self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Code Issues Releases Activity

close #2451: prevent an auth-loop on webmails

Browse Source
This commit is contained in:
Florent Daigniere 2022-11-29 13:25:50 +01:00
parent a366116cae
commit 00f07ef533
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/admin/mailu/internal/nginx.py
View File

@ -26,12 +26,14 @@ STATUSES = {
}),
}
WEBMAIL_PORTS = ['10143', '10025']
def check_credentials(user, password, ip, protocol=None, auth_port=None):
if not user or not user.enabled or (protocol == "imap" and not user.enable_imap) or (protocol == "pop3" and not user.enable_pop):
if not user or not user.enabled or (protocol == "imap" and not user.enable_imap and not auth_port in WEBMAIL_PORTS) or (protocol == "pop3" and not user.enable_pop):
return False
is_ok = False
# webmails
if auth_port in ['10143', '10025'] and password.startswith('token-'):
if auth_port in WEBMAIL_PORTS and password.startswith('token-'):
if utils.verify_temp_token(user.get_id(), password):
is_ok = True
# All tokens are 32 characters hex lowercase

1
towncrier/newsfragments/2451.bugfix Normal file
View File

@ -0,0 +1 @@
Fix a bug preventing users without IMAP access to access the webmails