Compare commits
7 Commits
f5e2085b05
...
08a4b04410
Author | SHA1 | Date |
---|---|---|
Geri680 | 08a4b04410 | |
Adrià Casajús | 015036b499 | |
Son Nguyen Kim | d5df91aab6 | |
Adrià Casajús | 2eb5feaa8f | |
Geri680 | 9d2bdf2c88 | |
Geri680 | 86efbbbe50 | |
Geri680 | f5ad45b9db |
|
@ -68,6 +68,12 @@ For most tests, you will need to have ``redis`` installed and started on your ma
|
|||
sh scripts/run-test.sh
|
||||
```
|
||||
|
||||
You can also run tests using a local Postgres DB to speed things up. This can be done by
|
||||
|
||||
- creating an empty test DB and running the database migration by `dropdb test && createdb test && DB_URI=postgresql://localhost:5432/test alembic upgrade head`
|
||||
|
||||
- replacing the `DB_URI` in `test.env` file by `DB_URI=postgresql://localhost:5432/test`
|
||||
|
||||
## Run the code locally
|
||||
|
||||
Install npm packages
|
||||
|
|
|
@ -308,28 +308,29 @@ def delete_alias(alias: Alias, user: User):
|
|||
Delete an alias and add it to either global or domain trash
|
||||
Should be used instead of Alias.delete, DomainDeletedAlias.create, DeletedAlias.create
|
||||
"""
|
||||
# save deleted alias to either global or domain trash
|
||||
LOG.i(f"User {user} has deleted alias {alias}")
|
||||
# save deleted alias to either global or domain tra
|
||||
if alias.custom_domain_id:
|
||||
if not DomainDeletedAlias.get_by(
|
||||
email=alias.email, domain_id=alias.custom_domain_id
|
||||
):
|
||||
LOG.d("add %s to domain %s trash", alias, alias.custom_domain_id)
|
||||
Session.add(
|
||||
DomainDeletedAlias(
|
||||
user_id=user.id,
|
||||
email=alias.email,
|
||||
domain_id=alias.custom_domain_id,
|
||||
)
|
||||
domain_deleted_alias = DomainDeletedAlias(
|
||||
user_id=user.id,
|
||||
email=alias.email,
|
||||
domain_id=alias.custom_domain_id,
|
||||
)
|
||||
Session.add(domain_deleted_alias)
|
||||
Session.commit()
|
||||
|
||||
LOG.i(
|
||||
f"Moving {alias} to domain {alias.custom_domain_id} trash {domain_deleted_alias}"
|
||||
)
|
||||
else:
|
||||
if not DeletedAlias.get_by(email=alias.email):
|
||||
LOG.d("add %s to global trash", alias)
|
||||
Session.add(DeletedAlias(email=alias.email))
|
||||
deleted_alias = DeletedAlias(email=alias.email)
|
||||
Session.add(deleted_alias)
|
||||
Session.commit()
|
||||
LOG.i(f"Moving {alias} to global trash {deleted_alias}")
|
||||
|
||||
LOG.i("delete alias %s", alias)
|
||||
Alias.filter(Alias.id == alias.id).delete()
|
||||
Session.commit()
|
||||
|
||||
|
|
|
@ -3,11 +3,13 @@ from flask_login import login_user
|
|||
|
||||
from app.auth.base import auth_bp
|
||||
from app.db import Session
|
||||
from app.extensions import limiter
|
||||
from app.log import LOG
|
||||
from app.models import EmailChange, ResetPasswordCode
|
||||
|
||||
|
||||
@auth_bp.route("/change_email", methods=["GET", "POST"])
|
||||
@limiter.limit("3/hour")
|
||||
def change_email():
|
||||
code = request.args.get("code")
|
||||
|
||||
|
|
|
@ -14,7 +14,7 @@ from app.models import PartnerUser, SocialAuth
|
|||
from app.proton.utils import get_proton_partner
|
||||
from app.utils import sanitize_next_url
|
||||
|
||||
_SUDO_GAP = 900
|
||||
_SUDO_GAP = 120
|
||||
|
||||
|
||||
class LoginForm(FlaskForm):
|
||||
|
|
|
@ -141,7 +141,7 @@ def index():
|
|||
)
|
||||
|
||||
if request.form.get("form-name") == "delete-alias":
|
||||
LOG.d("delete alias %s", alias)
|
||||
LOG.i(f"User {current_user} requested deletion of alias {alias}")
|
||||
email = alias.email
|
||||
alias_utils.delete_alias(alias, current_user)
|
||||
flash(f"Alias {email} has been deleted", "success")
|
||||
|
|
|
@ -179,8 +179,15 @@ def mailbox_detail_route(mailbox_id):
|
|||
|
||||
elif request.form.get("form-name") == "toggle-pgp":
|
||||
if request.form.get("pgp-enabled") == "on":
|
||||
mailbox.disable_pgp = False
|
||||
flash(f"PGP is enabled on {mailbox.email}", "success")
|
||||
if mailbox.is_proton():
|
||||
mailbox.disable_pgp = True
|
||||
flash(
|
||||
"Enabling PGP for a Proton Mail mailbox is redundant and does not add any security benefit",
|
||||
"info",
|
||||
)
|
||||
else:
|
||||
mailbox.disable_pgp = False
|
||||
flash(f"PGP is enabled on {mailbox.email}", "info")
|
||||
else:
|
||||
mailbox.disable_pgp = True
|
||||
flash(f"PGP is disabled on {mailbox.email}", "info")
|
||||
|
|
|
@ -227,6 +227,21 @@ def setting():
|
|||
Session.commit()
|
||||
flash("Your preference has been updated", "success")
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
elif request.form.get("form-name") == "enable_data_breach_check":
|
||||
if not current_user.is_premium():
|
||||
flash("Only premium plan can enable data breach monitoring", "warning")
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
choose = request.form.get("enable_data_breach_check")
|
||||
if choose == "on":
|
||||
LOG.i("User {current_user} has enabled data breach monitoring")
|
||||
current_user.enable_data_breach_check = True
|
||||
flash("Data breach monitoring is enabled", "success")
|
||||
else:
|
||||
LOG.i("User {current_user} has disabled data breach monitoring")
|
||||
current_user.enable_data_breach_check = False
|
||||
flash("Data breach monitoring is disabled", "info")
|
||||
Session.commit()
|
||||
return redirect(url_for("dashboard.setting"))
|
||||
elif request.form.get("form-name") == "sender-in-ra":
|
||||
choose = request.form.get("enable")
|
||||
if choose == "on":
|
||||
|
|
|
@ -525,6 +525,11 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
|
|||
sa.Boolean, default=True, nullable=False, server_default="1"
|
||||
)
|
||||
|
||||
# user opted in for data breach check
|
||||
enable_data_breach_check = sa.Column(
|
||||
sa.Boolean, default=False, nullable=False, server_default="0"
|
||||
)
|
||||
|
||||
# bitwise flags. Allow for future expansion
|
||||
flags = sa.Column(
|
||||
sa.BigInteger,
|
||||
|
|
|
@ -30,7 +30,9 @@ def check_bucket_limit(
|
|||
try:
|
||||
value = lock_redis.incr(bucket_lock_name, bucket_seconds)
|
||||
if value > max_hits:
|
||||
LOG.i(f"Rate limit hit for {bucket_lock_name} -> {value}/{max_hits}")
|
||||
LOG.i(
|
||||
f"Rate limit hit for {lock_name} (bucket id {bucket_id}) -> {value}/{max_hits}"
|
||||
)
|
||||
newrelic.agent.record_custom_event(
|
||||
"BucketRateLimit",
|
||||
{"lock_name": lock_name, "bucket_seconds": bucket_seconds},
|
||||
|
|
1
cron.py
1
cron.py
|
@ -1070,6 +1070,7 @@ def get_alias_to_check_hibp(
|
|||
Alias.id >= min_alias_id,
|
||||
Alias.id < max_alias_id,
|
||||
User.disabled == False, # noqa: E712
|
||||
User.enable_data_breach_check,
|
||||
or_(
|
||||
User.lifetime,
|
||||
ManualSubscription.end_at > now,
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
"""empty message
|
||||
|
||||
Revision ID: fa2f19bb4e5a
|
||||
Revises: 52510a633d6f
|
||||
Create Date: 2024-04-09 13:12:26.305340
|
||||
|
||||
"""
|
||||
import sqlalchemy_utils
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = 'fa2f19bb4e5a'
|
||||
down_revision = '52510a633d6f'
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
|
||||
def upgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.add_column('users', sa.Column('enable_data_breach_check', sa.Boolean(), server_default='0', nullable=False))
|
||||
# ### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.drop_column('users', 'enable_data_breach_check')
|
||||
# ### end Alembic commands ###
|
|
@ -3,12 +3,20 @@
|
|||
{% block title %}Activation Email Sent{% endblock %}
|
||||
{% block single_content %}
|
||||
|
||||
<div class="card">
|
||||
<div class="card">
|
||||
<div class="card-body p-6 text-center">
|
||||
<h1 class="h4">An email to validate your email is on its way.</h1>
|
||||
<p>Please check your inbox/spam folder.</p>
|
||||
<p>Make sure to mark the message as not spam so that future messages come to your normal inbox</p>
|
||||
<h2><strong>Acceptable Use Policy</strong></h2>
|
||||
<p>Please adhere to the following guidelines to ensure a smooth and secure experience:</p>
|
||||
<p><strong>No Mass Signups</strong></p>
|
||||
<p>Do not use SimpleLogin to create large numbers of accounts on other websites or services</p>
|
||||
<p><strong>No Multiple Free Accounts</strong></p>
|
||||
<p>Do not create multiple free accounts as this is not considered an acceptable use of the service</p>
|
||||
<p><strong>No Marking Emails as Spam</strong></p>
|
||||
<p>Do not mark emails forwarded to you by SimpleLogin as spam</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
{% block script %}<script>plausible('Complete registration')</script>{% endblock %}
|
||||
|
|
|
@ -249,6 +249,42 @@
|
|||
</div>
|
||||
</div>
|
||||
<!-- END Random alias -->
|
||||
<!-- Data breach check -->
|
||||
<div class="card" id="data-breach">
|
||||
<div class="card-body">
|
||||
<div class="card-title">Data breach monitoring</div>
|
||||
<div class="mt-1 mb-3">
|
||||
{% if not current_user.is_premium() %}
|
||||
|
||||
<div class="alert alert-info" role="alert">
|
||||
This feature is only available on Premium plan.
|
||||
<a href="{{ url_for('dashboard.pricing') }}"
|
||||
target="_blank"
|
||||
rel="noopener noreferrer">
|
||||
Upgrade<i class="fe fe-external-link"></i>
|
||||
</a>
|
||||
</div>
|
||||
{% endif %}
|
||||
If enabled, we will inform you via email if one of your aliases appears in a data breach.
|
||||
<br>
|
||||
SimpleLogin uses <a href="https://haveibeenpwned.com/">HaveIBeenPwned</a> API for checking for data breaches.
|
||||
</div>
|
||||
<form method="post" action="#data-breach">
|
||||
{{ csrf_form.csrf_token }}
|
||||
<input type="hidden" name="form-name" value="enable_data_breach_check">
|
||||
<div class="form-check">
|
||||
<input type="checkbox"
|
||||
id="enable_data_breach_check"
|
||||
name="enable_data_breach_check"
|
||||
{% if current_user.enable_data_breach_check %} checked{% endif %}
|
||||
class="form-check-input">
|
||||
<label for="enable_data_breach_check">Enable data breach monitoring</label>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-outline-primary">Update</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<!-- END Data breach check -->
|
||||
<!-- Sender Format -->
|
||||
<div class="card" id="sender-format">
|
||||
<div class="card-body">
|
||||
|
@ -285,7 +321,9 @@
|
|||
No Name (i.e. only reverse-alias)
|
||||
</option>
|
||||
</select>
|
||||
<button class="btn btn-outline-primary mt-3">Update</button>
|
||||
<button class="btn btn-outline-primary mt-3">
|
||||
Update
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -295,7 +333,9 @@
|
|||
<div class="card-body">
|
||||
<div class="card-title">
|
||||
Reverse Alias Replacement
|
||||
<div class="badge badge-warning">Experimental</div>
|
||||
<div class="badge badge-warning">
|
||||
Experimental
|
||||
</div>
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
When replying to a forwarded email, the <b>reverse-alias</b> can be automatically included
|
||||
|
@ -312,9 +352,13 @@
|
|||
name="replace-ra"
|
||||
{% if current_user.replace_reverse_alias %} checked{% endif %}
|
||||
class="form-check-input">
|
||||
<label for="replace-ra">Enable replacing reverse alias</label>
|
||||
<label for="replace-ra">
|
||||
Enable replacing reverse alias
|
||||
</label>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-outline-primary">Update</button>
|
||||
<button type="submit" class="btn btn-outline-primary">
|
||||
Update
|
||||
</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -31,6 +31,7 @@ def test_get_alias_for_free_user_has_no_alias():
|
|||
def test_get_alias_for_lifetime_with_null_hibp_date():
|
||||
user = create_new_user()
|
||||
user.lifetime = True
|
||||
user.enable_data_breach_check = True
|
||||
alias_id = Alias.create_new_random(user).id
|
||||
Session.commit()
|
||||
aliases = list(
|
||||
|
@ -42,6 +43,7 @@ def test_get_alias_for_lifetime_with_null_hibp_date():
|
|||
def test_get_alias_for_lifetime_with_old_hibp_date():
|
||||
user = create_new_user()
|
||||
user.lifetime = True
|
||||
user.enable_data_breach_check = True
|
||||
alias = Alias.create_new_random(user)
|
||||
alias.hibp_last_check = arrow.now().shift(days=-1)
|
||||
alias_id = alias.id
|
||||
|
@ -97,6 +99,7 @@ sub_generator_list = [
|
|||
@pytest.mark.parametrize("sub_generator", sub_generator_list)
|
||||
def test_get_alias_for_sub(sub_generator):
|
||||
user = create_new_user()
|
||||
user.enable_data_breach_check = True
|
||||
sub_generator(user)
|
||||
alias_id = Alias.create_new_random(user).id
|
||||
Session.commit()
|
||||
|
@ -140,3 +143,26 @@ def test_already_checked_is_not_checked():
|
|||
cron.get_alias_to_check_hibp(arrow.now(), [user.id], alias_id, alias_id + 1)
|
||||
)
|
||||
assert len(aliases) == 0
|
||||
|
||||
|
||||
def test_outed_in_user_is_checked():
|
||||
user = create_new_user()
|
||||
user.lifetime = True
|
||||
user.enable_data_breach_check = True
|
||||
alias_id = Alias.create_new_random(user).id
|
||||
Session.commit()
|
||||
aliases = list(
|
||||
cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
|
||||
)
|
||||
assert len(aliases) == 1
|
||||
|
||||
|
||||
def test_outed_out_user_is_not_checked():
|
||||
user = create_new_user()
|
||||
user.lifetime = True
|
||||
alias_id = Alias.create_new_random(user).id
|
||||
Session.commit()
|
||||
aliases = list(
|
||||
cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
|
||||
)
|
||||
assert len(aliases) == 0
|
||||
|
|
Loading…
Reference in New Issue