Compare commits
4 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 7ea45d6f5d | |||
| 6d24db50bd | |||
| 88f270c6a1 | |||
| 0962b1cf29 |
@ -36,6 +36,7 @@ steps:
|
||||
status:
|
||||
- success
|
||||
- failure
|
||||
- killed
|
||||
settings:
|
||||
webhook:
|
||||
from_secret: slack_webhook
|
||||
|
||||
@ -30,7 +30,7 @@ class ChangeEmailForm(FlaskForm):
|
||||
@dashboard_bp.route("/mailbox/<int:mailbox_id>/", methods=["GET", "POST"])
|
||||
@login_required
|
||||
def mailbox_detail_route(mailbox_id):
|
||||
mailbox = Mailbox.get(mailbox_id)
|
||||
mailbox: Mailbox = Mailbox.get(mailbox_id)
|
||||
if not mailbox or mailbox.user_id != current_user.id:
|
||||
flash("You cannot see this page", "warning")
|
||||
return redirect(url_for("dashboard.index"))
|
||||
@ -144,6 +144,15 @@ def mailbox_detail_route(mailbox_id):
|
||||
url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
|
||||
)
|
||||
|
||||
if mailbox.is_proton():
|
||||
flash(
|
||||
"Enabling PGP for a Proton Mail mailbox is redundant and does not add any security benefit",
|
||||
"info",
|
||||
)
|
||||
return redirect(
|
||||
url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
|
||||
)
|
||||
|
||||
mailbox.pgp_public_key = request.form.get("pgp")
|
||||
try:
|
||||
mailbox.pgp_finger_print = load_public_key_and_check(
|
||||
@ -182,25 +191,16 @@ def mailbox_detail_route(mailbox_id):
|
||||
)
|
||||
elif request.form.get("form-name") == "generic-subject":
|
||||
if request.form.get("action") == "save":
|
||||
if not mailbox.pgp_enabled():
|
||||
flash(
|
||||
"Generic subject can only be used on PGP-enabled mailbox",
|
||||
"error",
|
||||
)
|
||||
return redirect(
|
||||
url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
|
||||
)
|
||||
|
||||
mailbox.generic_subject = request.form.get("generic-subject")
|
||||
Session.commit()
|
||||
flash("Generic subject for PGP-encrypted email is enabled", "success")
|
||||
flash("Generic subject is enabled", "success")
|
||||
return redirect(
|
||||
url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
|
||||
)
|
||||
elif request.form.get("action") == "remove":
|
||||
mailbox.generic_subject = None
|
||||
Session.commit()
|
||||
flash("Generic subject for PGP-encrypted email is disabled", "success")
|
||||
flash("Generic subject is disabled", "success")
|
||||
return redirect(
|
||||
url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
|
||||
)
|
||||
|
||||
@ -34,7 +34,7 @@ def get_cname_record(hostname) -> Optional[str]:
|
||||
|
||||
|
||||
def get_mx_domains(hostname) -> [(int, str)]:
|
||||
"""return list of (priority, domain name).
|
||||
"""return list of (priority, domain name) sorted by priority (lowest priority first)
|
||||
domain name ends with a "." at the end.
|
||||
"""
|
||||
try:
|
||||
@ -50,7 +50,7 @@ def get_mx_domains(hostname) -> [(int, str)]:
|
||||
|
||||
ret.append((int(parts[0]), parts[1]))
|
||||
|
||||
return ret
|
||||
return sorted(ret, key=lambda prio_domain: prio_domain[0])
|
||||
|
||||
|
||||
_include_spf = "include:"
|
||||
|
||||
@ -121,3 +121,10 @@ class AccountAlreadyLinkedToAnotherUserException(LinkException):
|
||||
class AccountIsUsingAliasAsEmail(LinkException):
|
||||
def __init__(self):
|
||||
super().__init__("Your account has an alias as it's email address")
|
||||
|
||||
|
||||
class ProtonAccountNotVerified(LinkException):
|
||||
def __init__(self):
|
||||
super().__init__(
|
||||
"The Proton account you are trying to use has not been verified"
|
||||
)
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
import urllib
|
||||
from email.header import Header
|
||||
from email.message import Message
|
||||
|
||||
from app.email import headers
|
||||
@ -33,6 +34,8 @@ class UnsubscribeGenerator:
|
||||
if not unsubscribe_data:
|
||||
LOG.info("Email has no unsubscribe header")
|
||||
return message
|
||||
if isinstance(unsubscribe_data, Header):
|
||||
unsubscribe_data = str(unsubscribe_data.encode)
|
||||
raw_methods = [method.strip() for method in unsubscribe_data.split(",")]
|
||||
mailto_unsubs = None
|
||||
other_unsubs = []
|
||||
|
||||
@ -30,6 +30,8 @@ from sqlalchemy_utils import ArrowType
|
||||
from app import config
|
||||
from app import s3
|
||||
from app.db import Session
|
||||
from app.dns_utils import get_mx_domains
|
||||
|
||||
from app.errors import (
|
||||
AliasInTrashError,
|
||||
DirectoryInTrashError,
|
||||
@ -2569,6 +2571,27 @@ class Mailbox(Base, ModelMixin):
|
||||
+ Alias.filter_by(mailbox_id=self.id).count()
|
||||
)
|
||||
|
||||
def is_proton(self) -> bool:
|
||||
if (
|
||||
self.email.endswith("@proton.me")
|
||||
or self.email.endswith("@protonmail.com")
|
||||
or self.email.endswith("@protonmail.ch")
|
||||
or self.email.endswith("@pm.me")
|
||||
):
|
||||
return True
|
||||
|
||||
from app.email_utils import get_email_local_part
|
||||
|
||||
mx_domains: [(int, str)] = get_mx_domains(get_email_local_part(self.email))
|
||||
# Proton is the first domain
|
||||
if mx_domains and mx_domains[0][1] in (
|
||||
"mail.protonmail.ch.",
|
||||
"mailsec.protonmail.ch.",
|
||||
):
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
@classmethod
|
||||
def delete(cls, obj_id):
|
||||
mailbox: Mailbox = cls.get(obj_id)
|
||||
|
||||
@ -7,11 +7,12 @@ from typing import Optional
|
||||
|
||||
from app.account_linking import SLPlan, SLPlanType
|
||||
from app.config import PROTON_EXTRA_HEADER_NAME, PROTON_EXTRA_HEADER_VALUE
|
||||
from app.errors import ProtonAccountNotVerified
|
||||
from app.log import LOG
|
||||
|
||||
_APP_VERSION = "OauthClient_1.0.0"
|
||||
|
||||
PROTON_ERROR_CODE_NOT_EXISTS = 2501
|
||||
PROTON_ERROR_CODE_HV_NEEDED = 9001
|
||||
|
||||
PLAN_FREE = 1
|
||||
PLAN_PREMIUM = 2
|
||||
@ -57,6 +58,15 @@ def convert_access_token(access_token_response: str) -> AccessCredentials:
|
||||
)
|
||||
|
||||
|
||||
def handle_response_not_ok(status: int, body: dict, text: str) -> Exception:
|
||||
if status == HTTPStatus.UNPROCESSABLE_ENTITY:
|
||||
res_code = body.get("Code")
|
||||
if res_code == PROTON_ERROR_CODE_HV_NEEDED:
|
||||
return ProtonAccountNotVerified()
|
||||
|
||||
return Exception(f"Unexpected status code. Wanted 200 and got {status}: " + text)
|
||||
|
||||
|
||||
class ProtonClient(ABC):
|
||||
@abstractmethod
|
||||
def get_user(self) -> Optional[UserInformation]:
|
||||
@ -124,11 +134,11 @@ class HttpProtonClient(ProtonClient):
|
||||
@staticmethod
|
||||
def __validate_response(res: Response) -> dict:
|
||||
status = res.status_code
|
||||
if status != HTTPStatus.OK:
|
||||
raise Exception(
|
||||
f"Unexpected status code. Wanted 200 and got {status}: " + res.text
|
||||
)
|
||||
as_json = res.json()
|
||||
if status != HTTPStatus.OK:
|
||||
raise HttpProtonClient.__handle_response_not_ok(
|
||||
status=status, body=as_json, text=res.text
|
||||
)
|
||||
res_code = as_json.get("Code")
|
||||
if not res_code or res_code != 1000:
|
||||
raise Exception(
|
||||
|
||||
@ -878,9 +878,6 @@ def forward_email_to_mailbox(
|
||||
headers_to_keep.append(headers.AUTHENTICATION_RESULTS)
|
||||
delete_all_headers_except(msg, headers_to_keep)
|
||||
|
||||
# create PGP email if needed
|
||||
if mailbox.pgp_enabled() and user.is_premium() and not alias.disable_pgp:
|
||||
LOG.d("Encrypt message using mailbox %s", mailbox)
|
||||
if mailbox.generic_subject:
|
||||
LOG.d("Use a generic subject for %s", mailbox)
|
||||
orig_subject = msg[headers.SUBJECT]
|
||||
@ -894,6 +891,10 @@ def forward_email_to_mailbox(
|
||||
f"""Forwarded by SimpleLogin to {alias.email} from "{sender}" with <b>{orig_subject}</b> as subject""",
|
||||
)
|
||||
|
||||
# create PGP email if needed
|
||||
if mailbox.pgp_enabled() and user.is_premium() and not alias.disable_pgp:
|
||||
LOG.d("Encrypt message using mailbox %s", mailbox)
|
||||
|
||||
try:
|
||||
msg = prepare_pgp_message(
|
||||
msg, mailbox.pgp_finger_print, mailbox.pgp_public_key, can_sign=True
|
||||
|
||||
@ -133,6 +133,7 @@
|
||||
<div>
|
||||
<span>
|
||||
<a href="{{ 'mailto:' + contact.website_send_to() }}"
|
||||
target="_blank"
|
||||
data-toggle="tooltip"
|
||||
title="You can click on this to open your email client. Or use the copy button 👉"
|
||||
class="font-weight-bold">
|
||||
|
||||
@ -48,7 +48,7 @@
|
||||
{% if scope == "email" %}
|
||||
|
||||
Email:
|
||||
<a href="mailto:{{ val }}">{{ val }}</a>
|
||||
<a href="mailto:{{ val }}" target="_blank">{{ val }}</a>
|
||||
{% elif scope == "name" %}
|
||||
Name: {{ val }}
|
||||
{% endif %}
|
||||
|
||||
@ -71,7 +71,18 @@
|
||||
</form>
|
||||
</div>
|
||||
<!-- END Change email -->
|
||||
{% if mailbox.pgp_finger_print and not mailbox.disable_pgp and current_user.include_sender_in_reverse_alias %}
|
||||
<!-- Not show PGP option for Proton mailbox -->
|
||||
{% if mailbox.is_proton() and not mailbox.pgp_enabled() %}
|
||||
|
||||
<div class="alert alert-info">
|
||||
As an email is always encrypted at rest in Proton Mail, having SimpleLogin also encrypt your email is redundant and does not add any security benefit.
|
||||
<br>
|
||||
The PGP option on SimpleLogin is instead useful for when your mailbox provider isn't encrypted by default like Gmail, Outlook, etc.
|
||||
</div>
|
||||
{% endif %}
|
||||
<div class="{% if mailbox.is_proton() and not mailbox.pgp_enabled() %}
|
||||
disabled-content{% endif %}">
|
||||
{% if mailbox.pgp_finger_print and not mailbox.disable_pgp and current_user.include_sender_in_reverse_alias and not mailbox.is_proton() %}
|
||||
|
||||
<div class="alert alert-info">
|
||||
Email headers like <span class="italic">From, To, Subject</span> aren't encrypted by PGP.
|
||||
@ -126,37 +137,30 @@
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<div class="card" {% if not mailbox.pgp_enabled() %}
|
||||
disabled {% endif %}>
|
||||
<form method="post">
|
||||
</div>
|
||||
<div class="card" id="generic-subject">
|
||||
<form method="post" action="#generic-subject">
|
||||
{{ csrf_form.csrf_token }}
|
||||
<input type="hidden" name="form-name" value="generic-subject">
|
||||
<div class="card-body">
|
||||
<div class="card-title">
|
||||
Hide email subject when PGP is enabled
|
||||
Hide email subject
|
||||
<div class="small-text mt-1">
|
||||
When PGP is enabled, you can choose to use a <b>generic</b> subject for the forwarded emails.
|
||||
The original subject is then added into the email body.
|
||||
The original subject will be added to the email body and all forwarded emails will have the generic subject.
|
||||
<br />
|
||||
As PGP does not encrypt the email subject and the email subject might contain sensitive information,
|
||||
this option will allow a further protection of your email content.
|
||||
This option is often used when PGP is enabled.
|
||||
As PGP does not encrypt the email subject, it allows a further protection of your email content.
|
||||
</div>
|
||||
</div>
|
||||
<div class="alert alert-info">
|
||||
As the email is encrypted, a subject like "Email for you"
|
||||
will probably be rejected by your mailbox since it sounds like a spam.
|
||||
<br />
|
||||
Something like "Encrypted Email" would work much better :).
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label class="form-label">Generic Subject</label>
|
||||
<input name="generic-subject" {% if not mailbox.pgp_enabled() %}
|
||||
disabled {% endif %} class="form-control" maxlength="78" placeholder="Generic Subject" value="{{ mailbox.generic_subject or "" }}">
|
||||
<input name="generic-subject"
|
||||
class="form-control"
|
||||
maxlength="78"
|
||||
placeholder="Generic Subject"
|
||||
value="{{ mailbox.generic_subject or "" }}">
|
||||
</div>
|
||||
<button class="btn btn-primary" name="action" {% if not mailbox.pgp_enabled() %}
|
||||
disabled {% endif %} value="save">
|
||||
Save
|
||||
</button>
|
||||
<button class="btn btn-primary" name="action" value="save">Save</button>
|
||||
{% if mailbox.generic_subject %}
|
||||
|
||||
<button class="btn btn-danger float-right" name="action" value="remove">Remove</button>
|
||||
@ -235,8 +239,8 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
{% block script %}
|
||||
{% endblock %}
|
||||
{% block script %}
|
||||
<script src="/static/js/utils/drag-drop-into-text.js"></script>
|
||||
<script>
|
||||
$(".custom-switch-input").change(function (e) {
|
||||
@ -244,4 +248,4 @@
|
||||
});
|
||||
enableDragDropForPGPKeys('#pgp-public-key');
|
||||
</script>
|
||||
{% endblock %}
|
||||
{% endblock %}
|
||||
|
||||
@ -207,7 +207,7 @@
|
||||
<div class="card-body">
|
||||
<div class="text-center">
|
||||
<div class="h3">Proton plan</div>
|
||||
<div class="h3 my-3">Starts at $11.99 / month</div>
|
||||
<div class="h3 my-3">Starts at $12.99 / month</div>
|
||||
<div class="text-center mt-4 mb-6">
|
||||
<a class="btn btn-lg btn-outline-primary w-100"
|
||||
role="button"
|
||||
@ -225,10 +225,6 @@
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
500 GB storage
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
15 email addresses
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
Unlimited folders, labels, and filters
|
||||
@ -239,11 +235,7 @@
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
15 email addresses
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
20 Calendars
|
||||
25 calendars
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
@ -376,10 +368,6 @@
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
500 GB storage
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
15 email addresses/aliases
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
Unlimited folders, labels, and filters
|
||||
@ -390,11 +378,7 @@
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
15 email addresses/aliases
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
20 Calendars
|
||||
25 calendars
|
||||
</li>
|
||||
<li class="d-flex">
|
||||
<i class="fe fe-check text-success mr-2 mt-1" aria-hidden="true"></i>
|
||||
@ -478,7 +462,7 @@
|
||||
</a>, which currently supports Bitcoin, Bitcoin Cash, DAI, ApeCoin, Dogecoin, Ethereum, Litecoin, SHIBA INU, Tether and USD Coin.
|
||||
</p>
|
||||
<p>
|
||||
In the future, we are going to support Monero as well. In the meantime, please send us an email at <a href="mailto:support@simplelogin.zendesk.com">support@simplelogin.zendesk.com</a> if you want to use this cryptocurrency.
|
||||
In the future, we are going to support Monero as well. In the meantime, please send us an email at <a href="mailto:support@simplelogin.zendesk.com" target="_blank">support@simplelogin.zendesk.com</a> if you want to use this cryptocurrency.
|
||||
</p>
|
||||
<div class="d-flex justify-content-center">
|
||||
<a class="btn btn-outline-primary text-center"
|
||||
@ -645,7 +629,7 @@
|
||||
</li>
|
||||
</ul>
|
||||
<p>
|
||||
Please send us an email at <a href="mailto:support@simplelogin.zendesk.com">support@simplelogin.zendesk.com</a> for more info.
|
||||
Please send us an email at <a href="mailto:support@simplelogin.zendesk.com" target="_blank">support@simplelogin.zendesk.com</a> for more info.
|
||||
</p>
|
||||
<p>
|
||||
We used to offer free premium accounts for students but this program ended at June 17 2021. Please note this doesn't affect existing accounts who have already benefited from the program or requests sent before this date.
|
||||
@ -708,7 +692,7 @@
|
||||
data-parent="#pricing-faq">
|
||||
<div class="card-body">
|
||||
<p>
|
||||
No we don't have a family plan but offer 30% reduction for additional subscriptions. Please contact us at <a href="mailto:support@simplelogin.zendesk.com">support@simplelogin.zendesk.com</a> for more information.
|
||||
No we don't have a family plan but offer 30% reduction for additional subscriptions. Please contact us at <a href="mailto:support@simplelogin.zendesk.com" target="_blank">support@simplelogin.zendesk.com</a> for more information.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
For every user who <b>upgrades</b> and stays with us at least 3 months, you'll get $5 :).
|
||||
<br />
|
||||
The payout can be initiated any time, just send us an email at
|
||||
<a href="mailto:hi@simplelogin.io">hi@simplelogin.io</a>
|
||||
<a href="mailto:hi@simplelogin.io" target="_blank">hi@simplelogin.io</a>
|
||||
when you want to receive the payout.
|
||||
</div>
|
||||
{% if referrals|length == 0 %}
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
<h1 class="h3">Block alias</h1>
|
||||
<p>
|
||||
You are about to block the alias
|
||||
<a href="mailto:{{ alias }}">{{ alias }}</a>
|
||||
<a href="mailto:{{ alias }}" target="_blank">{{ alias }}</a>
|
||||
</p>
|
||||
<p>After this, you will stop receiving all emails sent to this alias, please confirm.</p>
|
||||
<form method="post">
|
||||
|
||||
@ -61,7 +61,7 @@
|
||||
<img src="{{ user_info[scope.value] }}" class="avatar">
|
||||
{% elif scope == Scope.EMAIL %}
|
||||
{{ scope.value }}:
|
||||
<a href="mailto:{{ user_info[scope.value] }}">{{ user_info[scope.value] }}</a>
|
||||
<a href="mailto:{{ user_info[scope.value] }}" target="_blank">{{ user_info[scope.value] }}</a>
|
||||
{% elif scope == Scope.NAME %}
|
||||
{{ scope.value }}: <b>{{ user_info[scope.value] }}</b>
|
||||
{% endif %}
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
import pytest
|
||||
from http import HTTPStatus
|
||||
|
||||
from app.errors import ProtonAccountNotVerified
|
||||
from app.proton import proton_client
|
||||
|
||||
|
||||
@ -19,3 +21,30 @@ def test_convert_access_token_not_containing_invalid_length():
|
||||
for case in cases:
|
||||
with pytest.raises(Exception):
|
||||
proton_client.convert_access_token(case)
|
||||
|
||||
|
||||
def test_handle_response_not_ok_account_not_verified():
|
||||
res = proton_client.handle_response_not_ok(
|
||||
status=HTTPStatus.UNPROCESSABLE_ENTITY,
|
||||
body={"Code": proton_client.PROTON_ERROR_CODE_HV_NEEDED},
|
||||
text="",
|
||||
)
|
||||
assert isinstance(res, ProtonAccountNotVerified)
|
||||
|
||||
|
||||
def test_handle_response_unprocessable_entity_not_account_not_verified():
|
||||
error_text = "some error text"
|
||||
res = proton_client.handle_response_not_ok(
|
||||
status=HTTPStatus.UNPROCESSABLE_ENTITY, body={"Code": 4567}, text=error_text
|
||||
)
|
||||
assert error_text in res.args[0]
|
||||
|
||||
|
||||
def test_handle_response_not_ok_unknown_error():
|
||||
error_text = "some error text"
|
||||
res = proton_client.handle_response_not_ok(
|
||||
status=123,
|
||||
body={"Code": proton_client.PROTON_ERROR_CODE_HV_NEEDED},
|
||||
text=error_text,
|
||||
)
|
||||
assert error_text in res.args[0]
|
||||
|
||||
@ -71,7 +71,7 @@ def load_eml_file(
|
||||
if not template_values:
|
||||
template_values = {}
|
||||
rendered = template.render(**template_values)
|
||||
return email.message_from_string(rendered)
|
||||
return email.message_from_bytes(rendered.encode("utf-8"))
|
||||
|
||||
|
||||
def random_email() -> str:
|
||||
|
||||
Reference in New Issue
Block a user