diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py index 72241d0c..7fcecfea 100644 --- a/core/admin/mailu/configuration.py +++ b/core/admin/mailu/configuration.py @@ -154,6 +154,10 @@ class ConfigManager: self.config['SESSION_COOKIE_SAMESITE'] = 'Strict' self.config['SESSION_COOKIE_HTTPONLY'] = True self.config['SESSION_PERMANENT'] = True + self.config['SESSION_TIMEOUT'] = int(self.config['SESSION_TIMEOUT']) + self.config['PERMANENT_SESSION_LIFETIME'] = int(self.config['PERMANENT_SESSION_LIFETIME']) + self.config['AUTH_RATELIMIT_IP_V4_MASK'] = int(self.config['AUTH_RATELIMIT_IP_V4_MASK']) + self.config['AUTH_RATELIMIT_IP_V6_MASK'] = int(self.config['AUTH_RATELIMIT_IP_V6_MASK']) hostnames = [host.strip() for host in self.config['HOSTNAMES'].split(',')] self.config['AUTH_RATELIMIT_EXEMPTION'] = set(ipaddress.ip_network(cidr, False) for cidr in (cidr.strip() for cidr in self.config['AUTH_RATELIMIT_EXEMPTION'].split(',')) if cidr) self.config['MESSAGE_RATELIMIT_EXEMPTION'] = set([s for s in self.config['MESSAGE_RATELIMIT_EXEMPTION'].lower().replace(' ', '').split(',') if s]) diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py index 4b556a96..fa27948f 100644 --- a/core/admin/mailu/utils.py +++ b/core/admin/mailu/utils.py @@ -79,9 +79,9 @@ limiter = limiter.LimitWraperFactory() def extract_network_from_ip(ip): n = ipaddress.ip_network(ip) if n.version == 4: - return str(n.supernet(prefixlen_diff=(32-int(app.config["AUTH_RATELIMIT_IP_V4_MASK"]))).network_address) + return str(n.supernet(prefixlen_diff=(32-app.config["AUTH_RATELIMIT_IP_V4_MASK"])).network_address) else: - return str(n.supernet(prefixlen_diff=(128-int(app.config["AUTH_RATELIMIT_IP_V6_MASK"]))).network_address) + return str(n.supernet(prefixlen_diff=(128-app.config["AUTH_RATELIMIT_IP_V6_MASK"])).network_address) def is_exempt_from_ratelimits(ip): ip = ipaddress.ip_address(ip) @@ -270,7 +270,7 @@ class MailuSession(CallbackDict, SessionMixin): if 'webmail_token' in self: app.session_store.put(self['webmail_token'], self.sid, - int(app.config['PERMANENT_SESSION_LIFETIME']), + app.config['PERMANENT_SESSION_LIFETIME'], ) # get new session key @@ -284,7 +284,7 @@ class MailuSession(CallbackDict, SessionMixin): self.app.session_store.put( key, pickle.dumps(dict(self)), - int(app.config['SESSION_TIMEOUT']), + app.config['SESSION_TIMEOUT'], ) self._key = key @@ -357,7 +357,7 @@ class MailuSessionConfig: if now is None: now = int(time.time()) created = int.from_bytes(created, byteorder='big') - if not created <= now <= created + int(app.config['PERMANENT_SESSION_LIFETIME']): + if not created <= now <= created + app.config['PERMANENT_SESSION_LIFETIME']: return None return (uid, sid, crt) @@ -402,7 +402,7 @@ class MailuSessionInterface(SessionInterface): response.set_cookie( app.session_cookie_name, session.sid, - expires=datetime.now()+timedelta(seconds=int(app.config['PERMANENT_SESSION_LIFETIME'])), + expires=datetime.now()+timedelta(seconds=app.config['PERMANENT_SESSION_LIFETIME']), httponly=self.get_cookie_httponly(app), domain=self.get_cookie_domain(app), path=self.get_cookie_path(app), @@ -494,6 +494,6 @@ def gen_temp_token(email, session): session['webmail_token'] = token app.session_store.put(token, session.sid, - int(app.config['PERMANENT_SESSION_LIFETIME']), + app.config['PERMANENT_SESSION_LIFETIME'], ) return token