Commit graph

36 commits

Author SHA1 Message Date
Adrià Casajús
71fd5e2241
Reduce rate limit on password forgot route (#1683)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2023-04-06 15:55:37 +02:00
Adrià Casajús
5e48d86efa
Canonicalize emails from google and proton before registering users (#1493)
* Revert "Revert "Use canonical email when registering users (#1458)" (#1474)"

This reverts commit c8ab1c747e.

* Only canonicalize gmail and proton

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-14 11:50:36 +01:00
Adrià Casajús
c8ab1c747e
Revert "Use canonical email when registering users (#1458)" (#1474)
* Revert "Use canonical email when registering users (#1458)"

This reverts commit f728b0175a.

* missing chang

* typo
2022-12-08 10:57:46 +01:00
Adrià Casajús
327b672f24
Set the user name on creation to the original email (#1462)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-01 13:07:36 +01:00
Adrià Casajús
0996378537
Revert "Keep the dirty email after registering (#1459)" (#1460)
This reverts commit 0664e3b80c.

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-12-01 09:19:15 +01:00
Adrià Casajús
0664e3b80c
Keep the dirty email after registering (#1459)
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-30 18:38:48 +01:00
Adrià Casajús
f728b0175a
Use canonical email when registering users (#1458)
* Use canonical email for registration, check both when checking if user exists

* Fix test

* Set pagesize to 100

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-11-30 17:19:55 +01:00
Adrià Casajús
2b149747f5
Also track login and register events from the api routes 2022-04-11 16:11:01 +02:00
Son Nguyen Kim
d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random
Replace using random with secrets for security purposes
2022-03-30 11:49:33 +07:00
Adrià Casajús
b15facb6e4
Use secrets instead of random 2022-03-29 18:40:52 +02:00
Adrià Casajús
c5b0f5304e
Format 2022-03-29 18:18:11 +02:00
Adrià Casajús
d6df5e0ea0
Add limiters to auth routes 2022-03-29 18:14:13 +02:00
Son
a662ef4aee remove g.deduct_limit in api auth endpoint 2022-03-21 14:23:20 +01:00
Son
7da06ba424 return 422 if account not activated 2022-02-22 22:12:36 +01:00
Son
5b62f5a745 add rate limit to /auth/register 2022-02-07 18:45:41 +01:00
Son
f439e39580 cache smtp server and remove POSTFIX_PORT_FORWARD 2021-12-29 16:26:37 +01:00
Son
abc074ea9b make sure password can't be longer than 100 chars 2021-11-16 19:41:05 +01:00
Son
fbb1451352 rename file 2021-11-02 11:43:04 +01:00
Son
372466ab06 do not use flask-sqlalchemy
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Son Nguyen Kim
5ac78f2694 reformat 2021-09-08 11:29:55 +02:00
Son NK
d5de99afe9 Restore /alias/custom/new as currently used by safari 2021-03-31 14:41:32 +02:00
Son NK
e9adb3270d use sanitize_email instead of .lower().strip().replace(" ", "") 2021-01-11 12:29:40 +01:00
Son NK
ef7fae32b1 remove the "Hi {name}" from email template 2021-01-11 10:23:34 +01:00
Renaud Boyer
f2f13958c7 linting 2020-12-06 22:11:22 +01:00
Son NK
90163220cf rename email_domain_can_be_used_as_mailbox -> email_can_be_used_as_mailbox 2020-10-15 16:05:47 +02:00
Son NK
7e425c0338 disable login if user is disabled 2020-10-04 12:49:43 +02:00
Son NK
5b3ec91300 login user in api auth endpoints 2020-07-04 10:39:38 +02:00
Son NK
774ffcae3b enable CORS on /api endpoints 2020-06-24 10:30:01 +02:00
Son NK
0002531bc0 return user email in /api/auth/login 2020-06-09 17:19:03 +02:00
Sibren Vasse
31a1f94a5f Implement rate limiting 2020-05-25 11:39:33 +02:00
Son NK
7ed77a66b2 format 2020-05-15 23:18:42 +02:00
Son NK
2978bfb281 Fix user cannot change personal email back and better naming.
Happens when user
- changes their personal email
- wants to change back: they can't as this email is already used as mailbox
2020-05-15 23:18:30 +02:00
Son NK
e68eab44b0 allow user who has TOTP enabled to continue using the mobile app 2020-05-08 20:23:13 +02:00
Son NK
f929f23acc return 403 if user enables FIDO 2020-05-07 21:54:36 +02:00
Son NK
3c9e6fc991 make sure to strip and lower email in input 2020-04-15 21:12:45 +02:00
Son NK
4789e439db rename auth_login to auth 2020-04-09 20:31:53 +02:00
Renamed from app/api/views/auth_login.py (Browse further)