beenull/simple-login
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
4231 commits 48 branches 154 tags 19 MiB
Commit graph

2383 commits

Author SHA1 Message Date
Adrià Casajús 0f91effce9
Only send enum names 2022-04-12 09:34:05 +02:00
Adrià Casajús 9928525cf9
Only send enum name for events intead of the full class.enum 2022-04-12 09:04:57 +02:00
Son Nguyen Kim 7a0fd34823
Merge pull request #886 from simple-login/ac-fix-unauthorized-email 
Do not assume all parts in multipart messages are processed as messages
 2022-04-11 17:54:35 +02:00
Adrià Casajús 2b149747f5
Also track login and register events from the api routes 2022-04-11 16:11:01 +02:00
Adrià Casajús 8da4293305
typo 2022-04-11 16:04:28 +02:00
Adrià Casajús c16fd25b2e
Added fix for parts that are not messages 2022-04-11 15:52:31 +02:00
Adrià Casajús ae8824a356
Revert unwanted changes 2022-04-11 14:20:56 +02:00
Adrià Casajús 7649f6b822
Do not show an error if we receive an unsubscribe from a different address 2022-04-11 14:19:32 +02:00
Adrià Casajús dc59b61fba
Revert changes to pgp_utils 2022-04-11 10:20:02 +02:00
Adrià Casajús f333bb00c5
fix import 2022-04-11 10:19:25 +02:00
Adrià Casajús 60a070731e
Send newrelic events on login and register 2022-04-11 10:18:22 +02:00
Adrià Casajús 7fdd7d7f6a
PR changes 2022-04-11 09:28:57 +02:00
Adrià Casajús 0dbe504329
format 2022-04-08 14:23:59 +02:00
Adrià Casajús 8df6d98522
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase 2022-04-08 11:34:12 +02:00
Adrià Casajús 68e58c0876
Move dmarc management to its own file 2022-04-08 11:28:14 +02:00
Adrià Casajús b128d64563
Moved spamd check to a custom file and cached the result 2022-04-07 19:17:37 +02:00
Adrià Casajús 0e3c46d944
Save original envelope for debugging 2022-04-06 17:31:46 +02:00
Adrià Casajús 8ca1be0166
Apply dmarc policy to the reply phase 2022-04-06 12:51:04 +02:00
Adrià Casajús 451e69a3c4
More rebase fixes 2022-03-30 16:09:17 +02:00
Adrià Casajús dce9e633bf
fix 2022-03-30 16:02:05 +02:00
Adrià Casajús db06ce0ae6
Create signed email addresses for VERP emails 2022-03-30 16:00:02 +02:00
Son 67c2c6afad add warning to email content when dmarc softfail 2022-03-30 19:48:07 +07:00
Son Nguyen Kim 110f2f2f2c
Merge pull request #861 from acasajus/spf-dmarc-backscatter 
Reduce backscatter by checking return-path domain SPF status
 2022-03-30 19:44:39 +07:00
Son Nguyen Kim f7a98bc7d2
Merge pull request #862 from simple-login/ac/sanitize-next 
Properly validate //host.com urls
 2022-03-30 19:40:36 +07:00
Adrià Casajús 83fc8964a8
PR comments 2022-03-30 09:53:35 +02:00
Son Nguyen Kim d561bae7dd
Merge pull request #864 from simple-login/ac/insecure-random 
Replace using random with secrets for security purposes
 2022-03-30 11:49:33 +07:00
Adrià Casajús 1555bc6346
fix test 2022-03-29 21:03:55 +02:00
Adrià Casajús 19e87a7156
More random to secrets 2022-03-29 18:42:28 +02:00
Adrià Casajús b15facb6e4
Use secrets instead of random 2022-03-29 18:40:52 +02:00
Adrià Casajús 97ef5ff765
Fix oauth redirect when clientid is invalid 2022-03-29 18:37:01 +02:00
Adrià Casajús a9e31cff26
Fix tests 2022-03-29 18:34:13 +02:00
Adrià Casajús c5b0f5304e
Format 2022-03-29 18:18:11 +02:00
Adrià Casajús d6df5e0ea0
Add limiters to auth routes 2022-03-29 18:14:13 +02:00
Adrià Casajús e91fd26964
Sanitized missing places 2022-03-29 18:03:18 +02:00
Adrià Casajús fe9161b101
Properly validate //host.com urls when redirecting after receiving a next param 2022-03-29 17:53:00 +02:00
Adrià Casajús 085c166cb2
Replace 5XX with 2XX for return path that fail SPF check 2022-03-29 15:09:10 +02:00
Adrià Casajús 7d36256b7c
Check return-path spf record before bouncing a message 2022-03-29 10:52:11 +02:00
Son 0d7d56c0ea send email when an email is put to quarantine 2022-03-25 18:02:17 +01:00
Son 63b1100a8b log event when there's no dmarc result 2022-03-25 16:19:11 +01:00
Son ce2d2a3b3a fix case where header isn't string 2022-03-25 16:17:58 +01:00
Son 32fd65b69b add more log for alias transfer 2022-03-23 18:33:33 +01:00
Son Nguyen Kim 3d30870395
Merge pull request #849 from acasajus/new/parse-rpamd-headers 
Return 200 on fishy dmarc result
 2022-03-22 17:36:45 +01:00
Son Nguyen Kim 99b05034b0
Merge pull request #843 from acasajus/new/parse-rpamd-headers 
Parse rspamd headers and apply dmarc policy if found.
 2022-03-22 17:13:11 +01:00
Adrià Casajús 517bcb632e
MR changes 2022-03-22 17:02:59 +01:00
Son 5b3688b6df set a domain for message-id 2022-03-22 11:02:02 +01:00
Adrià Casajús 5f831d593a
CamelCase to snake_case 2022-03-21 17:59:43 +01:00
Adrià Casajús 45459d65be
PR comments 2022-03-21 17:43:26 +01:00
Son f554375f23 decode, replace and encode for base64 encoding 2022-03-21 17:29:22 +01:00
Son 1952f368a8 require password to use the api key page 2022-03-21 14:40:47 +01:00
Son 9dc7cff87f add rate limiting for /auth/mfa 2022-03-21 14:23:35 +01:00
Son a662ef4aee remove g.deduct_limit in api auth endpoint 2022-03-21 14:23:20 +01:00
Adrià Casajús 06a1363e92
Updated MR comments 2022-03-21 12:03:11 +01:00
Adrià Casajús cdea0f5ee2
Rename header 2022-03-21 10:43:19 +01:00
Adrià Casajús 44dd06fabf
Added spoofed email test 2022-03-21 10:43:18 +01:00
Adrià Casajús c9cbaeb460
format 2022-03-21 10:43:17 +01:00
Adrià Casajús e8013f8e0c
Initial parse of rpamd extra headers 2022-03-21 10:43:17 +01:00
Son 0931642d11 use 10.0.0.0 network instead of 240.0.0.0 2022-03-20 10:38:58 +01:00
Son fa2f83dbf4 fix and refactor 2022-03-16 10:24:59 +01:00
Son 7e0992b767 add mime version header for transactional email 2022-03-14 19:23:38 +01:00
Son Nguyen Kim 79154378f2
Merge pull request #836 from cquintana92/feature/allow-to-edit-manual-subscription 
Allow to edit manual subscription
 2022-03-14 18:07:07 +01:00
Carlos Quintana ed58e811d1
Allow to edit manual subscription 2022-03-14 16:47:30 +01:00
Adrià Casajús 479a7420cb
Useful time format 2022-03-14 15:40:50 +01:00
Adrià Casajús b463ba8f41
Added filter 2022-03-14 15:33:09 +01:00
Adrià Casajús bf177ac5ba
Remove unused 2022-03-14 15:29:17 +01:00
Adrià Casajús 9b16143e59
Show nicer admin logs 2022-03-14 15:28:53 +01:00
Adrià Casajús 553d8976be
Added extend subscription log 2022-03-14 15:07:51 +01:00
Adrià Casajús 549c6ec7d3
Comment changes 2022-03-11 11:37:14 +01:00
Adrià Casajús 4368fd323f
Less changes 2022-03-10 18:13:33 +01:00
Adrià Casajús d0860cd54d
Merge remote-tracking branch 'origin/master' into new/admin-audit-trail 
* origin/master: (35 commits)
  reduce nb of commit
  show "more" only when a notification has a title. Show either title or message. Use bold font when a notification isn't read
  create a notification when an alias is disabled
  mark a notification as read when user arrives on the notification page
  Use plausible outbound link tracking
  add more log
  fix discover page
  fix
  fix "local variable 'alias_id' referenced before assignment"
  make sure to close session in monitoring
  use Date instead of date for header value
  lessen alias automatic disable check
  refactor
  return the block reason in should_disable()
  add adhoc upgrade on admin
  add extend subscription for 1 month to admin
  disable edition on admin
  comment out some admin pages
  fix migration
  fix duplicated stats
  ...
 2022-03-10 18:10:13 +01:00
Adrià Casajús 733efc387c
Updated admin view 2022-03-10 17:49:30 +01:00
Adrià Casajús 98c942d84a
Added admin log view 2022-03-10 17:32:35 +01:00
Adrià Casajús bc82bab1eb
Added alembic migration 2022-03-10 16:37:21 +01:00
Adrià Casajús 1d15af53b7
Add an audit log for the admin panel 2022-03-10 16:13:31 +01:00
Son 0e3a5c3d3c mark a notification as read when user arrives on the notification page 2022-03-09 17:58:26 +01:00
Son 6f80edfd64 fix discover page 2022-03-08 16:38:03 +01:00
Son a64a70cbc8 use Date instead of date for header value 2022-03-07 15:57:29 +01:00
Son 350f498b94 lessen alias automatic disable check 2022-03-07 15:50:58 +01:00
Son 71136669e9 return the block reason in should_disable() 2022-03-07 15:44:27 +01:00
Son f7ba3873d0 add adhoc upgrade on admin 2022-03-02 19:05:17 +01:00
Son 52a911f9d3 add extend subscription for 1 month to admin 2022-03-02 19:04:45 +01:00
Son b2d8f5a017 disable edition on admin 2022-03-02 19:04:30 +01:00
Son 627b2e56d9 comment out some admin pages 2022-02-28 16:40:07 +01:00
Son Nguyen Kim 6a520e110c
Merge pull request #816 from simple-login/feature/include-sender-in-header 
Feature/include sender in header
 2022-02-28 09:24:18 +01:00
Son 205d8d7d3f add index for Alias custom_domain_id and directory_id columns 2022-02-26 17:51:50 +01:00
Son 4faf0d7636 optimize dashboard page: load custom domain using joinedload() instead of explicit join 2022-02-26 17:34:53 +01:00
Son Nguyen Kim 7df93c2ee5
Merge pull request #813 from cquintana92/feature/make-nameservers-configurable 
Make nameservers configurable
 2022-02-25 12:29:50 +01:00
Son 007aa56551 user can turn on/off the including sender in header option 2022-02-25 12:24:54 +01:00
Son 51598ada02 add User.include_header_email_header column 2022-02-25 12:24:54 +01:00
Carlos Quintana e9dd73e99b
Replace env by os.environ.get 2022-02-25 11:19:49 +01:00
Adrià Casajús 01cc65bdca
Allow to have lower priority MX servers 2022-02-24 17:23:45 +01:00
Carlos Quintana 8f339923f8
Make nameservers configurable 2022-02-24 15:05:05 +01:00
Son 7da06ba424 return 422 if account not activated 2022-02-22 22:12:36 +01:00
Son Nguyen Kim e9d134fe8f
Merge pull request #784 from FozzieHi/fix-testing-warnings 
Fix deprecation warnings.
 2022-02-21 17:12:36 +01:00
Son Nguyen Kim e55c3a155b
Merge pull request #803 from acasajus/fix/sentry-APP-ZP 
Only allow authenticated and enabled users to accept a OAuth post request
 2022-02-21 17:11:53 +01:00
Adrià Casajús 4b13d5a28c
Fix test 2022-02-21 16:03:39 +01:00
Son Nguyen Kim 7d008228e3
Merge pull request #811 from cquintana92/feature/ignore-or-reject-for-blocked-contacts 
Allow to configure ignore or reject response for blocked contacts
 2022-02-21 15:55:48 +01:00
Son Nguyen Kim bfcd75bdea
Merge pull request #801 from acasajus/new/no-reply 
Send support questions to the support ticket page
 2022-02-21 15:07:27 +01:00
Carlos Quintana ee9170bb17
Allow to configure ignore or reject response for blocked contacts 2022-02-21 12:52:21 +01:00
Adrià Casajús 33163660f7
PR comments 2022-02-21 12:30:26 +01:00
Adrià Casajús 3e983e3557
Only allow authenticated and enabled users to accept a OAuth post request 2022-02-17 17:25:04 +01:00