Do not block webmail when we have a valid SSO sess

2025-01-18 03:21:36 +02:00 · 2023-12-21 12:37:08 +01:00 · 2023-12-21 12:37:08 +01:00 · 325aa5452b
commit 325aa5452b
parent 774dfa4da8
2 changed files with 2 additions and 1 deletions
--- a/core/admin/mailu/internal/views/auth.py
+++ b/core/admin/mailu/internal/views/auth.py
@ -37,7 +37,7 @@ def nginx_authentication():
    is_valid_user = False
    username = response.headers.get('Auth-User', None)
    if response.headers.get("Auth-User-Exists") == "True":
-        if not is_app_token and utils.limiter.should_rate_limit_user(username, client_ip):
+        if not is_from_webmail and not is_app_token and utils.limiter.should_rate_limit_user(username, client_ip):
            # FIXME could be done before handle_authentication()
            status, code = nginx.get_status(flask.request.headers['Auth-Protocol'], 'ratelimit')
            response = flask.Response()
--- a/towncrier/newsfragments/3094.bugfix
+++ b/towncrier/newsfragments/3094.bugfix
@ -0,0 +1 @@
+Ensure we do not block logins from webmails when there is a valid SSO session
				`@ -0,0 +1 @@`
				`Ensure we do not block logins from webmails when there is a valid SSO session`