do it once

core/admin/mailu/configuration.py

@@ -154,6 +154,10 @@ class ConfigManager:
         self.config['SESSION_COOKIE_SAMESITE'] = 'Strict'
         self.config['SESSION_COOKIE_HTTPONLY'] = True
         self.config['SESSION_PERMANENT'] = True
+        self.config['SESSION_TIMEOUT'] = int(self.config['SESSION_TIMEOUT'])
+        self.config['PERMANENT_SESSION_LIFETIME'] = int(self.config['PERMANENT_SESSION_LIFETIME'])
+        self.config['AUTH_RATELIMIT_IP_V4_MASK'] = int(self.config['AUTH_RATELIMIT_IP_V4_MASK'])
+        self.config['AUTH_RATELIMIT_IP_V6_MASK'] = int(self.config['AUTH_RATELIMIT_IP_V6_MASK'])
         hostnames = [host.strip() for host in self.config['HOSTNAMES'].split(',')]
         self.config['AUTH_RATELIMIT_EXEMPTION'] = set(ipaddress.ip_network(cidr, False) for cidr in (cidr.strip() for cidr in self.config['AUTH_RATELIMIT_EXEMPTION'].split(',')) if cidr)
         self.config['MESSAGE_RATELIMIT_EXEMPTION'] = set([s for s in self.config['MESSAGE_RATELIMIT_EXEMPTION'].lower().replace(' ', '').split(',') if s])

core/admin/mailu/utils.py

@@ -79,9 +79,9 @@ limiter = limiter.LimitWraperFactory()
 def extract_network_from_ip(ip):
     n = ipaddress.ip_network(ip)
     if n.version == 4:
-        return str(n.supernet(prefixlen_diff=(32-int(app.config["AUTH_RATELIMIT_IP_V4_MASK"]))).network_address)
+        return str(n.supernet(prefixlen_diff=(32-app.config["AUTH_RATELIMIT_IP_V4_MASK"])).network_address)
     else:
-        return str(n.supernet(prefixlen_diff=(128-int(app.config["AUTH_RATELIMIT_IP_V6_MASK"]))).network_address)
+        return str(n.supernet(prefixlen_diff=(128-app.config["AUTH_RATELIMIT_IP_V6_MASK"])).network_address)
 
 def is_exempt_from_ratelimits(ip):
     ip = ipaddress.ip_address(ip)
@@ -270,7 +270,7 @@ class MailuSession(CallbackDict, SessionMixin):
             if 'webmail_token' in self:
                 app.session_store.put(self['webmail_token'],
                         self.sid,
-                        int(app.config['PERMANENT_SESSION_LIFETIME']),
+                        app.config['PERMANENT_SESSION_LIFETIME'],
                 )
 
         # get new session key
@@ -284,7 +284,7 @@ class MailuSession(CallbackDict, SessionMixin):
         self.app.session_store.put(
             key,
             pickle.dumps(dict(self)),
-            int(app.config['SESSION_TIMEOUT']),
+            app.config['SESSION_TIMEOUT'],
         )
 
         self._key = key
@@ -357,7 +357,7 @@ class MailuSessionConfig:
         if now is None:
             now = int(time.time())
         created = int.from_bytes(created, byteorder='big')
-        if not created <= now <= created + int(app.config['PERMANENT_SESSION_LIFETIME']):
+        if not created <= now <= created + app.config['PERMANENT_SESSION_LIFETIME']:
             return None
 
         return (uid, sid, crt)
@@ -402,7 +402,7 @@ class MailuSessionInterface(SessionInterface):
             response.set_cookie(
                 app.session_cookie_name,
                 session.sid,
-                expires=datetime.now()+timedelta(seconds=int(app.config['PERMANENT_SESSION_LIFETIME'])),
+                expires=datetime.now()+timedelta(seconds=app.config['PERMANENT_SESSION_LIFETIME']),
                 httponly=self.get_cookie_httponly(app),
                 domain=self.get_cookie_domain(app),
                 path=self.get_cookie_path(app),
@@ -494,6 +494,6 @@ def gen_temp_token(email, session):
     session['webmail_token'] = token
     app.session_store.put(token,
             session.sid,
-            int(app.config['PERMANENT_SESSION_LIFETIME']),
+            app.config['PERMANENT_SESSION_LIFETIME'],
     )
     return token