Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,601 Commits 53 Branches 185 Tags 42 MiB
Commit Graph

2588 Commits

Author SHA1 Message Date
Adrià Casajús b5aff490ef
Store session in redis if redis is enabled (#1288) 
* Store sesions in redis to prevent saving old cookies

* Format

* Rename sid to session_id

* Logout session completely

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-09-21 11:11:17 +02:00
Adrià Casajús 9c86e1a820
Fix: Use email directly for DomainDeletedAlias (#1273) 
* Fix: Use email directly for DomainDeletedAlias

* Add handling for reply phase

* Use the first mailbox of the domain for deleted domain aliase

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-09-08 14:54:32 +02:00
Son Nguyen Kim 753a28e886
handle case msg is string in replace() (#1271) 
should fix https://sentry.io/organizations/simplelogin/issues/3563106404/?alert_rule_id=2478639&alert_timestamp=1662404226476&alert_type=email&environment=production&project=1868546&referrer=alert_email
 2022-09-07 10:22:11 +02:00
Son Nguyen Kim 6595d34276
shouldn't count processed batch import (#1268) 2022-09-05 15:38:12 +02:00
Son Nguyen Kim 192d03fd68
make sure sl_formataddr always return str (#1269) 2022-09-05 15:38:04 +02:00
Son Nguyen Kim 313a928070
Create sl_formataddr to handle unicode for built-in formataddr (#1265) 
* Create sl_formataddr to handle unicode for built-in formataddr

* fix circular import
 2022-09-05 08:40:24 +02:00
Son Nguyen Kim cea139b7d5
Improve handling when pgp key is invalid (#1264) 
* remove unused email statuses

* add more logging

* use text_header if html_header not set

* improve email

* add a header about PGP failure when forward emails can't be encrypted

* remove unused email status
 2022-09-02 11:47:04 +02:00
Son Nguyen Kim 25773448c2
admin can go directly to paddle (#1263) 2022-09-02 10:39:53 +02:00
Son Nguyen Kim f69c9583fb
fix proton partner error when self host (#1255) 
* fix proton partner error when self host

* fix test

* fix test

* remove a@b.c
 2022-09-01 14:59:16 +02:00
Son Nguyen Kim 9eacd980ef
include_sender_in_reverse_alias set to true for new users (#1244) 2022-08-23 11:24:49 +02:00
Carlos Quintana ba06852dc2
Do not crash if action is unknown (#1231) 2022-08-12 15:02:00 +02:00
Carlos Quintana 7eb44a5947
Fixes for connect with proton on mobile (#1230) 
* Fixes for connect with proton on mobile

* Added a test

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-08-12 13:17:21 +02:00
Carlos Quintana 596dd0b1ee
Support next with Proton Link (#1226) 
* Support next with Proton Link

* Add support for double next

* Fix bug on account relink
 2022-08-11 10:38:44 +02:00
Adrià Casajús 3a75686898
Generate a web session from an api key (#1224) 
* Create a token to exchange for a cookie

* Added Route to exchange token for cookie

* add missing migration



Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-08-10 18:48:32 +02:00
Carlos Quintana a9549c11d7
Rate limiting depending on user authenticated status (#1221) 
* Rate limiting depending on user authenticated status

* Update app/extensions.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Add rate_limiting tests

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
 2022-08-09 14:57:21 +02:00
Son Nguyen Kim a88a8ff2be
add more logging (#1223) 2022-08-09 10:01:55 +02:00
Son Nguyen Kim 6c6deedf47
Stop paddle sub (#1216) 
* admin can stop a paddle sub

* show admin menu if user is admin
 2022-08-04 09:20:07 +02:00
Son Nguyen Kim d72226aa19
show proton sub info on admin (#1207) 2022-08-01 20:49:05 +02:00
Carlos Quintana a04152a37f
Do not allow SVG image uploads (#1198) 2022-07-29 08:52:51 +02:00
Adrià Casajús 25fde11a86
Refactor alias suffix (#1194) 
* Extract suffix generation and validation to a module

* Updated tests

* Make custom alias use signed suffixes

* Added the signature check to the module

* Fix invalid route

* Move more suffix related stuff

* Fix tests

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-27 17:40:22 +02:00
Adrià Casajús bd044304f0
Added rate limit to resend activation email (#1192) 
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-26 14:57:26 +02:00
Adrià Casajús f4c5198055
Remove ResetCodes after email change (#1191) 
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-26 14:43:31 +02:00
Son Nguyen Kim 97805173cb
remove envs used for proton beta link (#1189) 
* remove envs used for proton beta link

* remove is_connect_with_proton_enabled()
 2022-07-26 12:38:18 +02:00
Carlos Quintana 827e3a1acb
Implement mode for Login with Proton (#1186) 2022-07-26 09:55:24 +02:00
Son Nguyen Kim 6322e03996
admin can manage newsletter and test sending it (#1177) 
* admin can manage newsletter and test sending it

* add comments

* comment

* doc

* not userID not specified, send the newsletter to current user

* automatically match textarea height to content when editing newsletter

* increase text height and limit img size to 100% in email template

* admin can send newsletter to a specific address
 2022-07-22 11:24:53 +02:00
Carlos Quintana 7db3ec246e
Mitigate open redirect with OAuth (#1176) 
* Mitigate open redirect with OAuth

* Fix tests
 2022-07-21 14:23:08 +02:00
Adrià Casajús 3fa9db9bb7
Change default unsub behaviour to disable alias by default (#1174) 
* Change default unsub behaviour to disable alias by default

* Alter default valut for unsub_behaviouur

* Added comments to the migration

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-20 11:57:34 +02:00
Adrià Casajús 06c1c7f2f7
Restrict the number of free alias for new free users (#1155) 
* Restrict the number of free alias for new free users

* Fix test

* Make flag reverse

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-20 11:09:22 +02:00
Adrià Casajús f3d47a1eaa
Allow users to keep the original unsub behaviour (#1148) 
* Feature: Preserve original unsubscribe request

* Updated tests

* Updated settings

* PR comments

* reduced prefix length

* Include migrate users for new unsub behaviour

* PR comments

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-19 17:25:21 +02:00
Adrià Casajús afb2ab3758
Allow to configure mem storage from config (#1166) 
* Allow to configure memory storage from config

* format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-19 08:25:59 +02:00
Son Nguyen Kim 36547bd82d
Update wording (#1163) 
* rename file

* update wording when adding mailbox

* rename
 2022-07-17 15:02:17 +02:00
Adrià Casajús 2837350204
Limit amount of imports (#1161) 
* Limit amount of imports

* Review suggestions

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-16 18:17:15 +02:00
Adrià Casajús bcd4383e05
Sanitize the highlight contact id (#1160) 
* Sanitize also parameter

* Formatting

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-15 17:48:42 +02:00
Adrià Casajús 67be5ba050
Enforce int params in routes (#1159) 
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-15 17:10:00 +02:00
Son Nguyen Kim f367acbeaf
Add next bill date on admin UI (#1154) 
* add subscription next bill date on admin

* small refactor: remove unused param
 2022-07-12 18:17:39 +02:00
Adrià Casajús f75bdd006a
Fix: Allow internal link independent of enable log in with proton (#1151) 
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-11 09:41:20 +02:00
Adrià Casajús 82d0f44cab
Fix: Check if required session headers exist (#1145) 
* Check session keys exist

* Update message

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-05 22:26:48 +02:00
Adrià Casajús 494005eaa5
Fix: Add weird encodings to the list (#1146) 
(cherry picked from commit cfed4061e7bf3e34c52518b905065055acb8858e)

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-05 12:19:14 +02:00
Carlos Quintana 38d305da23
Bypass 2FA if Login with Proton (#1142) 
* Bypass 2FA if Login with Proton

* Fix formatting of template
 2022-07-04 16:24:49 +02:00
Adrià Casajús c2bb6488e4
Allow to login with proton to enter sudo mode (#1141) 
* Allow to login with proton to enter sudo mode

* Updated wording

* lint

* Only enabled if the user has the account linked

* Add exit-sudo route for tests

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-04 16:09:36 +02:00
Carlos Quintana e2f9ea4ae1
Capture exception on Login with Proton (#1140) 2022-07-04 15:40:17 +02:00
Son Nguyen Kim 6d86e64d65
show msg on /internal/integrations/proton (#1139) 
* show msg on /internal/integrations/proton

* highlight the connect with Proton section

* djlint
 2022-07-04 15:39:12 +02:00
Adrià Casajús 38c9138cdb
Fix: When logging with parter create accounts with lowercase emails (#1137) 
* Fix: When logging with parter create accounts with lowercase emails

* Sanitize emails instead of just lowercase them

* linting

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-04 11:51:43 +02:00
Son Nguyen Kim 66a2152ea3
Compute Proton metrics (#1135) 
* compute nb_proton_premium

* compute nb_proton_user
 2022-07-04 11:40:29 +02:00
Son Nguyen Kim 02b39f98b7
fix cron job (#1134) 2022-07-04 11:05:42 +02:00
Son Nguyen Kim 8799691f99
allow admin to disable spoofing check on an alias (#1133) 2022-07-04 11:05:13 +02:00
Adrià Casajús aabcc8e72a
Feature: Add delete account route for the api (#1132) 
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-02 16:45:58 +02:00
Adrià Casajús 88dd07e48d
Feature: Use new job status to retry killed jobs (#1130) 
* Feature: Use new job status to retry killed jobs

* Set attermpts and time via config

* Update timing condition

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-07-01 11:14:53 +02:00
Adrià Casajús 8b89a428e0
Fix: clear next in the session before triggering a login (#1129) 
* Fix: clear next in the session before triggering a login

* Format

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-30 15:41:50 +02:00
Adrià Casajús 21feced342
Refactor unsubscribe handling (#1090) 
* Refactor unsubscribe email handling

* MR comments

* Moved all unsub logic to the encoder

* remove unused

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-30 11:40:01 +02:00
Carlos Quintana d06470a3c6
Activate users created with account link (#1124) 2022-06-29 16:55:20 +02:00
Carlos Quintana 9abb8aa47f
Validate user uploaded image (#1123) 
* Validate user uploaded image

* Fix test/data path detection
 2022-06-29 15:04:55 +02:00
Son Nguyen Kim f6a7ee981a
do not send double subscription email (#1118) 
* do not send double subscription email

* remove unused import

* remove unused test
 2022-06-28 17:51:44 +02:00
Son Nguyen Kim 75c710a6ab
small refactoring (#1120) 2022-06-28 17:21:23 +02:00
Adrià Casajús aac493ad2f
Update docs and error message for sudo route (#1117) 
* Update docs and error message for sudo route

* Fix

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-28 14:40:06 +02:00
Carlos Quintana 07b7f40371
Fix prompt user to upgrade to proton account (#1116) 2022-06-28 12:36:21 +02:00
Son Nguyen Kim 89062edc06
show cancel status in "Current plan" section (#1114) 
* show cancel status in "Current plan" section

* do not show upgrade button for canceled paddle sub
 2022-06-28 11:58:04 +02:00
Carlos Quintana dd0598a4dd
Send welcome email when user created by login with proton (#1115) 
* Send welcome email when user created by login with proton

* Add dedicated test to user.created_by_partner
 2022-06-28 11:57:21 +02:00
Adrià Casajús 5fa41d6ccf
Add state management to job (#1113) 
* Add state management to job

* Add migration

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-28 09:22:48 +02:00
Carlos Quintana 686f4f3f68
Always check redirect_uri for oauth (#1111) 
* Always check redirect_uri for oauth

* Fix OAuth tests
 2022-06-27 13:20:18 +02:00
Carlos Quintana f58c4a9a50
Show premium subscription managed by partner (#1112) 2022-06-27 13:17:30 +02:00
Adrià Casajús de31e6d072
Allow to set sudo mode for api requests (#1108) 
* Allow to set sudo mode for api requests

* Rebase migration on top of master

* PR comments

* Added missing migration

* Removed unused import

* Apply suggestions from code review

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-23 14:26:36 +02:00
Adrià Casajús 9cc9d38dce
Propose upgrade proton account for proton partner users without paid mail plan (#1106) 
* Propose upgrade proton account for proton partner users without paid mail plan

* Reformat js

* Initial display via jinja

* tweak ui: add a ---OR--- separator

* use collapse to show SL upgrade option

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son <nguyenkims@users.noreply.github.com>
 2022-06-23 12:26:02 +02:00
Son Nguyen Kim 09cec0cdec
allow to hide some public domains and set their order (#1107) 2022-06-22 18:21:19 +02:00
Adrià Casajús 99ce10a1bc
Send email to users with a subscription and a partner plan upgrade (#1101) 
* Send email to users with a subscription and a partner plan upgrade

* Update double-subscription-partner.html

* Update double-subscription-partner.txt.jinja2

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son Nguyen Kim <nguyenkims@users.noreply.github.com>
 2022-06-20 14:34:20 +02:00
Adrià Casajús fbb59a1531
Send welcome mail to proton created users (#1099) 
* Send welcome mail to proton created users

* Skip import

* Use new logo

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-20 11:36:16 +02:00
Carlos Quintana 5ee5e386e5
Allow to create users from partner (#1095) 
* Allow to create users from partner

* Fix tests

* Update tests/test_account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Fix lint

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
 2022-06-16 10:25:50 +02:00
Carlos Quintana ba6c5f93ac
Add extension_redirect endpoint (#1093) 
* Add extension_redirect endpoint

* Add test for extension_redirect
 2022-06-16 09:56:00 +02:00
Carlos Quintana 332fcb27d9
Fix double backslash open redirect (#1096) 2022-06-16 09:55:08 +02:00
Carlos Quintana 58990ec762
Hide proton integration behind cookie (#1092) 
* Hide proton integration behind cookie

* Make cookie name configurable via config
 2022-06-15 15:42:41 +02:00
Carlos Quintana 3b47e79fae
Emit events on proton actions (#1089) 
* Emit events on proton actions

* Update app/account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Update app/account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
 2022-06-15 08:24:11 +02:00
Carlos Quintana cf5ff6fa23
Allow extra headers on proton connection (#1087) 2022-06-14 10:29:18 +02:00
Son Nguyen Kim 39aeb81f9a
add dkim signature for export data email (#1083) 
* add dkim signature for export data email

* fix
 2022-06-14 10:08:04 +02:00
Son Nguyen Kim 83d58c7bca
handle case empty latest_receipt_info (#1081) 2022-06-13 12:42:56 +02:00
Adrià Casajús efa534fd3e
Store transfer tokens hashed in the db and only allow them to be valid for 24 hours (#1080) 
* Store transfer tokens hashed in the db and only allow them to be valid for 30 mins

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-13 12:41:47 +02:00
Carlos Quintana 56ec95bc93
Fix proton integration issues (#1071) 
* Fix proton integration issues

* Make external_user_id non nullable

* Fix tests
 2022-06-10 16:21:56 +02:00
Son Nguyen Kim a0a92a7562
require user password before transferring an alias (#1070) 2022-06-10 15:50:44 +02:00
Son Nguyen Kim 0afd414a66
use responseBody.Latest_receipt_info and not responseBody.Receipt.In_app (#1066) 
https://developer.apple.com/documentation/appstorereceipts/responsebody/receipt/in_app
 2022-06-10 15:50:09 +02:00
Adrià Casajús a9a44c378a
Do not report complaints for deleted aliases (#1067) 
* Do not report complaints for deleted aliases

* revert reorder

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-10 15:44:59 +02:00
Carlos Quintana c0fe10def6
Raise proper exception on account already linked error (#1069) 
* Raise proper exception on account already linked error

* Update app/account_linking.py

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>

* Fix FMT

Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
 2022-06-10 12:23:04 +02:00
Carlos Quintana c0a4c44e94
Separate code for proton callback handler (#1040) 
* Separate code for proton callback handler

* Upgrade migration

* Use simple_login endpoint from Proton API

* Remove unused classes

* Rename Dto class to Data

* Push rename

* Moved link to PartnerUser to allow subscriptions to depend only on it

* Fix test

* PR comments

* Add unique user_id constraint to PartnerUser

* Added more logs

* Added more logs

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-09 10:19:49 +02:00
Adrià Casajús faf67ff338
Add missing rate limits (#1065) 
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-06-08 17:36:03 +02:00
Son Nguyen Kim 9cf2f44166
only allow to copy the api key when it is created (#1059) 
* show api key created time

* only allow user to copy the api key when it is created

* typo
 2022-06-08 10:31:58 +02:00
Adrià Casajús e688f04d6b
Send full user report asynchronously on request (#1029) 
* Send full user report asynchronously

* Fix test

* Filter some fields before exporting

* Fix: Domain -> CustomDomain

* format settings html

* not include RefusedEmail as they are not usable by user and are automatically deleted

* send the export to the user email

* change email and setting wording

* fix user can only export data once

* remove alias export section

* remove unused import

* fix flake8

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
Co-authored-by: Son <nguyenkims@users.noreply.github.com>
 2022-06-07 10:45:04 +02:00
Carlos Quintana dba56f0dae
Store hmaced partner api tokens (#1028) 
* Store hmaced partner api tokens

* MR comments
 2022-06-02 11:24:04 +02:00
Adrià Casajús 7ba9bcb9e2
Save unsent emails to disk to be resent later (#1022) 
* Initial save to disk

* Store unsent messages to disk so they can be retried later

* Set back not sending emails

* Fixed decorator

* Add general exceptions to the catchall

* Have dummy server just to make sure

* Added several server test cases

* ADded tests for bounced and error status

* Moved dir creation to config parse time

* Set LOG.e

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
 2022-05-30 11:52:10 +02:00
Son Nguyen Kim f14e003a38
Merge pull request #1021 from simple-login/ac-verp-unpack 
Fix: check if verp return is None before unpack
 2022-05-24 08:11:23 +02:00
Adrià Casajús 2b8f7139b8
Fix: check if verp return is None before unpack 2022-05-24 07:54:07 +02:00
Adrià Casajús 687b51be0f
Merge pull request #1019 from simple-login/feature/proton-callback-receive-partner_id-as-param 
Receive partner as param in ProtonCallbackHandler
 2022-05-23 16:49:34 +02:00
Carlos Quintana 5ab943e12c
Remove get_proton_partner_id function 2022-05-23 16:43:06 +02:00
Carlos Quintana 8c6c144ba2
Fix global Partner instance 2022-05-23 16:38:50 +02:00
Carlos Quintana 0064729ca7
Update app/proton/proton_callback_handler.py 
Co-authored-by: Adrià Casajús <acasajus@users.noreply.github.com>
 2022-05-23 16:22:23 +02:00
Carlos Quintana ed9d2ed816
Receive partner as param in ProtonCallbackHandler 2022-05-23 16:11:58 +02:00
Adrià Casajús b26d04e82c
Merge pull request #1017 from simple-login/remove-flask-sqlalchemy 
remove flask-sqlalchemy and upgrade sqlalchemy from 1.3.19 to 1.3.24
 2022-05-23 15:26:03 +02:00
Son 631254a1cd redirect user to dashboard instead of the account activation page for now 2022-05-23 14:44:24 +02:00
Son 3897d723ea remove flask-sqlalchemy and upgrade sqlalchemy from 1.3.19 to 1.3.24 2022-05-23 14:41:06 +02:00
Son e5f23e3517 make sure to only send test emails to user's alias 2022-05-20 18:15:54 +02:00
Son 0f9232eeeb improve wording 2022-05-20 18:05:05 +02:00
Son 9ba5464bc9 allow to create reverse alias for NOREPLY 2022-05-20 17:59:41 +02:00
Son Nguyen Kim a90e880b24
Merge pull request #1010 from simple-login/fix-upgrade 
do not show upgrade button for lifetime user
 2022-05-20 15:16:38 +02:00