Merge #3100

3100: Do not block webmail when we have a valid SSO session r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Ensure we do not block webmail when we have a valid SSO session

### Related issue(s)
- close  #3094

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>

core/admin/mailu/internal/views/auth.py

@@ -37,7 +37,7 @@ def nginx_authentication():
     is_valid_user = False
     username = response.headers.get('Auth-User', None)
     if response.headers.get("Auth-User-Exists") == "True":
-        if not is_app_token and utils.limiter.should_rate_limit_user(username, client_ip):
+        if not is_from_webmail and not is_app_token and utils.limiter.should_rate_limit_user(username, client_ip):
             # FIXME could be done before handle_authentication()
             status, code = nginx.get_status(flask.request.headers['Auth-Protocol'], 'ratelimit')
             response = flask.Response()

towncrier/newsfragments/3094.bugfix

@@ -0,0 +1 @@
+Ensure we do not block logins from webmails when there is a valid SSO session