self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-16 10:59:53 +02:00
Code Issues Releases Activity
4,248 Commits 115 Branches 124 Tags 117 MiB
040dd82d3e
Commit Graph

31 Commits

Author SHA1 Message Date
Florent Daigniere
040dd82d3e fix bug 2023-04-04 11:30:59 +02:00
Florent Daigniere
04a2cdab2f Only account for distinct attempts in rate limits 2023-04-01 11:33:02 +02:00
Florent Daigniere
66b7c76836 Doh. Without this email delivery from RELAYNET is broken 2023-02-09 16:04:13 +01:00
Florent Daigniere
e2a25c79fc only account attempts for distinct usernames in ratelimits 2023-02-04 16:36:16 +01:00
hitech95
fc8926493c admin: graceful fail on user fetch in basic auth 
Signed-off-by: hitech95 <nicveronese@gmail.com>
 2022-03-27 13:17:57 +02:00
Alexander Graf
630a4e9b5e
Update auth.py 
Add spaces
 2022-03-18 20:05:16 +01:00
Maximilian Fischer
8775dc5b15 Fixing AUTH_RATELIMIT_IP not working on imap/pop3/smtp 
#2283
 2022-03-17 20:36:23 +01:00
Florent Daigniere
a4ed464170 doh 2022-03-09 19:29:39 +01:00
Florent Daigniere
7bd1fd3489 fix 2145 2022-01-07 09:07:32 +01:00
Florent Daigniere
7f89a29790 Fix 2125 
Make the caller responsible to know whether the rate-limit code should
be called or not
 2022-01-03 13:38:21 +01:00
Florent Daigniere
fe18cf9743 Fix 2080 
Ensure that webmail tokens are in sync with sessions
 2021-12-19 23:24:44 +01:00
Florent Daigniere
f3c93212c6 The Rate-limiter should run after the deny 2021-10-31 19:41:12 +01:00
Dimitri Huisman
44d2448412 Updated SSO logic for webmails. Fixed small bug rate limiting. 2021-10-25 19:21:38 +00:00
Florent Daigniere
98742268e6 Make it more readable 2021-10-16 15:12:20 +02:00
Florent Daigniere
94bbed9746 Ensure we have the right IP 2021-10-16 10:39:43 +02:00
Florent Daigniere
3bda8368e4 simplify the Auth-Status check 2021-10-16 09:39:34 +02:00
Florent Daigniere
2dd9ea1506 simplify 2021-10-16 09:36:49 +02:00
Florent Daigniere
89ea51d570 Implement rate-limits 2021-09-23 18:40:49 +02:00
Dimitri Huisman
169a540692 Use punycode for HTTP header for radicale and create changelog 2021-08-27 08:20:52 +00:00
Dimitri Huisman
4f5cb0974e Make sure HTTP header only contains ASCII 2021-08-26 15:11:35 +00:00
Florent Daigniere
a0dcd46483 fix #1861: Handle colons in passwords 2021-07-14 09:27:00 +02:00
Florent Daigniere
dd3d03f06d Merge remote-tracking branch 'upstream/master' into webmail-sso 2021-03-10 14:41:12 +01:00
Florent Daigniere
df230cb482 Refactor auth under nginx.check_credentials() 2021-03-09 12:05:46 +01:00
Florent Daigniere
eb7895bd1c Don't do more work than necessary (/webdav) 
This is also fixing tokens on /webdav/
 2021-03-09 12:04:42 +01:00
Florent Daigniere
906a051925 Make rainloop use internal auth 2021-02-07 17:50:17 +01:00
kaiyou
8e88f1b8c3 Refactor the rate limiting code 
Rate limiting was already redesigned to use Python limits. This
introduced some unexpected behavior, including the fact that only
one criteria is supported per limiter. Docs and setup utility are
updated with this in mind.

Also, the code was made more generic, so limiters can be delivered
for something else than authentication. Authentication-specific
code was moved directly to the authentication routine.
 2020-02-09 17:38:18 +01:00
Michael Wyraz
bee80b5c64 Remove rate limit reset 2019-12-06 11:02:21 +01:00
Michael Wyraz
889386b4a6 Limiter implementation 2019-12-06 09:35:21 +01:00
kaiyou
087841d5b7 Fix the way we handle the application context 
The init script was pushing an application context, which maked
flask.g global and persisted across requests. This was evaluated
to have a minimal security impact.

This explains/fixes #738: flask_wtf caches the csrf token in the
application context to have a single token per request, and only
sets the session attribute after the first generation.
 2018-12-13 14:23:17 +01:00
kaiyou
fc24426291 First batch of refactoring, using the app factory pattern 2018-10-18 15:57:43 +02:00
kaiyou
42c6bdb4df Split the internal blueprint into multiple view files 2018-09-27 16:09:38 +02:00