|
|
@ -67,7 +67,7 @@ def proxy(target='webmail'):
|
|
|
|
if not any(ip in cidr for cidr in app.config['PROXY_AUTH_WHITELIST']):
|
|
|
|
if not any(ip in cidr for cidr in app.config['PROXY_AUTH_WHITELIST']):
|
|
|
|
return flask.abort(500, '%s is not on PROXY_AUTH_WHITELIST' % flask.request.remote_addr)
|
|
|
|
return flask.abort(500, '%s is not on PROXY_AUTH_WHITELIST' % flask.request.remote_addr)
|
|
|
|
|
|
|
|
|
|
|
|
email = flask.request.headers.get(app.config['PROXY_AUTH_HEADER'], None)
|
|
|
|
email = flask.request.headers.get(app.config['PROXY_AUTH_HEADER'])
|
|
|
|
if not email:
|
|
|
|
if not email:
|
|
|
|
return flask.abort(500, 'No %s header' % app.config['PROXY_AUTH_HEADER'])
|
|
|
|
return flask.abort(500, 'No %s header' % app.config['PROXY_AUTH_HEADER'])
|
|
|
|
|
|
|
|
|
|
|
@ -76,8 +76,13 @@ def proxy(target='webmail'):
|
|
|
|
flask.session.regenerate()
|
|
|
|
flask.session.regenerate()
|
|
|
|
flask_login.login_user(user)
|
|
|
|
flask_login.login_user(user)
|
|
|
|
return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL'])
|
|
|
|
return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL'])
|
|
|
|
elif app.config['PROXY_AUTH_CREATE']:
|
|
|
|
|
|
|
|
localpart, desireddomain = email.split('@')
|
|
|
|
if not app.config['PROXY_AUTH_CREATE']:
|
|
|
|
|
|
|
|
return flask.abort(500, 'You don\'t exist. Go away! (%s)' % email)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr)
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
|
|
|
localpart, desireddomain = email.rsplit('@')
|
|
|
|
domain = models.Domain.query.get(desireddomain) or flask.abort(500, 'You don\'t exist. Go away! (domain=%s)' % desireddomain)
|
|
|
|
domain = models.Domain.query.get(desireddomain) or flask.abort(500, 'You don\'t exist. Go away! (domain=%s)' % desireddomain)
|
|
|
|
if not domain.max_users == -1 and len(domain.users) >= domain.max_users:
|
|
|
|
if not domain.max_users == -1 and len(domain.users) >= domain.max_users:
|
|
|
|
flask.current_app.logger.warning('Too many users for domain %s' % domain)
|
|
|
|
flask.current_app.logger.warning('Too many users for domain %s' % domain)
|
|
|
@ -87,8 +92,8 @@ def proxy(target='webmail'):
|
|
|
|
models.db.session.add(user)
|
|
|
|
models.db.session.add(user)
|
|
|
|
models.db.session.commit()
|
|
|
|
models.db.session.commit()
|
|
|
|
user.send_welcome()
|
|
|
|
user.send_welcome()
|
|
|
|
client_ip = flask.request.headers.get('X-Real-IP', flask.request.remote_addr)
|
|
|
|
|
|
|
|
flask.current_app.logger.info(f'Login succeeded by proxy created user: {user} from {client_ip} through {flask.request.remote_addr}.')
|
|
|
|
flask.current_app.logger.info(f'Login succeeded by proxy created user: {user} from {client_ip} through {flask.request.remote_addr}.')
|
|
|
|
return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL'])
|
|
|
|
return flask.redirect(app.config['WEB_ADMIN'] if target=='admin' else app.config['WEB_WEBMAIL'])
|
|
|
|
else:
|
|
|
|
except Exception as e:
|
|
|
|
|
|
|
|
flask.current_app.logger.error('Error creating a new user via proxy for %s from %s: %s' % (email, client_ip, str(e)), e)
|
|
|
|
return flask.abort(500, 'You don\'t exist. Go away! (%s)' % email)
|
|
|
|
return flask.abort(500, 'You don\'t exist. Go away! (%s)' % email)
|
|
|
|