From 9fac3d7ad3895c1e03016dd3eadbff186c875711 Mon Sep 17 00:00:00 2001 From: Diman0 Date: Thu, 2 Sep 2021 13:36:42 +0200 Subject: [PATCH 01/37] Initial implementation for standalone sso page --- core/admin/Dockerfile | 1 + core/admin/mailu/__init__.py | 4 +- core/admin/mailu/sso/__init__.py | 6 +++ core/admin/mailu/sso/forms.py | 14 ++++++ core/admin/mailu/sso/templates/base_sso.html | 51 ++++++++++++++++++++ core/admin/mailu/sso/templates/form_sso.html | 7 +++ core/admin/mailu/sso/templates/login.html | 9 ++++ core/admin/mailu/sso/views/__init__.py | 3 ++ core/admin/mailu/sso/views/base.py | 30 ++++++++++++ core/admin/mailu/sso/views/hello.py | 6 +++ core/admin/mailu/ui/forms.py | 4 +- core/admin/mailu/ui/templates/login.html | 9 ---- core/admin/mailu/ui/views/base.py | 3 +- core/admin/mailu/utils.py | 4 +- 14 files changed, 135 insertions(+), 16 deletions(-) create mode 100644 core/admin/mailu/sso/__init__.py create mode 100644 core/admin/mailu/sso/forms.py create mode 100644 core/admin/mailu/sso/templates/base_sso.html create mode 100644 core/admin/mailu/sso/templates/form_sso.html create mode 100644 core/admin/mailu/sso/templates/login.html create mode 100644 core/admin/mailu/sso/views/__init__.py create mode 100644 core/admin/mailu/sso/views/base.py create mode 100644 core/admin/mailu/sso/views/hello.py delete mode 100644 core/admin/mailu/ui/templates/login.html diff --git a/core/admin/Dockerfile b/core/admin/Dockerfile index 97cf1736..2406bb5c 100644 --- a/core/admin/Dockerfile +++ b/core/admin/Dockerfile @@ -31,6 +31,7 @@ RUN apk add --no-cache openssl curl postgresql-libs mariadb-connector-c \ && apk del --no-cache build-dep COPY --from=assets static ./mailu/ui/static +COPY --from=assets static ./mailu/sso/static COPY mailu ./mailu COPY migrations ./migrations COPY start.py /start.py diff --git a/core/admin/mailu/__init__.py b/core/admin/mailu/__init__.py index 8ab8ed0e..f80533fe 100644 --- a/core/admin/mailu/__init__.py +++ b/core/admin/mailu/__init__.py @@ -48,10 +48,10 @@ def create_app_from_config(config): ) # Import views - from mailu import ui, internal + from mailu import ui, internal, sso app.register_blueprint(ui.ui, url_prefix='/ui') app.register_blueprint(internal.internal, url_prefix='/internal') - + app.register_blueprint(sso.sso, url_prefix='/sso') return app diff --git a/core/admin/mailu/sso/__init__.py b/core/admin/mailu/sso/__init__.py new file mode 100644 index 00000000..2d3c6d84 --- /dev/null +++ b/core/admin/mailu/sso/__init__.py @@ -0,0 +1,6 @@ +from flask import Blueprint + + +sso = Blueprint('sso', __name__, static_folder='static', template_folder='templates') + +from mailu.sso.views import * diff --git a/core/admin/mailu/sso/forms.py b/core/admin/mailu/sso/forms.py new file mode 100644 index 00000000..a81667a2 --- /dev/null +++ b/core/admin/mailu/sso/forms.py @@ -0,0 +1,14 @@ +from wtforms import validators, fields, widgets +from wtforms_components import fields as fields_ +from flask_babel import lazy_gettext as _ + +import flask_login +import flask_wtf +import re + +class LoginForm(flask_wtf.FlaskForm): + class Meta: + csrf = False + email = fields.StringField(_('E-mail'), [validators.Email()]) + pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) + submit = fields.SubmitField(_('Sign in')) diff --git a/core/admin/mailu/sso/templates/base_sso.html b/core/admin/mailu/sso/templates/base_sso.html new file mode 100644 index 00000000..a95cb23b --- /dev/null +++ b/core/admin/mailu/sso/templates/base_sso.html @@ -0,0 +1,51 @@ +{% import "macros.html" as macros %} +{% import "bootstrap/utils.html" as utils %} + + + + + + + Mailu-login - {{ config["SITENAME"] }} + + +
+
+ +
+ +
+
+
+ {% block main_action %} + {% endblock %} +
+

+ {% block title %}{% endblock %} + {% block subtitle %}{% endblock %} +

+
+ +
+ {{ utils.flashed_messages(container=False) }} + {% block content %}{% endblock %} +
+
+ +
+ + + + diff --git a/core/admin/mailu/sso/templates/form_sso.html b/core/admin/mailu/sso/templates/form_sso.html new file mode 100644 index 00000000..fcabad41 --- /dev/null +++ b/core/admin/mailu/sso/templates/form_sso.html @@ -0,0 +1,7 @@ +{% extends "base_sso.html" %} + +{% block content %} +{% call macros.box() %} +{{ macros.form(form) }} +{% endcall %} +{% endblock %} diff --git a/core/admin/mailu/sso/templates/login.html b/core/admin/mailu/sso/templates/login.html new file mode 100644 index 00000000..851e6643 --- /dev/null +++ b/core/admin/mailu/sso/templates/login.html @@ -0,0 +1,9 @@ +{% extends "form_sso.html" %} + +{% block title %} +{% trans %}Sign in{% endtrans %} +{% endblock %} + +{% block subtitle %} +{% trans %}to access IF statement for switch text for loggin in what the administration tools{% endtrans %} +{% endblock %} diff --git a/core/admin/mailu/sso/views/__init__.py b/core/admin/mailu/sso/views/__init__.py new file mode 100644 index 00000000..38efde4c --- /dev/null +++ b/core/admin/mailu/sso/views/__init__.py @@ -0,0 +1,3 @@ +__all__ = [ + 'base', 'hello' +] diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py new file mode 100644 index 00000000..dd6f60c9 --- /dev/null +++ b/core/admin/mailu/sso/views/base.py @@ -0,0 +1,30 @@ +from mailu import models +from mailu.sso import sso, forms + +from flask import current_app as app +import flask +import flask_login + +@sso.route('/login', methods=['GET', 'POST']) +def login(): + form = forms.LoginForm() + if form.validate_on_submit(): + user = models.User.login(form.email.data, form.pw.data) + if user: + flask.session.regenerate() + flask_login.login_user(user) + endpoint = flask.request.args.get('next', 'ui.index') + return flask.redirect(flask.url_for(endpoint) + or flask.url_for('ui.index')) + else: + flask.flash('Wrong e-mail or password', 'error') + return flask.render_template('login.html', form=form) + +""" +@ui.route('/logout', methods=['GET']) +@access.authenticated +def logout(): + flask_login.logout_user() + flask.session.destroy() + return flask.redirect(flask.url_for('.index')) +""" \ No newline at end of file diff --git a/core/admin/mailu/sso/views/hello.py b/core/admin/mailu/sso/views/hello.py new file mode 100644 index 00000000..2e9b5e35 --- /dev/null +++ b/core/admin/mailu/sso/views/hello.py @@ -0,0 +1,6 @@ +from mailu.sso import sso +from flask import current_app as app + +@sso.route("/") +def hello_world(): + return "

Hello, World!

" diff --git a/core/admin/mailu/ui/forms.py b/core/admin/mailu/ui/forms.py index 32bb31ab..dff7008e 100644 --- a/core/admin/mailu/ui/forms.py +++ b/core/admin/mailu/ui/forms.py @@ -44,14 +44,14 @@ class MultipleEmailAddressesVerify(object): class ConfirmationForm(flask_wtf.FlaskForm): submit = fields.SubmitField(_('Confirm')) - +""" class LoginForm(flask_wtf.FlaskForm): class Meta: csrf = False email = fields.StringField(_('E-mail'), [validators.Email()]) pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) submit = fields.SubmitField(_('Sign in')) - +""" class DomainForm(flask_wtf.FlaskForm): name = fields.StringField(_('Domain name'), [validators.DataRequired()]) diff --git a/core/admin/mailu/ui/templates/login.html b/core/admin/mailu/ui/templates/login.html deleted file mode 100644 index 26c47c08..00000000 --- a/core/admin/mailu/ui/templates/login.html +++ /dev/null @@ -1,9 +0,0 @@ -{% extends "form.html" %} - -{% block title %} -{% trans %}Sign in{% endtrans %} -{% endblock %} - -{% block subtitle %} -{% trans %}to access the administration tools{% endtrans %} -{% endblock %} diff --git a/core/admin/mailu/ui/views/base.py b/core/admin/mailu/ui/views/base.py index eb5490bc..fc9daba6 100644 --- a/core/admin/mailu/ui/views/base.py +++ b/core/admin/mailu/ui/views/base.py @@ -12,6 +12,7 @@ def index(): return flask.redirect(flask.url_for('.user_settings')) +""" @ui.route('/login', methods=['GET', 'POST']) def login(): form = forms.LoginForm() @@ -26,7 +27,7 @@ def login(): else: flask.flash('Wrong e-mail or password', 'error') return flask.render_template('login.html', form=form) - +""" @ui.route('/logout', methods=['GET']) @access.authenticated diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py index 02150754..c30f259e 100644 --- a/core/admin/mailu/utils.py +++ b/core/admin/mailu/utils.py @@ -28,13 +28,13 @@ from werkzeug.contrib import fixers # Login configuration login = flask_login.LoginManager() -login.login_view = "ui.login" +login.login_view = "sso.login" @login.unauthorized_handler def handle_needs_login(): """ redirect unauthorized requests to login page """ return flask.redirect( - flask.url_for('ui.login', next=flask.request.endpoint) + flask.url_for('sso.login', next=flask.request.endpoint) ) # Rate limiter From 8868aec0dcd02101ea09396c5d064b046b75ea44 Mon Sep 17 00:00:00 2001 From: Diman0 Date: Thu, 2 Sep 2021 17:08:50 +0200 Subject: [PATCH 02/37] Merge master. Make sso login working for admin. --- core/admin/mailu/configuration.py | 1 + core/admin/mailu/sso/forms.py | 2 + core/admin/mailu/sso/templates/base_sso.html | 61 +++++++++++-------- core/admin/mailu/sso/templates/form_sso.html | 2 +- core/admin/mailu/sso/templates/login.html | 6 +- .../mailu/sso/templates/sidebar_sso.html | 60 ++++++++++++++++++ core/admin/mailu/sso/views/base.py | 15 ++--- core/admin/mailu/ui/templates/sidebar.html | 2 +- core/nginx/conf/nginx.conf | 8 ++- 9 files changed, 115 insertions(+), 42 deletions(-) create mode 100644 core/admin/mailu/sso/templates/sidebar_sso.html diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py index 7cd3a56b..025a173c 100644 --- a/core/admin/mailu/configuration.py +++ b/core/admin/mailu/configuration.py @@ -51,6 +51,7 @@ DEFAULT_CONFIG = { # Web settings 'SITENAME': 'Mailu', 'WEBSITE': 'https://mailu.io', + 'ADMIN' : 'none', 'WEB_ADMIN': '/admin', 'WEB_WEBMAIL': '/webmail', 'WEBMAIL': 'none', diff --git a/core/admin/mailu/sso/forms.py b/core/admin/mailu/sso/forms.py index a81667a2..bc2b5363 100644 --- a/core/admin/mailu/sso/forms.py +++ b/core/admin/mailu/sso/forms.py @@ -6,6 +6,8 @@ import flask_login import flask_wtf import re +LOCALPART_REGEX = "^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+)*$" + class LoginForm(flask_wtf.FlaskForm): class Meta: csrf = False diff --git a/core/admin/mailu/sso/templates/base_sso.html b/core/admin/mailu/sso/templates/base_sso.html index a95cb23b..0edd692c 100644 --- a/core/admin/mailu/sso/templates/base_sso.html +++ b/core/admin/mailu/sso/templates/base_sso.html @@ -6,46 +6,53 @@ - Mailu-login - {{ config["SITENAME"] }} + Mailu - {{ config["SITENAME"] }} - +
-
- -
- + +
-
- {% block main_action %} - {% endblock %} +
+
+
+

{% block title %}{% endblock %}

+ {% block subtitle %}{% endblock %} +
+
+ {% block main_action %} + {% endblock %} +
+
-

- {% block title %}{% endblock %} - {% block subtitle %}{% endblock %} -

-
+
{{ utils.flashed_messages(container=False) }} {% block content %}{% endblock %} -
+
- - + + diff --git a/core/admin/mailu/sso/templates/form_sso.html b/core/admin/mailu/sso/templates/form_sso.html index fcabad41..d28b82bf 100644 --- a/core/admin/mailu/sso/templates/form_sso.html +++ b/core/admin/mailu/sso/templates/form_sso.html @@ -1,7 +1,7 @@ {% extends "base_sso.html" %} {% block content %} -{% call macros.box() %} +{% call macros.card() %} {{ macros.form(form) }} {% endcall %} {% endblock %} diff --git a/core/admin/mailu/sso/templates/login.html b/core/admin/mailu/sso/templates/login.html index 851e6643..81d83a46 100644 --- a/core/admin/mailu/sso/templates/login.html +++ b/core/admin/mailu/sso/templates/login.html @@ -5,5 +5,9 @@ {% endblock %} {% block subtitle %} -{% trans %}to access IF statement for switch text for loggin in what the administration tools{% endtrans %} +{% if endpoint == 'ui.index' %} +{% trans %}to access the configuration page{% endtrans %} +{% elif endpoint == 'ui.webmail' %} +{% trans %}to access the webmail page{% endtrans %} +{% endif %} {% endblock %} diff --git a/core/admin/mailu/sso/templates/sidebar_sso.html b/core/admin/mailu/sso/templates/sidebar_sso.html new file mode 100644 index 00000000..6e919731 --- /dev/null +++ b/core/admin/mailu/sso/templates/sidebar_sso.html @@ -0,0 +1,60 @@ +
+ + + +
diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py index dd6f60c9..702b1582 100644 --- a/core/admin/mailu/sso/views/base.py +++ b/core/admin/mailu/sso/views/base.py @@ -1,5 +1,6 @@ from mailu import models from mailu.sso import sso, forms +from mailu.ui import access from flask import current_app as app import flask @@ -8,23 +9,15 @@ import flask_login @sso.route('/login', methods=['GET', 'POST']) def login(): form = forms.LoginForm() + endpoint = flask.request.args.get('next', 'ui.index') if form.validate_on_submit(): user = models.User.login(form.email.data, form.pw.data) if user: flask.session.regenerate() flask_login.login_user(user) - endpoint = flask.request.args.get('next', 'ui.index') return flask.redirect(flask.url_for(endpoint) or flask.url_for('ui.index')) else: flask.flash('Wrong e-mail or password', 'error') - return flask.render_template('login.html', form=form) - -""" -@ui.route('/logout', methods=['GET']) -@access.authenticated -def logout(): - flask_login.logout_user() - flask.session.destroy() - return flask.redirect(flask.url_for('.index')) -""" \ No newline at end of file + return flask.render_template('login.html', form=form, endpoint=endpoint) + \ No newline at end of file diff --git a/core/admin/mailu/ui/templates/sidebar.html b/core/admin/mailu/ui/templates/sidebar.html index 0fdae9db..0938f8ac 100644 --- a/core/admin/mailu/ui/templates/sidebar.html +++ b/core/admin/mailu/ui/templates/sidebar.html @@ -125,7 +125,7 @@ {% else %}
  • - +

    {% trans %}Sign in{% endtrans %}

     diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf index 9ce12980..ac5aabe2 100644 --- a/core/nginx/conf/nginx.conf +++ b/core/nginx/conf/nginx.conf @@ -117,6 +117,12 @@ http { include /overrides/*.conf; # Actual logic + location /sso { + include /etc/nginx/proxy.conf; + proxy_set_header Host $host; + proxy_pass http://$admin/sso; + } + {% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %} location / { {% if WEBROOT_REDIRECT %} @@ -158,7 +164,7 @@ http { } location @webmail_login { - return 302 {{ WEB_ADMIN }}/ui/login?next=ui.webmail; + return 302 {{ WEB_ADMIN }}/sso/login?next=ui.webmail; } {% else %} } From 960033525d4075b5f6c91da50b4b2e2b0a0e2303 Mon Sep 17 00:00:00 2001 From: Diman0 Date: Thu, 2 Sep 2021 18:02:20 +0200 Subject: [PATCH 03/37] configure sso in nginx --- core/admin/mailu/sso/__init__.py | 1 - core/admin/mailu/sso/views/__init__.py | 2 +- core/admin/mailu/sso/views/hello.py | 6 ------ core/admin/mailu/ui/forms.py | 9 --------- core/admin/mailu/ui/views/base.py | 18 ------------------ core/nginx/conf/nginx.conf | 10 ++++++++-- 6 files changed, 9 insertions(+), 37 deletions(-) delete mode 100644 core/admin/mailu/sso/views/hello.py diff --git a/core/admin/mailu/sso/__init__.py b/core/admin/mailu/sso/__init__.py index 2d3c6d84..fcdc9cd0 100644 --- a/core/admin/mailu/sso/__init__.py +++ b/core/admin/mailu/sso/__init__.py @@ -1,6 +1,5 @@ from flask import Blueprint - sso = Blueprint('sso', __name__, static_folder='static', template_folder='templates') from mailu.sso.views import * diff --git a/core/admin/mailu/sso/views/__init__.py b/core/admin/mailu/sso/views/__init__.py index 38efde4c..990c7919 100644 --- a/core/admin/mailu/sso/views/__init__.py +++ b/core/admin/mailu/sso/views/__init__.py @@ -1,3 +1,3 @@ __all__ = [ - 'base', 'hello' + 'base' ] diff --git a/core/admin/mailu/sso/views/hello.py b/core/admin/mailu/sso/views/hello.py deleted file mode 100644 index 2e9b5e35..00000000 --- a/core/admin/mailu/sso/views/hello.py +++ /dev/null @@ -1,6 +0,0 @@ -from mailu.sso import sso -from flask import current_app as app - -@sso.route("/") -def hello_world(): - return "

    Hello, World!

    " diff --git a/core/admin/mailu/ui/forms.py b/core/admin/mailu/ui/forms.py index dff7008e..640408e3 100644 --- a/core/admin/mailu/ui/forms.py +++ b/core/admin/mailu/ui/forms.py @@ -44,15 +44,6 @@ class MultipleEmailAddressesVerify(object): class ConfirmationForm(flask_wtf.FlaskForm): submit = fields.SubmitField(_('Confirm')) -""" -class LoginForm(flask_wtf.FlaskForm): - class Meta: - csrf = False - email = fields.StringField(_('E-mail'), [validators.Email()]) - pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) - submit = fields.SubmitField(_('Sign in')) -""" - class DomainForm(flask_wtf.FlaskForm): name = fields.StringField(_('Domain name'), [validators.DataRequired()]) max_users = fields_.IntegerField(_('Maximum user count'), [validators.NumberRange(min=-1)], default=10) diff --git a/core/admin/mailu/ui/views/base.py b/core/admin/mailu/ui/views/base.py index fc9daba6..278176fa 100644 --- a/core/admin/mailu/ui/views/base.py +++ b/core/admin/mailu/ui/views/base.py @@ -11,24 +11,6 @@ import flask_login def index(): return flask.redirect(flask.url_for('.user_settings')) - -""" -@ui.route('/login', methods=['GET', 'POST']) -def login(): - form = forms.LoginForm() - if form.validate_on_submit(): - user = models.User.login(form.email.data, form.pw.data) - if user: - flask.session.regenerate() - flask_login.login_user(user) - endpoint = flask.request.args.get('next', '.index') - return flask.redirect(flask.url_for(endpoint) - or flask.url_for('.index')) - else: - flask.flash('Wrong e-mail or password', 'error') - return flask.render_template('login.html', form=form) -""" - @ui.route('/logout', methods=['GET']) @access.authenticated def logout(): diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf index ac5aabe2..d428b0d0 100644 --- a/core/nginx/conf/nginx.conf +++ b/core/nginx/conf/nginx.conf @@ -117,10 +117,16 @@ http { include /overrides/*.conf; # Actual logic - location /sso { + location ^~ /sso { include /etc/nginx/proxy.conf; proxy_set_header Host $host; - proxy_pass http://$admin/sso; + proxy_pass http://$admin; + } + location ^~ {{ WEB_ADMIN }}/sso { + include /etc/nginx/proxy.conf; + rewrite ^{{ WEB_ADMIN }}/(.*)$ /$1 break; + proxy_set_header Host $host; + proxy_pass http://$admin; } {% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %} From b148e41d9bd11de3c67e727e2942b427d9e9fee5 Mon Sep 17 00:00:00 2001 From: Diman0 Date: Fri, 3 Sep 2021 13:01:09 +0200 Subject: [PATCH 04/37] Fix nginx config --- core/admin/mailu/sso/views/base.py | 10 +++++++--- core/nginx/conf/nginx.conf | 28 ++++++++++++++++++++-------- 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py index 702b1582..9013fb0c 100644 --- a/core/admin/mailu/sso/views/base.py +++ b/core/admin/mailu/sso/views/base.py @@ -10,13 +10,17 @@ import flask_login def login(): form = forms.LoginForm() endpoint = flask.request.args.get('next', 'ui.index') + + if endpoint == 'ui.webmail': + endpoint = 'ui.webmail' + else: + endpoint = 'ui.index' if form.validate_on_submit(): user = models.User.login(form.email.data, form.pw.data) if user: flask.session.regenerate() - flask_login.login_user(user) - return flask.redirect(flask.url_for(endpoint) - or flask.url_for('ui.index')) + flask_login.login_user(user) + return flask.redirect(flask.url_for(endpoint)) else: flask.flash('Wrong e-mail or password', 'error') return flask.render_template('login.html', form=form, endpoint=endpoint) diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf index d428b0d0..2ae3bcfb 100644 --- a/core/nginx/conf/nginx.conf +++ b/core/nginx/conf/nginx.conf @@ -1,7 +1,7 @@ # Basic configuration user nginx; worker_processes auto; -error_log /dev/stderr info; +error_log /dev/stderr debug; pid /var/run/nginx.pid; load_module "modules/ngx_mail_module.so"; @@ -117,17 +117,29 @@ http { include /overrides/*.conf; # Actual logic - location ^~ /sso { - include /etc/nginx/proxy.conf; - proxy_set_header Host $host; - proxy_pass http://$admin; - } location ^~ {{ WEB_ADMIN }}/sso { include /etc/nginx/proxy.conf; - rewrite ^{{ WEB_ADMIN }}/(.*)$ /$1 break; - proxy_set_header Host $host; + rewrite ^{{ WEB_ADMIN }}/(.*) /$1 redirect; + } + location ^~ /ui/webmail { + include /etc/nginx/proxy.conf; + return 302 {{ WEB_WEBMAIL }}; + } + location ^~ /ui { + include /etc/nginx/proxy.conf; + #rewrite ^/sso/(.*) {{ WEB_ADMIN }}/$1 redirect; + return 302 {{ WEB_ADMIN }}/ui/; + } + location ^~ /sso { + include /etc/nginx/proxy.conf; proxy_pass http://$admin; } +# location ^~ /(ui|static) { +# rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break; +# include /etc/nginx/proxy.conf; +# proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }}; +# proxy_pass http://$admin; +# } {% if WEB_WEBMAIL != '/' and WEBROOT_REDIRECT != 'none' %} location / { From 9894b49cbd2c41a8ec139381774de7b0cc238631 Mon Sep 17 00:00:00 2001 From: Diman0 Date: Fri, 24 Sep 2021 10:07:52 +0200 Subject: [PATCH 05/37] Merge/Update with changes from master --- core/admin/mailu/sso/forms.py | 2 + core/admin/mailu/sso/templates/base_sso.html | 72 +++++++++++++------ core/admin/mailu/sso/templates/form_sso.html | 10 +-- core/admin/mailu/sso/templates/login.html | 16 ++--- .../mailu/sso/templates/sidebar_sso.html | 43 ++++++----- core/admin/mailu/sso/views/base.py | 20 ++++-- core/nginx/conf/nginx.conf | 4 +- 7 files changed, 109 insertions(+), 58 deletions(-) diff --git a/core/admin/mailu/sso/forms.py b/core/admin/mailu/sso/forms.py index bc2b5363..8b5f4cba 100644 --- a/core/admin/mailu/sso/forms.py +++ b/core/admin/mailu/sso/forms.py @@ -11,6 +11,8 @@ LOCALPART_REGEX = "^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_` class LoginForm(flask_wtf.FlaskForm): class Meta: csrf = False + target = fields.SelectField( u'Go to' ) email = fields.StringField(_('E-mail'), [validators.Email()]) pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) submit = fields.SubmitField(_('Sign in')) + diff --git a/core/admin/mailu/sso/templates/base_sso.html b/core/admin/mailu/sso/templates/base_sso.html index 0edd692c..062adf36 100644 --- a/core/admin/mailu/sso/templates/base_sso.html +++ b/core/admin/mailu/sso/templates/base_sso.html @@ -1,55 +1,83 @@ -{% import "macros.html" as macros %} -{% import "bootstrap/utils.html" as utils %} +{%- import "macros.html" as macros %} +{%- import "bootstrap/utils.html" as utils %} - + - + + + + + Mailu-Admin | {{ config["SITENAME"] }} - Mailu - {{ config["SITENAME"] }}
    -
  • - +

    {% trans %}Antispam{% endtrans %}

     diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py index d7a57aaa..8d790d0c 100644 --- a/core/admin/mailu/utils.py +++ b/core/admin/mailu/utils.py @@ -95,26 +95,6 @@ def get_locale(): flask.session['language'] = language return language - -# Proxy fixer -class PrefixMiddleware(object): - """ fix proxy headers """ - def __init__(self): - self.app = None - - def __call__(self, environ, start_response): - prefix = environ.get('HTTP_X_FORWARDED_PREFIX', '') - if prefix: - environ['SCRIPT_NAME'] = prefix - return self.app(environ, start_response) - - def init_app(self, app): - self.app = fixers.ProxyFix(app.wsgi_app, x_for=1, x_proto=1) - app.wsgi_app = self - -proxy = PrefixMiddleware() - - # Data migrate migrate = flask_migrate.Migrate() diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf index fdd73e26..fd6cffd2 100644 --- a/core/nginx/conf/nginx.conf +++ b/core/nginx/conf/nginx.conf @@ -182,30 +182,19 @@ http { {% endif %} {% if ADMIN == 'true' %} - location {{ WEB_ADMIN }} { - return 301 {{ WEB_ADMIN }}/ui; - } + location {{ WEB_ADMIN }} { + include /etc/nginx/proxy.conf; + proxy_pass http://$admin; + expires $expires; + } - location ~ {{ WEB_ADMIN }}/ui { - rewrite ^{{ WEB_ADMIN }}/(.*) /$1 break; - include /etc/nginx/proxy.conf; - proxy_set_header X-Forwarded-Prefix {{ WEB_ADMIN }}; - proxy_pass http://$admin; - expires $expires; - } - - location {{ WEB_ADMIN }}/antispam { + location ~ {{ WEB_ADMIN }}/antispam/ { rewrite ^{{ WEB_ADMIN }}/antispam/(.*) /$1 break; auth_request /internal/auth/admin; proxy_set_header X-Real-IP ""; proxy_set_header X-Forwarded-For ""; proxy_pass http://$antispam; } - - location ^~ {{ WEB_ADMIN }}/sso { - include /etc/nginx/proxy.conf; - rewrite ^{{ WEB_ADMIN }}/(.*) /$1 redirect; - } {% endif %} {% if WEBDAV != 'none' %} From c42ad8e71e6f2c80f15d991cc19673576a86cb74 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Wed, 27 Oct 2021 18:49:36 +0000 Subject: [PATCH 26/37] Forgot to include changes for url_for of base.html --- core/admin/mailu/ui/templates/base.html | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/core/admin/mailu/ui/templates/base.html b/core/admin/mailu/ui/templates/base.html index 3357d3e3..12f61149 100644 --- a/core/admin/mailu/ui/templates/base.html +++ b/core/admin/mailu/ui/templates/base.html @@ -8,8 +8,8 @@ Mailu-Admin | {{ config["SITENAME"] }} - - + +
    @@ -46,7 +46,7 @@
    - - + + From 503044ef6e3eb3905f8fe1bcb7fc4819db37802f Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Wed, 27 Oct 2021 21:51:49 +0000 Subject: [PATCH 27/37] Reintroduce ProxyFix. Use two buttons for logging in. --- core/admin/mailu/__init__.py | 1 + core/admin/mailu/sso/forms.py | 7 ++++--- core/admin/mailu/sso/templates/form_sso.html | 8 +++++-- core/admin/mailu/sso/views/base.py | 22 +++++++++----------- core/admin/mailu/ui/templates/macros.html | 6 +++++- core/admin/mailu/utils.py | 19 ++++++++++++++++- core/nginx/conf/nginx.conf | 2 +- 7 files changed, 45 insertions(+), 20 deletions(-) diff --git a/core/admin/mailu/__init__.py b/core/admin/mailu/__init__.py index 20acf360..1c4ded4c 100644 --- a/core/admin/mailu/__init__.py +++ b/core/admin/mailu/__init__.py @@ -25,6 +25,7 @@ def create_app_from_config(config): utils.babel.init_app(app) utils.login.init_app(app) utils.login.user_loader(models.User.get) + utils.proxy.init_app(app) utils.migrate.init_app(app, models.db) app.device_cookie_key = hmac.new(bytearray(app.secret_key, 'utf-8'), bytearray('DEVICE_COOKIE_KEY', 'utf-8'), 'sha256').digest() diff --git a/core/admin/mailu/sso/forms.py b/core/admin/mailu/sso/forms.py index d5124804..fb48d9f9 100644 --- a/core/admin/mailu/sso/forms.py +++ b/core/admin/mailu/sso/forms.py @@ -11,8 +11,9 @@ LOCALPART_REGEX = "^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_` class LoginForm(flask_wtf.FlaskForm): class Meta: csrf = False - target = fields.SelectField( _('Go to') ) - email = fields.StringField(_('E-mail'), [validators.Email()]) + email = fields.StringField(_('E-mail'), [validators.Email(), validators.DataRequired()]) pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) - submit = fields.SubmitField(_('Sign in')) + submitAdmin = fields.SubmitField(_('Sign in')) + submitWebmail = fields.SubmitField(_('Sign in')) + diff --git a/core/admin/mailu/sso/templates/form_sso.html b/core/admin/mailu/sso/templates/form_sso.html index 7759ae3f..8ab3101f 100644 --- a/core/admin/mailu/sso/templates/form_sso.html +++ b/core/admin/mailu/sso/templates/form_sso.html @@ -2,6 +2,10 @@ {%- block content %} {%- call macros.card() %} -{{ macros.form(form) }} +
    + {{ macros.form_field(form.email) }} + {{ macros.form_field(form.pw) }} + {{ macros.form_fields( fields, label=False, class="btn btn-default", spacing=False) }} +
    {%- endcall %} -{%- endblock %} +{%- endblock %} \ No newline at end of file diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py index 301f67e7..e5d2cd45 100644 --- a/core/admin/mailu/sso/views/base.py +++ b/core/admin/mailu/sso/views/base.py @@ -10,22 +10,20 @@ import flask_login @sso.route('/login', methods=['GET', 'POST']) def login(): form = forms.LoginForm() - endpoint = flask.request.args.get('next', 'ui.index') - - form.target.choices = [] + form.submitAdmin.label.text = form.submitAdmin.label.text + ' Admin' + form.submitWebmail.label.text = form.submitWebmail.label.text + ' Webmail' + + fields = [] if str(app.config["ADMIN"]).upper() != "FALSE": - form.target.choices += [("Admin", "Admin")] + fields.append(form.submitAdmin) if str(app.config["WEBMAIL"]).upper() != "NONE": - form.target.choices += [("Webmail", "Webmail")] - if endpoint == "ui.webmail": - form.target.choices.reverse() + fields.append(form.submitWebmail) + fields = tuple(fields) if form.validate_on_submit(): - if str(form.target.data) == 'Admin': - endpoint = 'ui.user_settings' + if form.submitAdmin.data: destination = app.config['WEB_ADMIN'] - elif str(form.target.data) == 'Webmail': - endpoint = 'ui.webmail' + elif form.submitWebmail.data: destination = app.config['WEB_WEBMAIL'] user = models.User.login(form.email.data, form.pw.data) @@ -37,7 +35,7 @@ def login(): flask.flash('Wrong e-mail or password', 'error') client_ip = flask.request.headers["X-Real-IP"] if 'X-Real-IP' in flask.request.headers else flask.request.remote_addr flask.current_app.logger.warn(f'Login failed for {str(form.email.data)} from {client_ip}.') - return flask.render_template('login.html', form=form, endpoint=endpoint) + return flask.render_template('login.html', form=form, fields=fields) @sso.route('/logout', methods=['GET']) @access.authenticated diff --git a/core/admin/mailu/ui/templates/macros.html b/core/admin/mailu/ui/templates/macros.html index 4080c1e4..d18e6584 100644 --- a/core/admin/mailu/ui/templates/macros.html +++ b/core/admin/mailu/ui/templates/macros.html @@ -18,8 +18,12 @@ {%- endif %} {%- endmacro %} -{%- macro form_fields(fields, prepend='', append='', label=True) %} +{%- macro form_fields(fields, prepend='', append='', label=True, spacing=True) %} + {%- if spacing %} {%- set width = (12 / fields|length)|int %} + {%- else %} + {%- set width = 0 %} + {% endif %}
    {%- for field in fields %} diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py index 8d790d0c..56344b8b 100644 --- a/core/admin/mailu/utils.py +++ b/core/admin/mailu/utils.py @@ -38,7 +38,7 @@ login.login_view = "sso.login" def handle_needs_login(): """ redirect unauthorized requests to login page """ return flask.redirect( - flask.url_for('sso.login', next=flask.request.endpoint) + flask.url_for('sso.login') ) # DNS stub configured to do DNSSEC enabled queries @@ -95,6 +95,23 @@ def get_locale(): flask.session['language'] = language return language + +# Proxy fixer +class PrefixMiddleware(object): + """ fix proxy headers """ + def __init__(self): + self.app = None + + def __call__(self, environ, start_response): + return self.app(environ, start_response) + + def init_app(self, app): + self.app = fixers.ProxyFix(app.wsgi_app, x_for=1, x_proto=1) + app.wsgi_app = self + +proxy = PrefixMiddleware() + + # Data migrate migrate = flask_migrate.Migrate() diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf index fd6cffd2..ec6ecac2 100644 --- a/core/nginx/conf/nginx.conf +++ b/core/nginx/conf/nginx.conf @@ -176,7 +176,7 @@ http { } location @webmail_login { - return 302 /sso/login?next=ui.webmail; + return 302 /sso/login; } {% else %} From 8eabece225b2a424a59de412d714946edad561a3 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Thu, 28 Oct 2021 13:56:08 +0000 Subject: [PATCH 28/37] Update reverse proxy doc with new /sso endpoint. --- docs/reverse.rst | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/reverse.rst b/docs/reverse.rst index 14a9154e..2c83acec 100644 --- a/docs/reverse.rst +++ b/docs/reverse.rst @@ -47,7 +47,7 @@ Then on your own frontend, point to these local ports. In practice, you only nee } } -Because the admin interface is served as ``/admin`` and the Webmail as ``/webmail`` you may also want to use a single virtual host and serve other applications (still Nginx): +Because the admin interface is served as ``/admin``, the Webmail as ``/webmail``, the single sign on page as ``/sso`` and webdav as ``/webdav``, you may also want to use a single virtual host and serve other applications (still Nginx): .. code-block:: nginx @@ -63,6 +63,16 @@ Because the admin interface is served as ``/admin`` and the Webmail as ``/webmai proxy_set_header Host $http_host; } + location /sso { + proxy_pass https://localhost:8443/sso; + proxy_set_header Host $http_host; + } + + location /webdav { + proxy_pass https://localhost:8443/webdav; + proxy_set_header Host $http_host; + } + location /main_app { proxy_pass https://some-host; } From edb76f25d8815faa79e796514f2255493e181799 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Thu, 28 Oct 2021 15:50:24 +0000 Subject: [PATCH 29/37] Update newsfragment --- towncrier/newsfragments/1929.enhancement | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/towncrier/newsfragments/1929.enhancement b/towncrier/newsfragments/1929.enhancement index cd3712b6..fa02c60b 100644 --- a/towncrier/newsfragments/1929.enhancement +++ b/towncrier/newsfragments/1929.enhancement @@ -1,6 +1,9 @@ -Improved the SSO page. - - Now shows the login target. - - Added toggle to choose login target. - - Made SSO page available separately. SSO page can now be used without Admin. +Improved the SSO page. Warning! The new endpoint /sso is introduced. +This endpoint is now used for handling sign on requests. +You may want to update your reverse proxy to proxy /sso to Mailu (to the front service). + - New SSO page is used for logging in Admin or Webmail. + - Made SSO page available separately. SSO page can now be used without Admin accessible (ADMIN=false). - Introduced stub /static which is used by all sites for accessing static files. + - Removed the /admin/ prefix to reduce complexity of routing with Mailu. Admin is accessible directly via /admin instead of /admin/ui +Note: Failed logon attempts are logged in the logs of admin. You can watch this From a01df56a9b48576945bef685ffa81b295fab64ed Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Thu, 28 Oct 2021 16:38:26 +0000 Subject: [PATCH 30/37] Forgot to include the new endpoint /static --- docs/reverse.rst | 7 ++++++- towncrier/newsfragments/1929.enhancement | 9 +++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/docs/reverse.rst b/docs/reverse.rst index 2c83acec..4841c2de 100644 --- a/docs/reverse.rst +++ b/docs/reverse.rst @@ -47,7 +47,7 @@ Then on your own frontend, point to these local ports. In practice, you only nee } } -Because the admin interface is served as ``/admin``, the Webmail as ``/webmail``, the single sign on page as ``/sso`` and webdav as ``/webdav``, you may also want to use a single virtual host and serve other applications (still Nginx): +Because the admin interface is served as ``/admin``, the Webmail as ``/webmail``, the single sign on page as ``/sso``, webdav as ``/webdav`` and the static files endpoint as ``/static``, you may also want to use a single virtual host and serve other applications (still Nginx): .. code-block:: nginx @@ -71,6 +71,11 @@ Because the admin interface is served as ``/admin``, the Webmail as ``/webmail`` location /webdav { proxy_pass https://localhost:8443/webdav; proxy_set_header Host $http_host; + } + + location /static { + proxy_pass https://localhost:8443/static; + proxy_set_header Host $http_host; } location /main_app { diff --git a/towncrier/newsfragments/1929.enhancement b/towncrier/newsfragments/1929.enhancement index fa02c60b..12c4f607 100644 --- a/towncrier/newsfragments/1929.enhancement +++ b/towncrier/newsfragments/1929.enhancement @@ -1,9 +1,10 @@ -Improved the SSO page. Warning! The new endpoint /sso is introduced. -This endpoint is now used for handling sign on requests. -You may want to update your reverse proxy to proxy /sso to Mailu (to the front service). +Improved the SSO page. Warning! The new endpoints /sso and /static are introduced. +These endpoints are now used for handling sign on requests and shared static files. +You may want to update your reverse proxy to proxy /sso and /static to Mailu (to the front service). +The example section of using a reverse proxy is updated with this information. - New SSO page is used for logging in Admin or Webmail. - Made SSO page available separately. SSO page can now be used without Admin accessible (ADMIN=false). - Introduced stub /static which is used by all sites for accessing static files. - Removed the /admin/ prefix to reduce complexity of routing with Mailu. Admin is accessible directly via /admin instead of /admin/ui -Note: Failed logon attempts are logged in the logs of admin. You can watch this +Note: Failed logon attempts are logged in the logs of admin. You can watch this with fail2ban. From 8784971b7f995a95f3b2456a5f698f8ea19b12f4 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Thu, 28 Oct 2021 18:55:35 +0000 Subject: [PATCH 31/37] Merge rate limiting and failed login logging --- core/admin/mailu/sso/views/base.py | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py index e5d2cd45..b9088c03 100644 --- a/core/admin/mailu/sso/views/base.py +++ b/core/admin/mailu/sso/views/base.py @@ -1,5 +1,5 @@ from werkzeug.utils import redirect -from mailu import models +from mailu import models, utils from mailu.sso import sso, forms from mailu.ui import access @@ -9,6 +9,7 @@ import flask_login @sso.route('/login', methods=['GET', 'POST']) def login(): + client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr) form = forms.LoginForm() form.submitAdmin.label.text = form.submitAdmin.label.text + ' Admin' form.submitWebmail.label.text = form.submitWebmail.label.text + ' Webmail' @@ -18,23 +19,32 @@ def login(): fields.append(form.submitAdmin) if str(app.config["WEBMAIL"]).upper() != "NONE": fields.append(form.submitWebmail) - fields = tuple(fields) if form.validate_on_submit(): if form.submitAdmin.data: destination = app.config['WEB_ADMIN'] elif form.submitWebmail.data: destination = app.config['WEB_WEBMAIL'] - - user = models.User.login(form.email.data, form.pw.data) + device_cookie, device_cookie_username = utils.limiter.parse_device_cookie(flask.request.cookies.get('rate_limit')) + username = form.email.data + if username != device_cookie_username and utils.limiter.should_rate_limit_ip(client_ip): + flask.flash('Too many attempts from your IP (rate-limit)', 'error') + return flask.render_template('login.html', form=form) + if utils.limiter.should_rate_limit_user(username, client_ip, device_cookie, device_cookie_username): + flask.flash('Too many attempts for this user (rate-limit)', 'error') + return flask.render_template('login.html', form=form) + user = models.User.login(username, form.pw.data) if user: flask.session.regenerate() - flask_login.login_user(user) - return flask.redirect(destination) + flask_login.login_user(user) + response = flask.redirect(destination) + response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login')) + flask.current_app.logger.info(f'Login succeeded for {username} from {client_ip}.') + return response else: + utils.limiter.rate_limit_user(username, client_ip, device_cookie, device_cookie_username) if models.User.get(username) else utils.limiter.rate_limit_ip(client_ip) + flask.current_app.logger.warn(f'Login failed for {username} from {client_ip}.') flask.flash('Wrong e-mail or password', 'error') - client_ip = flask.request.headers["X-Real-IP"] if 'X-Real-IP' in flask.request.headers else flask.request.remote_addr - flask.current_app.logger.warn(f'Login failed for {str(form.email.data)} from {client_ip}.') return flask.render_template('login.html', form=form, fields=fields) @sso.route('/logout', methods=['GET']) From 3449b67c86ce0b966d9c48ff67fe3eea8548c35b Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Fri, 29 Oct 2021 08:18:50 +0000 Subject: [PATCH 32/37] Process code review remarks PR2023 --- core/admin/mailu/sso/__init__.py | 2 +- core/admin/mailu/sso/forms.py | 10 +------- .../mailu/sso/templates/sidebar_sso.html | 20 +++++----------- core/admin/mailu/sso/views/languages.py | 4 +--- core/admin/mailu/ui/__init__.py | 2 +- core/admin/mailu/ui/templates/sidebar.html | 6 ++--- core/nginx/conf/nginx.conf | 10 ++++---- docs/reverse.rst | 23 ++----------------- 8 files changed, 19 insertions(+), 58 deletions(-) diff --git a/core/admin/mailu/sso/__init__.py b/core/admin/mailu/sso/__init__.py index 4b4c057b..cc066234 100644 --- a/core/admin/mailu/sso/__init__.py +++ b/core/admin/mailu/sso/__init__.py @@ -1,5 +1,5 @@ from flask import Blueprint -sso = Blueprint('sso', __name__, static_folder='None' ,template_folder='templates') +sso = Blueprint('sso', __name__, static_folder=None ,template_folder='templates') from mailu.sso.views import * diff --git a/core/admin/mailu/sso/forms.py b/core/admin/mailu/sso/forms.py index fb48d9f9..c190b8bc 100644 --- a/core/admin/mailu/sso/forms.py +++ b/core/admin/mailu/sso/forms.py @@ -1,12 +1,6 @@ -from wtforms import validators, fields, widgets -from wtforms_components import fields as fields_ +from wtforms import validators, fields from flask_babel import lazy_gettext as _ - -import flask_login import flask_wtf -import re - -LOCALPART_REGEX = "^[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+)*$" class LoginForm(flask_wtf.FlaskForm): class Meta: @@ -15,5 +9,3 @@ class LoginForm(flask_wtf.FlaskForm): pw = fields.PasswordField(_('Password'), [validators.DataRequired()]) submitAdmin = fields.SubmitField(_('Sign in')) submitWebmail = fields.SubmitField(_('Sign in')) - - diff --git a/core/admin/mailu/sso/templates/sidebar_sso.html b/core/admin/mailu/sso/templates/sidebar_sso.html index 79e5832b..1c511aec 100644 --- a/core/admin/mailu/sso/templates/sidebar_sso.html +++ b/core/admin/mailu/sso/templates/sidebar_sso.html @@ -2,14 +2,6 @@
    diff --git a/core/dovecot/README.md b/core/dovecot/README.md index c8ae5982..e54b257e 100644 --- a/core/dovecot/README.md +++ b/core/dovecot/README.md @@ -4,7 +4,7 @@ Mailu Dovecot container Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. It's fast, simple to set up, requires no special administration and it uses very little memory. - + In the Mailu stack it is used as the IMAP/POP frontend service. Resources From 8c31699baf73fbe08923434591a38a9ccce5728e Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Fri, 29 Oct 2021 15:29:20 +0200 Subject: [PATCH 36/37] fixed locale selector for no_NB --- core/admin/mailu/sso/templates/base_sso.html | 2 +- core/admin/mailu/ui/templates/base.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/admin/mailu/sso/templates/base_sso.html b/core/admin/mailu/sso/templates/base_sso.html index 17aedff7..9dfb25a5 100644 --- a/core/admin/mailu/sso/templates/base_sso.html +++ b/core/admin/mailu/sso/templates/base_sso.html @@ -38,7 +38,7 @@ {{ session['language'] }}
    • diff --git a/core/admin/mailu/ui/templates/base.html b/core/admin/mailu/ui/templates/base.html index 12f61149..e646e579 100644 --- a/core/admin/mailu/ui/templates/base.html +++ b/core/admin/mailu/ui/templates/base.html @@ -38,7 +38,7 @@ {{ session['language'] }} From 9bc685c30b339b70b106f8c5a1f74d20449d70c9 Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Fri, 29 Oct 2021 15:34:00 +0200 Subject: [PATCH 37/37] removed some more whitespace --- core/admin/mailu/internal/templates/default.sieve | 4 ++-- core/admin/mailu/manage.py | 2 +- core/admin/mailu/sso/__init__.py | 2 +- core/admin/mailu/sso/templates/form_sso.html | 6 +++--- core/admin/mailu/translations/pl/LC_MESSAGES/messages.po | 4 ++-- core/admin/mailu/ui/templates/macros.html | 2 +- core/admin/migrations/env.py | 2 +- core/dovecot/start.py | 2 +- core/postfix/start.py | 2 +- 9 files changed, 13 insertions(+), 13 deletions(-) diff --git a/core/admin/mailu/internal/templates/default.sieve b/core/admin/mailu/internal/templates/default.sieve index 5e995611..a29e7aba 100644 --- a/core/admin/mailu/internal/templates/default.sieve +++ b/core/admin/mailu/internal/templates/default.sieve @@ -19,7 +19,7 @@ if header :index 2 :matches "Received" "from * by * for <*>; *" } {% if user.spam_enabled %} -if spamtest :percent :value "gt" :comparator "i;ascii-numeric" "{{ user.spam_threshold }}" +if spamtest :percent :value "gt" :comparator "i;ascii-numeric" "{{ user.spam_threshold }}" { setflag "\\seen"; fileinto :create "Junk"; @@ -32,6 +32,6 @@ if exists "X-Virus" { stop; } -{% if user.reply_active %} +{% if user.reply_active %} vacation :days 1 {% if user.displayed_name != "" %}:from "{{ user.displayed_name }} <{{ user.email }}>"{% endif %} :subject "{{ user.reply_subject }}" "{{ user.reply_body }}"; {% endif %} diff --git a/core/admin/mailu/manage.py b/core/admin/mailu/manage.py index 54f4b826..937c9f49 100644 --- a/core/admin/mailu/manage.py +++ b/core/admin/mailu/manage.py @@ -119,7 +119,7 @@ def password(localpart, domain_name, password): """ Change the password of an user """ email = f'{localpart}@{domain_name}' - user = models.User.query.get(email) + user = models.User.query.get(email) if user: user.set_password(password) else: diff --git a/core/admin/mailu/sso/__init__.py b/core/admin/mailu/sso/__init__.py index cc066234..98b5abd0 100644 --- a/core/admin/mailu/sso/__init__.py +++ b/core/admin/mailu/sso/__init__.py @@ -1,5 +1,5 @@ from flask import Blueprint -sso = Blueprint('sso', __name__, static_folder=None ,template_folder='templates') +sso = Blueprint('sso', __name__, static_folder=None, template_folder='templates') from mailu.sso.views import * diff --git a/core/admin/mailu/sso/templates/form_sso.html b/core/admin/mailu/sso/templates/form_sso.html index efcc95a9..b14e7600 100644 --- a/core/admin/mailu/sso/templates/form_sso.html +++ b/core/admin/mailu/sso/templates/form_sso.html @@ -3,9 +3,9 @@ {%- block content %} {%- call macros.card() %}
    - {{ macros.form_field(form.email) }} - {{ macros.form_field(form.pw) }} - {{ macros.form_fields( fields, label=False, class="btn btn-default", spacing=False) }} + {{ macros.form_field(form.email) }} + {{ macros.form_field(form.pw) }} + {{ macros.form_fields(fields, label=False, class="btn btn-default", spacing=False) }}
    {%- endcall %} {%- endblock %} diff --git a/core/admin/mailu/translations/pl/LC_MESSAGES/messages.po b/core/admin/mailu/translations/pl/LC_MESSAGES/messages.po index 664ff571..09130a7b 100644 --- a/core/admin/mailu/translations/pl/LC_MESSAGES/messages.po +++ b/core/admin/mailu/translations/pl/LC_MESSAGES/messages.po @@ -551,11 +551,11 @@ msgid "" "cache\n" " expires." msgstr "" -"Jeśli nie wiesz, jak skonfigurować rekord MX dla swojej " +"Jeśli nie wiesz, jak skonfigurować rekord MX dla swojej " "strefy DNS,\n" "skontaktuj się z dostawcą DNS lub administratorem. Proszę również " "poczekać\n" -"kilka minut po ustawieniu MX , żeby pamięć podręczna " +"kilka minut po ustawieniu MX , żeby pamięć podręczna " "serwera lokalnego wygasła." #: mailu/ui/templates/fetch/create.html:4 diff --git a/core/admin/mailu/ui/templates/macros.html b/core/admin/mailu/ui/templates/macros.html index d18e6584..5143b697 100644 --- a/core/admin/mailu/ui/templates/macros.html +++ b/core/admin/mailu/ui/templates/macros.html @@ -58,7 +58,7 @@
    {{ form.hidden_tag() }} {%- for field in form %} - {%- if bootstrap_is_hidden_field(field) %} + {%- if bootstrap_is_hidden_field(field) %} {{ field() }} {%- else %} {{ form_field(field) }} diff --git a/core/admin/migrations/env.py b/core/admin/migrations/env.py index cdfd2248..3e45bb18 100755 --- a/core/admin/migrations/env.py +++ b/core/admin/migrations/env.py @@ -37,7 +37,7 @@ def run_migrations_offline(): This configures the context with just a URL and not an Engine, though an Engine is acceptable - here as well. By skipping the Engine creation + here as well. By skipping the Engine creation we don't even need a DBAPI to be available. Calls to context.execute() here emit the given string to the diff --git a/core/dovecot/start.py b/core/dovecot/start.py index 1845eb93..03bdfa80 100755 --- a/core/dovecot/start.py +++ b/core/dovecot/start.py @@ -6,7 +6,7 @@ import multiprocessing import logging as log import sys -from podop import run_server +from podop import run_server from socrate import system, conf log.basicConfig(stream=sys.stderr, level=os.environ.get("LOG_LEVEL", "WARNING")) diff --git a/core/postfix/start.py b/core/postfix/start.py index c889dce1..06a097b8 100755 --- a/core/postfix/start.py +++ b/core/postfix/start.py @@ -7,7 +7,7 @@ import multiprocessing import logging as log import sys -from podop import run_server +from podop import run_server from pwd import getpwnam from socrate import system, conf