1
0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-14 10:53:30 +02:00
Commit Graph

693 Commits

Author SHA1 Message Date
Florent Daigniere
b9e614145f there too 2022-01-21 15:01:23 +01:00
Florent Daigniere
b7fb8c661a switch to new API 2022-01-21 14:54:49 +01:00
Alexander Graf
f809be39bf
supply missing fields argument 2022-01-11 18:53:01 +01:00
Florent Daigniere
7bd1fd3489 fix 2145 2022-01-07 09:07:32 +01:00
Florent Daigniere
98973223fd
reduce TTL to 1d 2022-01-05 11:37:29 +01:00
Florent Daigniere
792893caae change TTL to 1y 2022-01-05 10:41:25 +01:00
Florent Daigniere
671f3e382a Fix 2138: Pin DANE with the full cert 2022-01-05 10:38:27 +01:00
Florent Daigniere
7f89a29790 Fix 2125
Make the caller responsible to know whether the rate-limit code should
be called or not
2022-01-03 13:38:21 +01:00
bors[bot]
3eca813182
Merge #2116
2116: fix 2114: redirect old path r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

Old paths may still be cached in browsers, it's easy enough to redirect them

### Related issue(s)
- close #2114


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-12-30 15:24:51 +00:00
Florent Daigniere
c4675e6e75 fix 2114: redirect old path 2021-12-30 15:29:56 +01:00
Dimitri Huisman
b4d3d4b3c9 Preparations for 1.9 release. 2021-12-29 14:40:45 +00:00
Dimitri Huisman
51d94b8d14 Fix issue 2102 2021-12-22 17:40:51 +00:00
Florent Daigniere
bee6e980e3 doh 2021-12-21 16:23:27 +01:00
Florent Daigniere
58d0faff7f ensure we clear the token on delete() 2021-12-21 15:59:00 +01:00
Florent Daigniere
2b29cfb3f0 fix cleanup_sessions() 2021-12-21 15:55:59 +01:00
Florent Daigniere
f0247a2faf Use self where appropriate 2021-12-21 15:45:05 +01:00
Florent Daigniere
c161a2c987 syntax 2021-12-21 15:42:12 +01:00
bors[bot]
18865bf03b
Merge #2094
2094: Sessions tweaks r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

- Make all sessions permanent, introduce SESSION_TIMEOUT and PERMANENT_SESSION_LIFETIME.
- Prevent the creation of a session before there is a login attempt
- Ensure that webmail tokens are in sync with sessions

### Related issue(s)
- close #2080 

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
2021-12-21 13:08:48 +00:00
Dimitri Huisman
d40be05117 Fix missing edit buttons in alias, relay and fetchmail lists in admin. 2021-12-21 12:10:04 +00:00
Florent Daigniere
a28c7f903e do it once 2021-12-21 09:50:01 +01:00
Dimitri Huisman
f88daa1e77 Add missing cast to int 2021-12-20 21:07:25 +00:00
Florent Daigniere
5f313310d4 regenerate() shouldn't extend lifetime 2021-12-20 09:37:11 +01:00
Florent Daigniere
fe18cf9743 Fix 2080
Ensure that webmail tokens are in sync with sessions
2021-12-19 23:24:44 +01:00
Florent Daigniere
02c93c44f2 Tweak sessions
simplify:
- make all sessions permanent by default
- update the TTL of sessions on access (save always)
- fix session-expiry, modulo 8byte precision
2021-12-19 20:52:51 +01:00
Florent Daigniere
ea96a68eb4 don't create a session if we don't have to 2021-12-19 20:48:29 +01:00
Florent Daigniere
346ace5fb3 Make webmail the default action 2021-12-18 15:38:07 +01:00
Dimitri Huisman
d76773b1df Also check the SMTP port for webmail/token 2021-12-14 14:52:15 +00:00
Dimitri Huisman
f26fa8da84 Fix Webmail token check. Fix Auth-Port for Webmail. #2079 2021-12-14 11:26:33 +00:00
Florent Daigniere
4fffdd95e9 Reduce logging level 2021-12-05 15:07:06 +01:00
Alexander Graf
aa1d605665
Merge remote-tracking branch 'upstream/master' into passlib 2021-11-16 10:21:08 +01:00
Alexander Graf
cf7914d050
fixed field iteration 2021-11-11 16:00:00 +01:00
Alexander Graf
fd5bdc8650
added localized date output 2021-11-11 12:20:52 +01:00
Alexander Graf
0315ed78d9
Merge remote-tracking branch 'upstream/master' into update_deps 2021-11-11 11:49:48 +01:00
bors[bot]
56cbc56df7
Merge #2044
2044: Vault/rspamd: don't return any key for relayed domains r=mergify[bot] a=nextgens

## What type of PR?

enhancement

## What does this PR 

Don't return any key for relayed domains. We may want to revisit this (ARC signing)... but in the meantime it saves from a scary message in rspamd.
    
```signing failure: cannot request data from the vault url: /internal/rspamd/vault/v1/dkim/ ...```


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-11-08 16:01:10 +00:00
bors[bot]
78dd13a217
Merge #2042
2042: Add MESSAGE_RATELIMIT_EXEMPTION r=mergify[bot] a=nextgens

## What type of PR?

Enhancement

## What does this PR do?

Add a new knob called ```MESSAGE_RATELIMIT_EXEMPTION```.

### Related issue(s)
- #1774

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2021-11-08 15:29:50 +00:00
Florent Daigniere
6bf1a178b9 Go with ghostwheel42's suggestion 2021-11-08 09:34:02 +01:00
Florent Daigniere
b68033eb43 only parse it once 2021-11-08 09:23:24 +01:00
Alexander Graf
82e14f1292
Merge branch 'master' into update_deps 2021-11-07 21:25:08 +01:00
Florent Daigniere
dc6e970a7f handle HTTP too 2021-11-07 12:41:29 +01:00
Florent Daigniere
bbef4bee27 Don't return any key for relayed domains
We may want to revisit this (ARC signing)... but in the meantime
it saves from a scary message in rspamd

signing failure: cannot request data from the vault url: /internal/rspamd/vault/v1/dkim/ ...
2021-11-07 12:20:31 +01:00
Florent Daigniere
6c6b0b161c Set the right flags on the rate_limit cookie 2021-11-06 10:45:59 +01:00
Florent Daigniere
5714b4f4b0 introduce MESSAGE_RATELIMIT_EXEMPTION 2021-11-06 10:05:52 +01:00
DjVinnii
30d7e72765 Move TZ to Advanced settings 2021-11-05 14:44:12 +01:00
DjVinnii
81e33d3679 Add default TZ to config manager 2021-11-04 13:21:37 +01:00
Alexander Graf
97e79a973f fix sso login button spacing again 2021-11-04 08:32:53 +01:00
Alexander Graf
73ab4327c2 updated database libraries (sqlalchemy etc.)
this is working fine, but introduces a sqlalchemy warning
when using config-import:

  /app/mailu/schemas.py:822:
    SAWarning: Identity map already had an identity for (...),
    replacing it with newly flushed object.
    Are there load operations occurring inside of an event handler
    within the flush?
2021-11-03 22:57:07 +01:00
Alexander Graf
ffd99c3fa8 updated flask
ConfigManager should not replace app.config - this is causing trouble
with some other flask modules (swagger).
Updated ConfigManager to only modify app.config and not replace it.
2021-11-03 22:21:26 +01:00
Alexander Graf
56f65d724d update babel 2021-11-03 21:52:59 +01:00
Alexander Graf
8b15820b01 fix sso login button spacing 2021-11-03 20:35:05 +01:00
Alexander Graf
26fb108a3f updated Flask-Login 2021-11-03 20:22:47 +01:00