From 8775dc5b155d7ad97672f1eb5b47a9dd01031211 Mon Sep 17 00:00:00 2001
From: Maximilian Fischer <github@maaeps.de>
Date: Thu, 17 Mar 2022 20:36:23 +0100
Subject: [PATCH 1/4] Fixing AUTH_RATELIMIT_IP not working on imap/pop3/smtp

#2283
---
 core/admin/mailu/internal/views/auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/mailu/internal/views/auth.py b/core/admin/mailu/internal/views/auth.py
index ab259864..0dbc8dc9 100644
--- a/core/admin/mailu/internal/views/auth.py
+++ b/core/admin/mailu/internal/views/auth.py
@@ -32,7 +32,7 @@ def nginx_authentication():
     for key, value in headers.items():
         response.headers[key] = str(value)
     is_valid_user = False
-    if response.headers.get("Auth-User-Exists"):
+    if response.headers.get("Auth-User-Exists")=="True":
         username = response.headers["Auth-User"]
         if utils.limiter.should_rate_limit_user(username, client_ip):
             # FIXME could be done before handle_authentication()

From dcfe0fbe91a5b48d0143ee41229de7d0d9a7dcf5 Mon Sep 17 00:00:00 2001
From: Maximilian Fischer <github@maaeps.de>
Date: Thu, 17 Mar 2022 20:40:08 +0100
Subject: [PATCH 2/4] Create 2284.bugfix

---
 towncrier/newsfragments/2284.bugfix | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 towncrier/newsfragments/2284.bugfix

diff --git a/towncrier/newsfragments/2284.bugfix b/towncrier/newsfragments/2284.bugfix
new file mode 100644
index 00000000..d264db89
--- /dev/null
+++ b/towncrier/newsfragments/2284.bugfix
@@ -0,0 +1 @@
+Fixed AUTH_RATELIMIT_IP not working on imap/pop3/smtp.
\ No newline at end of file

From 630a4e9b5e18d301c83f8e49de366656c44d0857 Mon Sep 17 00:00:00 2001
From: Alexander Graf <ghostwheel42@users.noreply.github.com>
Date: Fri, 18 Mar 2022 20:05:16 +0100
Subject: [PATCH 3/4] Update auth.py

Add spaces
---
 core/admin/mailu/internal/views/auth.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/mailu/internal/views/auth.py b/core/admin/mailu/internal/views/auth.py
index 0dbc8dc9..426c0c49 100644
--- a/core/admin/mailu/internal/views/auth.py
+++ b/core/admin/mailu/internal/views/auth.py
@@ -32,7 +32,7 @@ def nginx_authentication():
     for key, value in headers.items():
         response.headers[key] = str(value)
     is_valid_user = False
-    if response.headers.get("Auth-User-Exists")=="True":
+    if response.headers.get("Auth-User-Exists") == "True":
         username = response.headers["Auth-User"]
         if utils.limiter.should_rate_limit_user(username, client_ip):
             # FIXME could be done before handle_authentication()

From 64ad6931e993b5867ea5eec38d4ecd554d101a74 Mon Sep 17 00:00:00 2001
From: Alexander Graf <ghostwheel42@users.noreply.github.com>
Date: Fri, 18 Mar 2022 20:08:16 +0100
Subject: [PATCH 4/4] Move 'is_valid_user = user is not None' into else

---
 core/admin/mailu/internal/nginx.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/admin/mailu/internal/nginx.py b/core/admin/mailu/internal/nginx.py
index b7e246af..2ee6d9b3 100644
--- a/core/admin/mailu/internal/nginx.py
+++ b/core/admin/mailu/internal/nginx.py
@@ -94,11 +94,11 @@ def handle_authentication(headers):
         else:
             try:
                 user = models.User.query.get(user_email) if '@' in user_email else None
-                is_valid_user = user is not None
             except sqlalchemy.exc.StatementError as exc:
                 exc = str(exc).split('\n', 1)[0]
                 app.logger.warn(f'Invalid user {user_email!r}: {exc}')
             else:
+                is_valid_user = user is not None
                 ip = urllib.parse.unquote(headers["Client-Ip"])
                 if check_credentials(user, password, ip, protocol, headers["Auth-Port"]):
                     server, port = get_server(headers["Auth-Protocol"], True)