From 546884d10cc5ba995044891051a4c3278f7d686d Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Thu, 24 Nov 2022 09:31:27 +0100 Subject: [PATCH] ghost's requested changes --- core/admin/mailu/sso/views/base.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py index 600f62f4..b7fe9c97 100644 --- a/core/admin/mailu/sso/views/base.py +++ b/core/admin/mailu/sso/views/base.py @@ -67,7 +67,7 @@ def proxy(target='webmail'): if not any(ip in cidr for cidr in app.config['PROXY_AUTH_WHITELIST']): return flask.abort(500, '%s is not on PROXY_AUTH_WHITELIST' % flask.request.remote_addr) - email = flask.request.headers.get(app.config['PROXY_AUTH_HEADER'], None) + email = flask.request.headers.get(app.config['PROXY_AUTH_HEADER']) if not email: return flask.abort(500, 'No %s header' % app.config['PROXY_AUTH_HEADER']) @@ -76,8 +76,13 @@ def proxy(target='webmail'): flask.session.regenerate() flask_login.login_user(user) return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL']) - elif app.config['PROXY_AUTH_CREATE']: - localpart, desireddomain = email.split('@') + + if not app.config['PROXY_AUTH_CREATE']: + return flask.abort(500, 'You don\'t exist. Go away! (%s)' % email) + + client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr) + try: + localpart, desireddomain = email.rsplit('@') domain = models.Domain.query.get(desireddomain) or flask.abort(500, 'You don\'t exist. Go away! (domain=%s)' % desireddomain) if not domain.max_users == -1 and len(domain.users) >= domain.max_users: flask.current_app.logger.warning('Too many users for domain %s' % domain) @@ -87,8 +92,8 @@ def proxy(target='webmail'): models.db.session.add(user) models.db.session.commit() user.send_welcome() - client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr) flask.current_app.logger.info(f'Login succeeded by proxy created user: {user} from {client_ip} through {flask.request.remote_addr}.') return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL']) - else: + except Exception as e: + flask.current_app.logger.error('Error creating a new user via proxy for %s from %s: %s' % (email, client_ip, str(e)), e) return flask.abort(500, 'You don\'t exist. Go away! (%s)' % email)