyen Kim
39aeb81f9a
add dkim signature for export data email (#1083)
* add dkim signature for export data email

* fix
2022-06-14 10:08:04 +02:00
Son Nguyen Kim
83d58c7bca
handle case empty latest_receipt_info (#1081) 2022-06-13 12:42:56 +02:00
Adrià Casajús
efa534fd3e
Store transfer tokens hashed in the db and only allow them to be valid for 24 hours (#1080)
* Store transfer tokens hashed in the db and only allow them to be valid for 30 mins

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-13 12:41:47 +02:00
Carlos Quintana
56ec95bc93
Fix proton integration issues (#1071)
* Fix proton integration issues

* Make external_user_id non nullable

* Fix tests
2022-06-10 16:21:56 +02:00
Son Nguyen Kim
a0a92a7562
require user password before transferring an alias (#1070) 2022-06-10 15:50:44 +02:00
Son Nguyen Kim
0afd414a66
use responseBody.Latest_receipt_info and not responseBody.Receipt.In_app (#1066)
https://developer.apple.com/documentation/appstorereceipts/responsebody/receipt/in_app
2022-06-10 15:50:09 +02:00
Adrià Casajús
a9a44c378a
Do not report complaints for deleted aliases (#1067)
* Do not report complaints for deleted aliases

* revert reorder

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-10 15:44:59 +02:00
Carlos Quintana
c0fe10def6
Raise proper exception on account already linked error (#1069)
* Raise proper exception on account already linked error

* Update app/account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Fix FMT

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-06-10 12:23:04 +02:00
Carlos Quintana
c0a4c44e94
Separate code for proton callback handler (#1040)
* Separate code for proton callback handler

* Upgrade migration

* Use simple_login endpoint from Proton API

* Remove unused classes

* Rename Dto class to Data

* Push rename

* Moved link to PartnerUser to allow subscriptions to depend only on it

* Fix test

* PR comments

* Add unique user_id constraint to PartnerUser

* Added more logs

* Added more logs

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-09 10:19:49 +02:00
Adrià Casajús
faf67ff338
Add missing rate limits (#1065)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-06-08 17:36:03 +02:00
Son Nguyen Kim
9cf2f44166
only allow to copy the api key when it is created (#1059)
* show api key created time

* only allow user to copy the api key when it is created

* typo
2022-06-08 10:31:58 +02:00
Adrià Casajús
e688f04d6b
Send full user report asynchronously on request (#1029)
* Send full user report asynchronously

* Fix test

* Filter some fields before exporting

* Fix: Domain -> CustomDomain

* format settings html

* not include RefusedEmail as they are not usable by user and are automatically deleted

* send the export to the user email

* change email and setting wording

* fix user can only export data once

* remove alias export section

* remove unused import

* fix flake8

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son <nguyenkims@users.noreply.github.com>
2022-06-07 10:45:04 +02:00
Carlos Quintana
dba56f0dae
Store hmaced partner api tokens (#1028)
* Store hmaced partner api tokens

* MR comments
2022-06-02 11:24:04 +02:00
Adrià Casajús
7ba9bcb9e2
Save unsent emails to disk to be resent later (#1022)
* Initial save to disk

* Store unsent messages to disk so they can be retried later

* Set back not sending emails

* Fixed decorator

* Add general exceptions to the catchall

* Have dummy server just to make sure

* Added several server test cases

* ADded tests for bounced and error status

* Moved dir creation to config parse time

* Set LOG.e

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-05-30 11:52:10 +02:00
Son Nguyen Kim
f14e003a38
Merge pull request #1021 from simple-login/ac-verp-unpack
Fix: check if verp return is None before unpack
2022-05-24 08:11:23 +02:00
Adrià Casajús
2b8f7139b8
Fix: check if verp return is None before unpack 2022-05-24 07:54:07 +02:00
Adrià Casajús
687b51be0f
Merge pull request #1019 from simple-login/feature/proton-callback-receive-partner_id-as-param
Receive partner as param in ProtonCallbackHandler
2022-05-23 16:49:34 +02:00
Carlos Quintana
5ab943e12c
Remove get_proton_partner_id function 2022-05-23 16:43:06 +02:00
Carlos Quintana
8c6c144ba2
Fix global Partner instance 2022-05-23 16:38:50 +02:00
Carlos Quintana
0064729ca7
Update app/proton/proton_callback_handler.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-05-23 16:22:23 +02:00
Carlos Quintana
ed9d2ed816
Receive partner as param in ProtonCallbackHandler 2022-05-23 16:11:58 +02:00
Adrià Casajús
b26d04e82c
Merge pull request #1017 from simple-login/remove-flask-sqlalchemy
remove flask-sqlalchemy and upgrade sqlalchemy from 1.3.19 to 1.3.24
2022-05-23 15:26:03 +02:00
Son
631254a1cd redirect user to dashboard instead of the account activation page for now 2022-05-23 14:44:24 +02:00
Son
3897d723ea remove flask-sqlalchemy and upgrade sqlalchemy from 1.3.19 to 1.3.24 2022-05-23 14:41:06 +02:00
Son
e5f23e3517 make sure to only send test emails to user's alias 2022-05-20 18:15:54 +02:00
Son
0f9232eeeb improve wording 2022-05-20 18:05:05 +02:00
Son
9ba5464bc9 allow to create reverse alias for NOREPLY 2022-05-20 17:59:41 +02:00
Son Nguyen Kim
a90e880b24
Merge pull request #1010 from simple-login/fix-upgrade
do not show upgrade button for lifetime user
2022-05-20 15:16:38 +02:00
Son Nguyen Kim
c87e503701
Merge pull request #1004 from simple-login/feature/add-new-page-for-account-activated
Add new page for account activated
2022-05-20 15:16:21 +02:00
Carlos Quintana
afb7f5ef42
Simplify redirect condition on account_activated 2022-05-20 11:50:50 +02:00
Carlos Quintana
521f6b5822
Update app/onboarding/views/account_activated.py
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
2022-05-20 11:44:49 +02:00
Son
a7d419eec3 do not show upgrade button for lifetime user 2022-05-20 11:00:11 +02:00
Carlos Quintana
f7e27ce0da
Add login_required to the account_activated page 2022-05-20 10:52:46 +02:00
Carlos Quintana
893520c361
Add edge to the browser detection process 2022-05-20 09:46:52 +02:00
Carlos Quintana
a1f37f0841
Detect mobile device and redirect them to dashboard 2022-05-20 09:40:03 +02:00
Carlos Quintana
e5770de329
Add account_activated page prompting user to install the extension 2022-05-20 09:40:03 +02:00
Son Nguyen Kim
0e3be23acc
Merge pull request #997 from simple-login/feature/adapt-extension-setup
Adapt extension setup
2022-05-20 09:01:35 +02:00
Carlos Quintana
7ce4aa6e96
Code quality 2022-05-20 08:58:02 +02:00
Carlos Quintana
39b5fa50d8
Use is_authenticated 2022-05-20 08:48:01 +02:00
Adrià Casajús
3330625426
Allow mailer to keep in mem mails to validate tests 2022-05-19 12:27:06 +02:00
Carlos Quintana
b4da667a5e
Add TODO for removing the cookie on extension onboarding 2022-05-19 11:49:13 +02:00
Carlos Quintana
e6acff13e5
Send extension setup message if user is logged in 2022-05-19 11:47:22 +02:00
Adrià Casajús
88c60f5387
Allow '7-bit' encoding for Content-Transfer-Encoding 2022-05-18 09:56:30 +02:00
Carlos Quintana
8ac87217d2
Adapt extension setup 2022-05-17 12:22:38 +02:00
Son
41c6e8fd79 add quote 2022-05-16 19:23:24 +02:00
Son
e61bf038be allow to use a different from for send_email() 2022-05-16 19:17:56 +02:00
Adrià Casajús
2adcbf52be
Merge pull request #963 from simple-login/ac-complaints
Handle complaints that have multiple recipients
2022-05-16 10:30:14 +02:00
Adrià Casajús
0da2fd94f1
Set header as a constant 2022-05-16 10:16:42 +02:00
Adrià Casajús
d86a7877a8
Merge pull request #994 from simple-login/remove-admin-notif
no need to notify admin when someone uses a coupon
2022-05-16 10:09:21 +02:00
Son Nguyen Kim
f0263b812e
Merge pull request #986 from simple-login/feature/add-extension-onboarding-pages
Add extension onboarding pages
2022-05-16 09:12:52 +02:00
Carlos Quintana
5fc8245b8b
Remove link to support from test email 2022-05-16 08:27:23 +02:00
Son
54e78786b0 no need to notify admin when someone uses a coupon 2022-05-15 19:57:45 +02:00
Adrià Casajús
3578c61366
Use header 2022-05-13 19:18:20 +02:00
Adrià Casajús
64c67f4429
PR comments 2022-05-13 18:14:21 +02:00
Adrià Casajús
34ad81c7c0
Merge pull request #921 from simple-login/ac-free-no-reverse-alias
Prevent free users from creating reverse-alias
2022-05-13 17:13:48 +02:00
Carlos Quintana
2e62a9f00c
Remove support email from test email 2022-05-13 12:16:55 +02:00
Carlos Quintana
bef71b7be3
Update contact instructions on test_email 2022-05-13 10:55:13 +02:00
Carlos Quintana
933237e73b
Implement "Send me an email" button on final extension onboarding 2022-05-13 08:53:31 +02:00
Carlos Quintana
710f4d0709
Start adding extension onboarding pages 2022-05-13 08:21:35 +02:00
Adrià Casajús
52cd9d2692
Simplify condition 2022-05-12 19:02:06 +02:00
Adrià Casajús
75dd20ebcc
Fix condition 2022-05-12 19:01:04 +02:00
Adrià Casajús
0c896100a4
Update html 2022-05-12 18:46:42 +02:00
Adrià Casajús
bfb1ae6371
PR comments 2022-05-12 18:42:16 +02:00
Adrià Casajús
39b035a123
Added docs 2022-05-12 18:36:12 +02:00
Adrià Casajús
9066116b7e
Simplified method 2022-05-12 18:33:13 +02:00
Adrià Casajús
4d07bc9d31
Moved global flag to config 2022-05-12 18:30:46 +02:00
Adrià Casajús
caff70ea38
Set global config to enable/disable feature 2022-05-12 16:35:51 +02:00
Carlos Quintana
975eacc969
Remove config.SHA1 in favour of build_info.SHA1 2022-05-12 16:26:04 +02:00
Carlos Quintana
9959848d74
Use python version file 2022-05-12 16:21:36 +02:00
Carlos Quintana
c3792dc333
Obtain git information from version file 2022-05-12 16:11:20 +02:00
Adrià Casajús
5dde39eb37
Prevent free users from creating reverse-alias 2022-05-12 13:20:05 +02:00
Son
d2fad44003 create a constant for paddle grace days 2022-05-11 19:03:27 +02:00
Son
2573c68e82 use a grace period of 14 days for paddle subscription 2022-05-11 17:24:52 +02:00
Carlos Quintana
e09d7a2b71
Fix open redirect 2022-05-11 14:50:37 +02:00
Adrià Casajús
48554369bd
Get the mailbox if possible from the email log 2022-05-10 23:34:57 +02:00
Adrià Casajús
d2111d4768
Added doc comments 2022-05-10 18:26:56 +02:00
Adrià Casajús
6c13f7de05
refactored to reduce duplicated codepaths 2022-05-10 18:23:14 +02:00
Adrià Casajús
a2f141d3cc
Get recipient address from the complaint report when possible 2022-05-10 17:54:51 +02:00
Son
44b0aba4f3 fix verp generation 2022-05-10 11:19:25 +02:00
Carlos Quintana
5b60ef1e35
Preserve next_url in oauth login 2022-05-09 12:20:14 +02:00
Son Nguyen Kim
7e00dfddc3
Merge pull request #954 from simple-login/fix-proton-login
allow the code to run without proton partner
2022-05-09 08:25:07 +02:00
Carlos Quintana
c95bfb80a2
Add OAuth hook for checking the status code 2022-05-06 14:41:52 +02:00
Son
b720dfc381 allow the code to run without proton partner 2022-05-05 15:05:39 +02:00
Carlos Quintana
8d4683e59e
Add login with proton 2022-05-05 12:20:55 +02:00
Adrià Casajús
c48247e852
Remove deprecated verp email validation 2022-05-04 16:17:51 +02:00