Son NK
809a50f7d1
Handle out-of-office email during forward phase
2021-05-30 19:58:08 +02:00
nicoo
586654e08e
app.pw_models: Refactor, use constant-time equality
2021-05-29 17:42:46 +02:00
Son NK
28285f28ac
Add index for AliasHibp
2021-05-28 19:59:26 +02:00
Son NK
c890bfb073
increase HIBP sleep time to have some marges
2021-05-28 17:47:54 +02:00
Son NK
1750ad45d5
fix message logging
2021-05-28 17:46:52 +02:00
Son NK
aa667851e9
log user-agent in deprecated endpoint
2021-05-28 17:46:34 +02:00
nicoo
ecd74b801b
app.pw_models: Use unicode normalization
...
Per NIST [SP800-63B, §5.1.1.2] Memorized Secret Verifiers :
> the verifier SHOULD apply the Normalization Process for
> Stabilized Strings using either the NFKC or NFKD normalization
This is necessary for Unicode passwords to work reliably.
ASCII-only passwords aren't affected.
[SP800-63B, §5.1.1.2]: https://pages.nist.gov/800-63-3/sp800-63b.html#-5112-memorized-secret-verifiers
2021-05-27 22:16:07 +02:00
nicoo
d216812f14
tests/api/auth: Use a pw showing Unicode issues
2021-05-27 22:16:07 +02:00
devStorm
e6192ece01
style
2021-05-26 22:34:50 -07:00
Raymond Nook
258d505cbf
Merge branch 'master' into master
2021-05-26 22:33:20 -07:00
devStorm
f7bef3941a
replace random_word with get_suffix(user)
2021-05-26 22:30:12 -07:00
nicoo
f5f4d46aa4
tests/api/test_auth_login: Refactor
...
Have a single “login success” test, for both MFA and no-MFA cases.
No functional change to the test.
2021-05-26 19:05:26 +02:00
nicoo
52d4d2abdb
app.models: minor refactor (extract pw auth)
2021-05-26 18:18:47 +02:00
Son NK
8cfd5e01dc
add alerts on /alias/custom/new and /v3/alias/options and below
2021-05-25 19:36:45 +02:00
Son NK
99d26a01cb
UI tweak
2021-05-25 18:30:14 +02:00
Son NK
12f3901330
use same footer as landing page
2021-05-25 18:29:55 +02:00
Son NK
388a425cac
Only show pagination control if there are previous/next page
2021-05-25 18:27:06 +02:00
Son NK
b23e3d94fd
make sure AliasHibp has cascade ondelete
2021-05-25 18:14:44 +02:00
Son NK
fb97f384e4
small UI tweak
2021-05-25 17:59:40 +02:00
Son NK
60a1f48e6e
take into account BOUNCE_PREFIX_FOR_REPLY_PHASE when handling bounces
2021-05-25 17:59:40 +02:00
Son NK
73555ad524
generate mail_from during reply phase using BOUNCE_PREFIX_FOR_REPLY_PHASE
2021-05-25 17:59:40 +02:00
Son NK
2f96322977
make sure BOUNCE_PREFIX_FOR_REPLY_PHASE can't be used as directory name or for creating aliases on-the-fly
2021-05-25 17:59:40 +02:00
Son NK
a918cc3670
Add BOUNCE_PREFIX_FOR_REPLY_PHASE
2021-05-25 17:59:40 +02:00
Son Nguyen Kim
8262d3559d
Merge pull request #483 from simple-login/chore/remove-sudo-docker
...
chore: remove sudo in running docker
2021-05-25 16:33:34 +02:00
Son NK
3c6c3f7dbd
add log when creating a new EmailLog
2021-05-24 12:08:30 +02:00
Son NK
159843a923
Add log for sl_sendmail
2021-05-24 12:04:22 +02:00
Son NK
bdec7ff5e4
use info level for case user is deleted in the meantime
2021-05-24 11:10:17 +02:00
doanguyen
4db8a4169e
chore: remove sudo in running docker
...
Running docker in `sudo` mode is considered harmful.
It's recommended to run docker as non-root user to
minimize the security risks.
[0]: https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user
2021-05-22 22:06:47 +02:00
Son NK
ce22e16285
add logging for case reverse alias receiving email from <>
2021-05-22 17:11:32 +02:00
Son NK
ade07f9449
return empty name when name can't be decoded
2021-05-22 16:47:44 +02:00
Son NK
78e3a4bf77
handle the case an alias is deleted in the meantime
2021-05-22 16:36:19 +02:00
Son Nguyen Kim
e911bdf203
Merge pull request #480 from TheLastProject/feature/hibp_direct_link
...
Add direct link to HIBP pwned info
2021-05-21 15:29:46 +02:00
Sylvia van Os
1ee941647f
Add direct link to HIBP pwned info
2021-05-21 12:08:00 +02:00
Son Nguyen Kim
7a1a1d3a01
Merge pull request #479 from TheLastProject/patch-1
...
Update hibp_last_check on succesful HIBP check
2021-05-20 19:07:50 +02:00
Sylvia van Os
6bcaa6453e
Update hibp_last_check on succesful HIBP check
...
Accidentally got rid of this during some refactor
2021-05-20 19:00:11 +02:00
Son NK
14bc4f8872
make sure to only run HIBP check on enabled alias
2021-05-19 16:12:58 +02:00
Son NK
3422bd9aee
fix crontab
2021-05-19 15:38:46 +02:00
Son NK
d4e930c930
Remove nullsfirst as not compatible with sqlite. Add more logging
2021-05-19 12:46:55 +02:00
Son Nguyen Kim
b3f8fd6789
Merge pull request #472 from TheLastProject/feature/hibp
...
Add HIBP checks
2021-05-19 12:37:04 +02:00
Sylvia van Os
40d0dee88f
asyncio-ify
2021-05-18 21:18:07 +02:00
Sylvia van Os
a08b0c05cc
Don't override id
2021-05-17 21:29:29 +02:00
Sylvia van Os
969616d671
Date compare in DB instead of model function
2021-05-17 18:20:35 +02:00
Son NK
33f70914fa
improve PH hello bar
2021-05-17 18:08:57 +02:00
Son Nguyen Kim
c7f6e6cedb
Merge pull request #474 from PeterDaveHello/patch-1
...
Enable nginx config block syntax highlight in README.md
2021-05-17 14:39:11 +02:00
Peter Dave Hello
a9794325cd
Enable nginx config block syntax highlight in README.md
2021-05-17 18:56:38 +08:00
Sylvia van Os
a9c897c6c5
Fix typo
2021-05-16 00:10:04 +02:00
Sylvia van Os
42cfce7ce1
Optimize API requests on multiple API keys
2021-05-15 23:23:59 +02:00
Sylvia van Os
bee468e055
Black
2021-05-15 18:04:50 +02:00
devStorm
4a0fc8380f
variable naming
2021-05-14 11:03:16 -07:00
Sylvia van Os
b3fa445250
Set up HIBP cron (max 1 at a time)
2021-05-14 19:57:57 +02:00