4.42.2

4.42.1
4.42.0
2024-04-10 17:23:11 +01:00 · 2024-03-26 12:00:08 +00:00 · 2024-03-19 12:00:09 +00:00 · 2024-03-15 12:00:08 +00:00 · 2024-03-14 15:47:01 +00:00 · 2024-03-14 15:46:44 +00:00
71 changed files with 2150 additions and 586 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -1,52 +0,0 @@
 kind: pipeline
 type: docker
 name: build-multiarch-images
 platform:
  os: linux
  arch: amd64
 steps:
 - name: make-tags
  image: node
  commands:
    - echo -n "${DRONE_TAG}, latest" > .tags
 - name: build  
  image: thegeeklab/drone-docker-buildx
  privileged: true
  settings:
    provenance: false
    dockerfile: app/Dockerfile
    context: app
    registry: git.mrmeeb.stream
    username: 
      from_secret: docker_username
    password: 
      from_secret: docker_password
    repo: git.mrmeeb.stream/mrmeeb/simple-login
    platforms:
      - linux/arm64
      - linux/amd64
 - name: notify
  image: plugins/slack
  when:
    status:
    - success
    - failure
    - killed
  settings:
    webhook: 
      from_secret: slack_webhook
    icon_url:
      from_secret: slack_avatar
 trigger:
  event:
    include:
    - tag
  ref:
    include:
    - refs/tags/**
--- a/.gitea/workflows/build-release-image.yaml
+++ b/.gitea/workflows/build-release-image.yaml
@ -0,0 +1,195 @@
 name: Build-Release-Image
 on:
  push:
    tags:
      - '*'
 env:
  CONTAINER_NAME: git.mrmeeb.stream/mrmeeb/simple-login
  TEA_VERSION: 0.9.2
 jobs:
  Build-Image:
    runs-on: [ubuntu-docker-latest, "${{ matrix.platform }}"]
    strategy:
      fail-fast: false
      matrix:
        platform:
          - linux/amd64
          - linux/arm64
    steps:
      - name: Prepare
        run: |
          platform=${{ matrix.platform }}
          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
          echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
      - name: Checkout
        uses: actions/checkout@v2
      # Not needed currently due to https://github.com/go-gitea/gitea/issues/29563
      #- name: Prepare tags
      #  id: meta
      #  uses: docker/metadata-action@v5
      #  with:
      #    images: ${{ env.CONTAINER_NAME }}
      #    tags: |
      #      type=pep440,pattern={{version}}
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to Gitea Container Registry
        uses: docker/login-action@v3
        with:
          registry: git.mrmeeb.stream
          username: ${{ env.GITHUB_ACTOR }}
          password: ${{ secrets.GTCR_TOKEN }}
      - name: Build and push by digest
        uses: docker/build-push-action@v5
        id: build
        with:
          context: ./app
          platforms: ${{ matrix.platform }}
          provenance: false
          outputs: type=image,name=${{ env.CONTAINER_NAME }},push-by-digest=true,name-canonical=true,push=true
      - name: Export digest
        run: |
          mkdir -p /tmp/digests
          digest="${{ steps.build.outputs.digest }}"
          touch "/tmp/digests/${digest#sha256:}"
      - name: Upload digest
        uses: actions/upload-artifact@v3
        with:
          name: digests-${{ env.PLATFORM_PAIR }}
          path: /tmp/digests/*
          if-no-files-found: error
          retention-days: 1
      - name: Notify
        uses: rjstone/discord-webhook-notify@v1
        if: failure()
        with:
          severity: ${{ job.status == 'success' && 'info' || (job.status == 'cancelled' && 'warn' || 'error') }}
          details: Build ${{ job.status == 'success' && 'succeeded' || (job.status == 'cancelled' && 'cancelled' || 'failed') }}!
          webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
          username: Gitea
          avatarUrl: ${{ vars.RUNNER_ICON_URL }}
  Merge-Images:
    runs-on: ubuntu-docker-latest
    needs: [Build-Image]
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Get tag
        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
      - name: Download digests
        uses: actions/download-artifact@v3
        with:
          path: /tmp/digests
          pattern: digests-*
          merge-multiple: true
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      # Not needed currently due to https://github.com/go-gitea/gitea/issues/29563
      #- name: Prepare Docker metadata
      #  id: meta
      #  uses: docker/metadata-action@v5
      #  with:
      #    images: ${{ env.CONTAINER_NAME }}
      - name: Login to Gitea Container Registry
        uses: docker/login-action@v3
        with:
          registry: git.mrmeeb.stream
          username: ${{ env.GITHUB_ACTOR }}
          password: ${{ secrets.GTCR_TOKEN }}
      - name: Create manifest latest
        working-directory: /tmp/digests
        run: |
          docker manifest create ${{ env.CONTAINER_NAME }}:latest \
            --amend ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-amd64/* | cut -d / -f 2) \
            --amend ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-arm64/* | cut -d / -f 2)
          #docker manifest annotate --arch amd64 --os linux ${{ env.CONTAINER_NAME }}:latest ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-amd64/* | cut -d / -f 2)
          #docker manifest annotate --arch arm64 --os linux ${{ env.CONTAINER_NAME }}:latest ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-arm64/* | cut -d / -f 2)
          docker manifest inspect ${{ env.CONTAINER_NAME }}:latest
          docker manifest push ${{ env.CONTAINER_NAME }}:latest
      - name: Create manifest tagged
        working-directory: /tmp/digests
        run: |
          docker manifest create ${{ env.CONTAINER_NAME }}:${{ env.RELEASE_VERSION }} \
            --amend ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-amd64/* | cut -d / -f 2) \
            --amend ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-arm64/* | cut -d / -f 2)
          #docker manifest annotate --arch amd64 --os linux ${{ env.CONTAINER_NAME }}:${{ env.RELEASE_VERSION }} ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-amd64/* | cut -d / -f 2)
          #docker manifest annotate --arch arm64 --os linux ${{ env.CONTAINER_NAME }}:${{ env.RELEASE_VERSION }} ${{ env.CONTAINER_NAME }}@sha256:$(ls -p digests-linux-arm64/* | cut -d / -f 2)
          docker manifest inspect ${{ env.CONTAINER_NAME }}:${{ env.RELEASE_VERSION }}
          docker manifest push ${{ env.CONTAINER_NAME }}:${{ env.RELEASE_VERSION }}
      # Disabled due to https://github.com/go-gitea/gitea/issues/29563
      #- name: Create manifest list and push
      #  working-directory: /tmp/digests
      #  run: |
      #    echo $DOCKER_METADATA_OUTPUT_JSON
      #    echo $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
      #      $(printf '${{ env.CONTAINER_NAME }}@sha256:%s ' $(ls -p */* | cut -d / -f 2))
      #    docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
      #      $(printf '${{ env.CONTAINER_NAME }}@sha256:%s ' $(ls -p */* | cut -d / -f 2))
      #- name: Inspect image
      #  run: |
      #    docker buildx imagetools inspect ${{ env.CONTAINER_NAME }}:${{ steps.meta.outputs.version }}          
      - name: Notify
        uses: rjstone/discord-webhook-notify@v1
        if: failure()
        with:
          severity: ${{ job.status == 'success' && 'info' || (job.status == 'cancelled' && 'warn' || 'error') }}
          details: Build ${{ job.status == 'success' && 'succeeded' || (job.status == 'cancelled' && 'cancelled' || 'failed') }}!
          webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
          username: Gitea
          avatarUrl: ${{ vars.RUNNER_ICON_URL }}
  Create-Release:
    runs-on: [ubuntu-latest, linux/amd64]
    needs: [Merge-Images]
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Get tag
        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
      - name: Prepare tea
        run: |
          # Download tea from Gitea release page
          echo "Downloading Tea v${{ env.TEA_VERSION }}" && \
          wget -q -O tea https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64 && \
          echo "Downloaded Tea" && \
          chmod +x tea && \
          # Login to Gitea
          echo "Logging in to Gitea using Tea" && \
          ./tea login add --name SimpleLogin --url https://git.mrmeeb.stream --token ${{ secrets.GITHUB_TOKEN }} && \
          echo "Done"
      - name: Make release
        run: |
          echo "Creating release" && \
          ./tea release create --login "SimpleLogin" --repo ${{ env.GITHUB_REPOSITORY }} --tag ${{ env.RELEASE_VERSION }} -t ${{ env.RELEASE_VERSION }} -n "Triggered by release of v${{ env.RELEASE_VERSION }} by the SimpleLogin team. <a href=\"https://github.com/simple-login/app/releases/tag/v${{ env.RELEASE_VERSION }}\" target=\"_blank\">View the changelog</a>" && \
          echo "Done"
      - name: Notify
        uses: rjstone/discord-webhook-notify@v1
        if: failure()
        with:
          severity: ${{ job.status == 'success' && 'info' || (job.status == 'cancelled' && 'warn' || 'error') }}
          details: Release ${{ job.status == 'success' && 'succeeded' || (job.status == 'cancelled' && 'cancelled' || 'failed') }}!
          webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
          username: Gitea
          avatarUrl: ${{ vars.RUNNER_ICON_URL }}
  Notify:
    runs-on: ubuntu-latest
    needs: [Build-Image, Merge-Images, Create-Release]
    steps:
      - name: Notify
        uses: rjstone/discord-webhook-notify@v1
        if: always()
        with:
          severity: ${{ job.status == 'success' && 'info' || (job.status == 'cancelled' && 'warn' || 'error') }}
          details: Release ${{ job.status == 'success' && 'succeeded' || (job.status == 'cancelled' && 'cancelled' || 'failed') }}!
          webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
          username: Gitea
          avatarUrl: ${{ vars.RUNNER_ICON_URL }}
--- a/app/.github/workflows/main.yml
+++ b/app/.github/workflows/main.yml
@ -1,7 +1,6 @@
 name: Test and lint
-on:
+on: [push, pull_request]
  push:
 jobs:
  lint:
@ -139,6 +138,12 @@ jobs:
        with:
          fetch-depth: 0
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
      - name: Create Sentry release
        uses: getsentry/action-release@v1
        env:
@ -158,6 +163,7 @@ jobs:
        uses: docker/build-push-action@v3
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
--- a/app/CONTRIBUTING.md
+++ b/app/CONTRIBUTING.md
@ -151,10 +151,10 @@ Here are the small sum-ups of the directory structures and their roles:
 ## Pull request
-The code is formatted using https://github.com/psf/black, to format the code, simply run
+The code is formatted using [ruff](https://github.com/astral-sh/ruff), to format the code, simply run
 ```
-poetry run black .
+poetry run ruff format .
 ```
 The code is also checked with `flake8`, make sure to run `flake8` before creating the pull request by
--- a/app/app/account_linking.py
+++ b/app/app/account_linking.py
@ -168,6 +168,8 @@ class NewUserStrategy(ClientMergeStrategy):
 class ExistingUnlinkedUserStrategy(ClientMergeStrategy):
    def process(self) -> LinkResult:
        # IF it was scheduled to be deleted. Unschedule it.
        self.user.delete_on = None
        partner_user = ensure_partner_user_exists_for_user(
            self.link_request, self.user, self.partner
        )
@ -246,6 +248,8 @@ def link_user(
 ) -> LinkResult:
    # Sanitize email just in case
    link_request.email = sanitize_email(link_request.email)
    # If it was scheduled to be deleted. Unschedule it.
    current_user.delete_on = None
    partner_user = ensure_partner_user_exists_for_user(
        link_request, current_user, partner
    )
--- a/app/app/alias_utils.py
+++ b/app/app/alias_utils.py
@ -308,28 +308,29 @@ def delete_alias(alias: Alias, user: User):
    Delete an alias and add it to either global or domain trash
    Should be used instead of Alias.delete, DomainDeletedAlias.create, DeletedAlias.create
    """
-    # save deleted alias to either global or domain trash
+    LOG.i(f"User {user} has deleted alias {alias}")
    # save deleted alias to either global or domain tra
    if alias.custom_domain_id:
        if not DomainDeletedAlias.get_by(
            email=alias.email, domain_id=alias.custom_domain_id
        ):
-            LOG.d("add %s to domain %s trash", alias, alias.custom_domain_id)
+            domain_deleted_alias = DomainDeletedAlias(
-            Session.add(
+                user_id=user.id,
-                DomainDeletedAlias(
+                email=alias.email,
-                    user_id=user.id,
+                domain_id=alias.custom_domain_id,
                    email=alias.email,
                    domain_id=alias.custom_domain_id,
                )
            )
            Session.add(domain_deleted_alias)
            Session.commit()
-
+            LOG.i(
                f"Moving {alias} to domain {alias.custom_domain_id} trash {domain_deleted_alias}"
            )
    else:
        if not DeletedAlias.get_by(email=alias.email):
-            LOG.d("add %s to global trash", alias)
+            deleted_alias = DeletedAlias(email=alias.email)
-            Session.add(DeletedAlias(email=alias.email))
+            Session.add(deleted_alias)
            Session.commit()
            LOG.i(f"Moving {alias} to global trash {deleted_alias}")
    LOG.i("delete alias %s", alias)
    Alias.filter(Alias.id == alias.id).delete()
    Session.commit()
--- a/app/app/api/base.py
+++ b/app/app/api/base.py
@ -33,6 +33,9 @@ def authorize_request() -> Optional[Tuple[str, int]]:
    if g.user.disabled:
        return jsonify(error="Disabled account"), 403
    if not g.user.is_active():
        return jsonify(error="Account does not exist"), 401
    g.api_key = api_key
    return None
--- a/app/app/api/views/auth.py
+++ b/app/app/api/views/auth.py
@ -11,7 +11,7 @@ from itsdangerous import Signer
 from app import email_utils
 from app.api.base import api_bp
 from app.config import FLASK_SECRET, DISABLE_REGISTRATION
-from app.dashboard.views.setting import send_reset_password_email
+from app.dashboard.views.account_setting import send_reset_password_email
 from app.db import Session
 from app.email_utils import (
    email_can_be_used_as_mailbox,
--- a/app/app/auth/init.py
+++ b/app/app/auth/init.py
@ -16,6 +16,7 @@ from .views import (
    social,
    recovery,
    api_to_cookie,
    oidc,
 )
 __all__ = [
@ -36,4 +37,5 @@ __all__ = [
    "social",
    "recovery",
    "api_to_cookie",
    "oidc",
 ]
--- a/app/app/auth/views/change_email.py
+++ b/app/app/auth/views/change_email.py
@ -3,6 +3,7 @@ from flask_login import login_user
 from app.auth.base import auth_bp
 from app.db import Session
 from app.log import LOG
 from app.models import EmailChange, ResetPasswordCode
@ -22,12 +23,14 @@ def change_email():
        return render_template("auth/change_email.html")
    user = email_change.user
    old_email = user.email
    user.email = email_change.new_email
    EmailChange.delete(email_change.id)
    ResetPasswordCode.filter_by(user_id=user.id).delete()
    Session.commit()
    LOG.i(f"User {user} has changed their email from {old_email} to {user.email}")
    flash("Your new email has been updated", "success")
    login_user(user)
--- a/app/app/auth/views/forgot_password.py
+++ b/app/app/auth/views/forgot_password.py
@ -3,7 +3,7 @@ from flask_wtf import FlaskForm
 from wtforms import StringField, validators
 from app.auth.base import auth_bp
-from app.dashboard.views.setting import send_reset_password_email
+from app.dashboard.views.account_setting import send_reset_password_email
 from app.extensions import limiter
 from app.log import LOG
 from app.models import User
--- a/app/app/auth/views/google.py
+++ b/app/app/auth/views/google.py
@ -7,7 +7,7 @@ from app.config import URL, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
 from app.db import Session
 from app.log import LOG
 from app.models import User, File, SocialAuth
-from app.utils import random_string, sanitize_email
+from app.utils import random_string, sanitize_email, sanitize_next_url
 from .login_utils import after_login
 _authorization_base_url = "https://accounts.google.com/o/oauth2/v2/auth"
@ -29,7 +29,7 @@ def google_login():
    # to avoid flask-login displaying the login error message
    session.pop("_flashes", None)
-    next_url = request.args.get("next")
+    next_url = sanitize_next_url(request.args.get("next"))
    # Google does not allow to append param to redirect_url
    # we need to pass the next url by session
--- a/app/app/auth/views/login.py
+++ b/app/app/auth/views/login.py
@ -5,7 +5,7 @@ from wtforms import StringField, validators
 from app.auth.base import auth_bp
 from app.auth.views.login_utils import after_login
-from app.config import CONNECT_WITH_PROTON
+from app.config import CONNECT_WITH_PROTON, CONNECT_WITH_OIDC_ICON, OIDC_CLIENT_ID
 from app.events.auth_event import LoginEvent
 from app.extensions import limiter
 from app.log import LOG
@ -77,4 +77,6 @@ def login():
        next_url=next_url,
        show_resend_activation=show_resend_activation,
        connect_with_proton=CONNECT_WITH_PROTON,
        connect_with_oidc=OIDC_CLIENT_ID is not None,
        connect_with_oidc_icon=CONNECT_WITH_OIDC_ICON,
    )
--- a/app/app/auth/views/oidc.py
+++ b/app/app/auth/views/oidc.py
@ -0,0 +1,131 @@
 from flask import request, session, redirect, flash, url_for
 from requests_oauthlib import OAuth2Session
 from app import config
 from app.auth.base import auth_bp
 from app.auth.views.login_utils import after_login
 from app.config import (
    URL,
    OIDC_AUTHORIZATION_URL,
    OIDC_USER_INFO_URL,
    OIDC_TOKEN_URL,
    OIDC_SCOPES,
    OIDC_NAME_FIELD,
 )
 from app.db import Session
 from app.email_utils import send_welcome_email
 from app.log import LOG
 from app.models import User, SocialAuth
 from app.utils import encode_url, sanitize_email, sanitize_next_url
 # need to set explicitly redirect_uri instead of leaving the lib to pre-fill redirect_uri
 # when served behind nginx, the redirect_uri is localhost... and not the real url
 _redirect_uri = URL + "/auth/oidc/callback"
 SESSION_STATE_KEY = "oauth_state"
@auth_bp.route("/oidc/login")
 def oidc_login():
    if config.OIDC_CLIENT_ID is None or config.OIDC_CLIENT_SECRET is None:
        return redirect(url_for("auth.login"))
    next_url = sanitize_next_url(request.args.get("next"))
    if next_url:
        redirect_uri = _redirect_uri + "?next=" + encode_url(next_url)
    else:
        redirect_uri = _redirect_uri
    oidc = OAuth2Session(
        config.OIDC_CLIENT_ID, scope=[OIDC_SCOPES], redirect_uri=redirect_uri
    )
    authorization_url, state = oidc.authorization_url(OIDC_AUTHORIZATION_URL)
    # State is used to prevent CSRF, keep this for later.
    session[SESSION_STATE_KEY] = state
    return redirect(authorization_url)
@auth_bp.route("/oidc/callback")
 def oidc_callback():
    if SESSION_STATE_KEY not in session:
        flash("Invalid state, please retry", "error")
        return redirect(url_for("auth.login"))
    if config.OIDC_CLIENT_ID is None or config.OIDC_CLIENT_SECRET is None:
        return redirect(url_for("auth.login"))
    # user clicks on cancel
    if "error" in request.args:
        flash("Please use another sign in method then", "warning")
        return redirect("/")
    oidc = OAuth2Session(
        config.OIDC_CLIENT_ID,
        state=session[SESSION_STATE_KEY],
        scope=[OIDC_SCOPES],
        redirect_uri=_redirect_uri,
    )
    oidc.fetch_token(
        OIDC_TOKEN_URL,
        client_secret=config.OIDC_CLIENT_SECRET,
        authorization_response=request.url,
    )
    oidc_user_data = oidc.get(OIDC_USER_INFO_URL)
    if oidc_user_data.status_code != 200:
        LOG.e(
            f"cannot get oidc user data {oidc_user_data.status_code} {oidc_user_data.text}"
        )
        flash(
            "Cannot get user data from OIDC, please use another way to login/sign up",
            "error",
        )
        return redirect(url_for("auth.login"))
    oidc_user_data = oidc_user_data.json()
    email = oidc_user_data.get("email")
    if not email:
        LOG.e(f"cannot get email for OIDC user {oidc_user_data} {email}")
        flash(
            "Cannot get a valid email from OIDC, please another way to login/sign up",
            "error",
        )
        return redirect(url_for("auth.login"))
    email = sanitize_email(email)
    user = User.get_by(email=email)
    if not user and config.DISABLE_REGISTRATION:
        flash(
            "Sorry you cannot sign up via the OIDC provider. Please sign-up first with your email.",
            "error",
        )
        return redirect(url_for("auth.register"))
    elif not user:
        user = create_user(email, oidc_user_data)
    if not SocialAuth.get_by(user_id=user.id, social="oidc"):
        SocialAuth.create(user_id=user.id, social="oidc")
        Session.commit()
    # The activation link contains the original page, for ex authorize page
    next_url = sanitize_next_url(request.args.get("next")) if request.args else None
    return after_login(user, next_url)
 def create_user(email, oidc_user_data):
    new_user = User.create(
        email=email,
        name=oidc_user_data.get(OIDC_NAME_FIELD),
        password="",
        activated=True,
    )
    LOG.i(f"Created new user for login request from OIDC. New user {new_user.id}")
    Session.commit()
    send_welcome_email(new_user)
    return new_user
--- a/app/app/auth/views/register.py
+++ b/app/app/auth/views/register.py
@ -6,7 +6,7 @@ from wtforms import StringField, validators
 from app import email_utils, config
 from app.auth.base import auth_bp
-from app.config import CONNECT_WITH_PROTON
+from app.config import CONNECT_WITH_PROTON, CONNECT_WITH_OIDC_ICON
 from app.auth.views.login_utils import get_referral
 from app.config import URL, HCAPTCHA_SECRET, HCAPTCHA_SITEKEY
 from app.db import Session
@ -109,6 +109,8 @@ def register():
        next_url=next_url,
        HCAPTCHA_SITEKEY=HCAPTCHA_SITEKEY,
        connect_with_proton=CONNECT_WITH_PROTON,
        connect_with_oidc=config.OIDC_CLIENT_ID is not None,
        connect_with_oidc_icon=CONNECT_WITH_OIDC_ICON,
    )
--- a/app/app/config.py
+++ b/app/app/config.py
@ -234,7 +234,7 @@ else:
    print("WARNING: Use a temp directory for GNUPGHOME", GNUPGHOME)
-# Github, Google, Facebook client id and secrets
+# Github, Google, Facebook, OIDC client id and secrets
 GITHUB_CLIENT_ID = os.environ.get("GITHUB_CLIENT_ID")
 GITHUB_CLIENT_SECRET = os.environ.get("GITHUB_CLIENT_SECRET")
@ -244,6 +244,15 @@ GOOGLE_CLIENT_SECRET = os.environ.get("GOOGLE_CLIENT_SECRET")
 FACEBOOK_CLIENT_ID = os.environ.get("FACEBOOK_CLIENT_ID")
 FACEBOOK_CLIENT_SECRET = os.environ.get("FACEBOOK_CLIENT_SECRET")
 CONNECT_WITH_OIDC_ICON = os.environ.get("CONNECT_WITH_OIDC_ICON")
 OIDC_AUTHORIZATION_URL = os.environ.get("OIDC_AUTHORIZATION_URL")
 OIDC_USER_INFO_URL = os.environ.get("OIDC_USER_INFO_URL")
 OIDC_TOKEN_URL = os.environ.get("OIDC_TOKEN_URL")
 OIDC_CLIENT_ID = os.environ.get("OIDC_CLIENT_ID")
 OIDC_CLIENT_SECRET = os.environ.get("OIDC_CLIENT_SECRET")
 OIDC_SCOPES = os.environ.get("OIDC_SCOPES")
 OIDC_NAME_FIELD = os.environ.get("OIDC_NAME_FIELD", "name")
 PROTON_CLIENT_ID = os.environ.get("PROTON_CLIENT_ID")
 PROTON_CLIENT_SECRET = os.environ.get("PROTON_CLIENT_SECRET")
 PROTON_BASE_URL = os.environ.get(
@ -421,6 +430,11 @@ try:
 except Exception:
    HIBP_SCAN_INTERVAL_DAYS = 7
 HIBP_API_KEYS = sl_getenv("HIBP_API_KEYS", list) or []
 HIBP_MAX_ALIAS_CHECK = 10_000
 HIBP_RPM = 100
 HIBP_SKIP_PARTNER_ALIAS = os.environ.get("HIBP_SKIP_PARTNER_ALIAS")
 KEEP_OLD_DATA_DAYS = 30
 POSTMASTER = os.environ.get("POSTMASTER")
@ -567,3 +581,5 @@ MAX_API_KEYS = int(os.environ.get("MAX_API_KEYS", 30))
 UPCLOUD_USERNAME = os.environ.get("UPCLOUD_USERNAME", None)
 UPCLOUD_PASSWORD = os.environ.get("UPCLOUD_PASSWORD", None)
 UPCLOUD_DB_ID = os.environ.get("UPCLOUD_DB_ID", None)
 STORE_TRANSACTIONAL_EMAILS = "STORE_TRANSACTIONAL_EMAILS" in os.environ
--- a/app/app/dashboard/init.py
+++ b/app/app/dashboard/init.py
@ -32,6 +32,7 @@ from .views import (
    delete_account,
    notification,
    support,
    account_setting,
 )
 __all__ = [
@ -68,4 +69,5 @@ __all__ = [
    "delete_account",
    "notification",
    "support",
    "account_setting",
 ]
--- a/app/app/dashboard/views/account_setting.py
+++ b/app/app/dashboard/views/account_setting.py
@ -0,0 +1,242 @@
 import arrow
 from flask import (
    render_template,
    request,
    redirect,
    url_for,
    flash,
 )
 from flask_login import login_required, current_user
 from app import email_utils
 from app.config import (
    URL,
    FIRST_ALIAS_DOMAIN,
    ALIAS_RANDOM_SUFFIX_LENGTH,
    CONNECT_WITH_PROTON,
 )
 from app.dashboard.base import dashboard_bp
 from app.dashboard.views.enter_sudo import sudo_required
 from app.dashboard.views.mailbox_detail import ChangeEmailForm
 from app.db import Session
 from app.email_utils import (
    email_can_be_used_as_mailbox,
    personal_email_already_used,
 )
 from app.extensions import limiter
 from app.jobs.export_user_data_job import ExportUserDataJob
 from app.log import LOG
 from app.models import (
    BlockBehaviourEnum,
    PlanEnum,
    ResetPasswordCode,
    EmailChange,
    User,
    Alias,
    AliasGeneratorEnum,
    SenderFormatEnum,
    UnsubscribeBehaviourEnum,
 )
 from app.proton.utils import perform_proton_account_unlink
 from app.utils import (
    random_string,
    CSRFValidationForm,
    canonicalize_email,
 )
@dashboard_bp.route("/account_setting", methods=["GET", "POST"])
@login_required
@sudo_required
@limiter.limit("5/minute", methods=["POST"])
 def account_setting():
    change_email_form = ChangeEmailForm()
    csrf_form = CSRFValidationForm()
    email_change = EmailChange.get_by(user_id=current_user.id)
    if email_change:
        pending_email = email_change.new_email
    else:
        pending_email = None
    if request.method == "POST":
        if not csrf_form.validate():
            flash("Invalid request", "warning")
            return redirect(url_for("dashboard.setting"))
        if request.form.get("form-name") == "update-email":
            if change_email_form.validate():
                # whether user can proceed with the email update
                new_email_valid = True
                new_email = canonicalize_email(change_email_form.email.data)
                if new_email != current_user.email and not pending_email:
                    # check if this email is not already used
                    if personal_email_already_used(new_email) or Alias.get_by(
                        email=new_email
                    ):
                        flash(f"Email {new_email} already used", "error")
                        new_email_valid = False
                    elif not email_can_be_used_as_mailbox(new_email):
                        flash(
                            "You cannot use this email address as your personal inbox.",
                            "error",
                        )
                        new_email_valid = False
                    # a pending email change with the same email exists from another user
                    elif EmailChange.get_by(new_email=new_email):
                        other_email_change: EmailChange = EmailChange.get_by(
                            new_email=new_email
                        )
                        LOG.w(
                            "Another user has a pending %s with the same email address. Current user:%s",
                            other_email_change,
                            current_user,
                        )
                        if other_email_change.is_expired():
                            LOG.d(
                                "delete the expired email change %s", other_email_change
                            )
                            EmailChange.delete(other_email_change.id)
                            Session.commit()
                        else:
                            flash(
                                "You cannot use this email address as your personal inbox.",
                                "error",
                            )
                            new_email_valid = False
                    if new_email_valid:
                        email_change = EmailChange.create(
                            user_id=current_user.id,
                            code=random_string(
                                60
                            ),  # todo: make sure the code is unique
                            new_email=new_email,
                        )
                        Session.commit()
                        send_change_email_confirmation(current_user, email_change)
                        flash(
                            "A confirmation email is on the way, please check your inbox",
                            "success",
                        )
                        return redirect(url_for("dashboard.account_setting"))
        elif request.form.get("form-name") == "change-password":
            flash(
                "You are going to receive an email containing instructions to change your password",
                "success",
            )
            send_reset_password_email(current_user)
            return redirect(url_for("dashboard.account_setting"))
        elif request.form.get("form-name") == "send-full-user-report":
            if ExportUserDataJob(current_user).store_job_in_db():
                flash(
                    "You will receive your SimpleLogin data via email shortly",
                    "success",
                )
            else:
                flash("An export of your data is currently in progress", "error")
    partner_sub = None
    partner_name = None
    return render_template(
        "dashboard/account_setting.html",
        csrf_form=csrf_form,
        PlanEnum=PlanEnum,
        SenderFormatEnum=SenderFormatEnum,
        BlockBehaviourEnum=BlockBehaviourEnum,
        change_email_form=change_email_form,
        pending_email=pending_email,
        AliasGeneratorEnum=AliasGeneratorEnum,
        UnsubscribeBehaviourEnum=UnsubscribeBehaviourEnum,
        partner_sub=partner_sub,
        partner_name=partner_name,
        FIRST_ALIAS_DOMAIN=FIRST_ALIAS_DOMAIN,
        ALIAS_RAND_SUFFIX_LENGTH=ALIAS_RANDOM_SUFFIX_LENGTH,
        connect_with_proton=CONNECT_WITH_PROTON,
    )
 def send_reset_password_email(user):
    """
    generate a new ResetPasswordCode and send it over email to user
    """
    # the activation code is valid for 1h
    reset_password_code = ResetPasswordCode.create(
        user_id=user.id, code=random_string(60)
    )
    Session.commit()
    reset_password_link = f"{URL}/auth/reset_password?code={reset_password_code.code}"
    email_utils.send_reset_password_email(user.email, reset_password_link)
 def send_change_email_confirmation(user: User, email_change: EmailChange):
    """
    send confirmation email to the new email address
    """
    link = f"{URL}/auth/change_email?code={email_change.code}"
    email_utils.send_change_email(email_change.new_email, user.email, link)
@dashboard_bp.route("/resend_email_change", methods=["GET", "POST"])
@limiter.limit("5/hour")
@login_required
@sudo_required
 def resend_email_change():
    form = CSRFValidationForm()
    if not form.validate():
        flash("Invalid request. Please try again", "warning")
        return redirect(url_for("dashboard.setting"))
    email_change = EmailChange.get_by(user_id=current_user.id)
    if email_change:
        # extend email change expiration
        email_change.expired = arrow.now().shift(hours=12)
        Session.commit()
        send_change_email_confirmation(current_user, email_change)
        flash("A confirmation email is on the way, please check your inbox", "success")
        return redirect(url_for("dashboard.setting"))
    else:
        flash(
            "You have no pending email change. Redirect back to Setting page", "warning"
        )
        return redirect(url_for("dashboard.setting"))
@dashboard_bp.route("/cancel_email_change", methods=["GET", "POST"])
@login_required
@sudo_required
 def cancel_email_change():
    form = CSRFValidationForm()
    if not form.validate():
        flash("Invalid request. Please try again", "warning")
        return redirect(url_for("dashboard.setting"))
    email_change = EmailChange.get_by(user_id=current_user.id)
    if email_change:
        EmailChange.delete(email_change.id)
        Session.commit()
        flash("Your email change is cancelled", "success")
        return redirect(url_for("dashboard.setting"))
    else:
        flash(
            "You have no pending email change. Redirect back to Setting page", "warning"
        )
        return redirect(url_for("dashboard.setting"))
@dashboard_bp.route("/unlink_proton_account", methods=["POST"])
@login_required
@sudo_required
 def unlink_proton_account():
    csrf_form = CSRFValidationForm()
    if not csrf_form.validate():
        flash("Invalid request", "warning")
        return redirect(url_for("dashboard.setting"))
    perform_proton_account_unlink(current_user)
    flash("Your Proton account has been unlinked", "success")
    return redirect(url_for("dashboard.setting"))
--- a/app/app/dashboard/views/alias_export.py
+++ b/app/app/dashboard/views/alias_export.py
@ -1,9 +1,13 @@
 from app.dashboard.base import dashboard_bp
 from flask_login import login_required, current_user
 from app.alias_utils import alias_export_csv
 from app.dashboard.views.enter_sudo import sudo_required
 from app.extensions import limiter
@dashboard_bp.route("/alias_export", methods=["GET"])
@login_required
@sudo_required
@limiter.limit("2/minute")
 def alias_export_route():
    return alias_export_csv(current_user)
--- a/app/app/dashboard/views/batch_import.py
+++ b/app/app/dashboard/views/batch_import.py
@ -5,7 +5,9 @@ from flask_login import login_required, current_user
 from app import s3
 from app.config import JOB_BATCH_IMPORT
 from app.dashboard.base import dashboard_bp
 from app.dashboard.views.enter_sudo import sudo_required
 from app.db import Session
 from app.extensions import limiter
 from app.log import LOG
 from app.models import File, BatchImport, Job
 from app.utils import random_string, CSRFValidationForm
@ -13,6 +15,8 @@ from app.utils import random_string, CSRFValidationForm
@dashboard_bp.route("/batch_import", methods=["GET", "POST"])
@login_required
@sudo_required
@limiter.limit("10/minute", methods=["POST"])
 def batch_import_route():
    # only for users who have custom domains
    if not current_user.verified_custom_domains():
@ -37,7 +41,7 @@ def batch_import_route():
            return redirect(request.url)
        if len(batch_imports) > 10:
            flash(
-                "You have too many imports already. Wait until some get cleaned up",
+                "You have too many imports already. Please wait until some get cleaned up",
                "error",
            )
            return render_template(
--- a/app/app/dashboard/views/enter_sudo.py
+++ b/app/app/dashboard/views/enter_sudo.py
@ -6,15 +6,15 @@ from flask_login import login_required, current_user
 from flask_wtf import FlaskForm
 from wtforms import PasswordField, validators
-from app.config import CONNECT_WITH_PROTON
+from app.config import CONNECT_WITH_PROTON, OIDC_CLIENT_ID, CONNECT_WITH_OIDC_ICON
 from app.dashboard.base import dashboard_bp
 from app.extensions import limiter
 from app.log import LOG
-from app.models import PartnerUser
+from app.models import PartnerUser, SocialAuth
 from app.proton.utils import get_proton_partner
 from app.utils import sanitize_next_url
-_SUDO_GAP = 900
+_SUDO_GAP = 120
 class LoginForm(FlaskForm):
@ -51,11 +51,19 @@ def enter_sudo():
        if not partner_user or partner_user.partner_id != get_proton_partner().id:
            proton_enabled = False
    oidc_enabled = OIDC_CLIENT_ID is not None
    if oidc_enabled:
        oidc_enabled = (
            SocialAuth.get_by(user_id=current_user.id, social="oidc") is not None
        )
    return render_template(
        "dashboard/enter_sudo.html",
        password_check_form=password_check_form,
        next=request.args.get("next"),
        connect_with_proton=proton_enabled,
        connect_with_oidc=oidc_enabled,
        connect_with_oidc_icon=CONNECT_WITH_OIDC_ICON,
    )
--- a/app/app/dashboard/views/index.py
+++ b/app/app/dashboard/views/index.py
@ -141,7 +141,7 @@ def index():
                )
            if request.form.get("form-name") == "delete-alias":
-                LOG.d("delete alias %s", alias)
+                LOG.i(f"User {current_user} requested deletion of alias {alias}")
                email = alias.email
                alias_utils.delete_alias(alias, current_user)
                flash(f"Alias {email} has been deleted", "success")
--- a/app/app/dashboard/views/setting.py
+++ b/app/app/dashboard/views/setting.py
@ -13,34 +13,24 @@ from flask_login import login_required, current_user
 from flask_wtf import FlaskForm
 from flask_wtf.file import FileField
 from wtforms import StringField, validators
 from wtforms.fields.html5 import EmailField
-from app import s3, email_utils
+from app import s3
 from app.config import (
    URL,
    FIRST_ALIAS_DOMAIN,
    ALIAS_RANDOM_SUFFIX_LENGTH,
    CONNECT_WITH_PROTON,
 )
 from app.dashboard.base import dashboard_bp
 from app.db import Session
 from app.email_utils import (
    email_can_be_used_as_mailbox,
    personal_email_already_used,
 )
 from app.errors import ProtonPartnerNotSetUp
 from app.extensions import limiter
 from app.image_validation import detect_image_format, ImageFormat
 from app.jobs.export_user_data_job import ExportUserDataJob
 from app.log import LOG
 from app.models import (
    BlockBehaviourEnum,
    PlanEnum,
    File,
    ResetPasswordCode,
    EmailChange,
    User,
    Alias,
    CustomDomain,
    AliasGeneratorEnum,
    AliasSuffixEnum,
@ -53,11 +43,10 @@ from app.models import (
    PartnerSubscription,
    UnsubscribeBehaviourEnum,
 )
-from app.proton.utils import get_proton_partner, perform_proton_account_unlink
+from app.proton.utils import get_proton_partner
 from app.utils import (
    random_string,
    CSRFValidationForm,
    canonicalize_email,
 )
@ -66,12 +55,6 @@ class SettingForm(FlaskForm):
    profile_picture = FileField("Profile Picture")
 class ChangeEmailForm(FlaskForm):
    email = EmailField(
        "email", validators=[validators.DataRequired(), validators.Email()]
    )
 class PromoCodeForm(FlaskForm):
    code = StringField("Name", validators=[validators.DataRequired()])
@ -109,7 +92,6 @@ def get_partner_subscription_and_name(
 def setting():
    form = SettingForm()
    promo_form = PromoCodeForm()
    change_email_form = ChangeEmailForm()
    csrf_form = CSRFValidationForm()
    email_change = EmailChange.get_by(user_id=current_user.id)
@ -122,63 +104,7 @@ def setting():
        if not csrf_form.validate():
            flash("Invalid request", "warning")
            return redirect(url_for("dashboard.setting"))
        if request.form.get("form-name") == "update-email":
            if change_email_form.validate():
                # whether user can proceed with the email update
                new_email_valid = True
                new_email = canonicalize_email(change_email_form.email.data)
                if new_email != current_user.email and not pending_email:
                    # check if this email is not already used
                    if personal_email_already_used(new_email) or Alias.get_by(
                        email=new_email
                    ):
                        flash(f"Email {new_email} already used", "error")
                        new_email_valid = False
                    elif not email_can_be_used_as_mailbox(new_email):
                        flash(
                            "You cannot use this email address as your personal inbox.",
                            "error",
                        )
                        new_email_valid = False
                    # a pending email change with the same email exists from another user
                    elif EmailChange.get_by(new_email=new_email):
                        other_email_change: EmailChange = EmailChange.get_by(
                            new_email=new_email
                        )
                        LOG.w(
                            "Another user has a pending %s with the same email address. Current user:%s",
                            other_email_change,
                            current_user,
                        )
                        if other_email_change.is_expired():
                            LOG.d(
                                "delete the expired email change %s", other_email_change
                            )
                            EmailChange.delete(other_email_change.id)
                            Session.commit()
                        else:
                            flash(
                                "You cannot use this email address as your personal inbox.",
                                "error",
                            )
                            new_email_valid = False
                    if new_email_valid:
                        email_change = EmailChange.create(
                            user_id=current_user.id,
                            code=random_string(
                                60
                            ),  # todo: make sure the code is unique
                            new_email=new_email,
                        )
                        Session.commit()
                        send_change_email_confirmation(current_user, email_change)
                        flash(
                            "A confirmation email is on the way, please check your inbox",
                            "success",
                        )
                        return redirect(url_for("dashboard.setting"))
        if request.form.get("form-name") == "update-profile":
            if form.validate():
                profile_updated = False
@ -222,15 +148,6 @@ def setting():
                if profile_updated:
                    flash("Your profile has been updated", "success")
                    return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "change-password":
            flash(
                "You are going to receive an email containing instructions to change your password",
                "success",
            )
            send_reset_password_email(current_user)
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "notification-preference":
            choose = request.form.get("notification")
            if choose == "on":
@ -240,7 +157,6 @@ def setting():
            Session.commit()
            flash("Your notification preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "change-alias-generator":
            scheme = int(request.form.get("alias-generator-scheme"))
            if AliasGeneratorEnum.has_value(scheme):
@ -248,7 +164,6 @@ def setting():
                Session.commit()
            flash("Your preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "change-random-alias-default-domain":
            default_domain = request.form.get("random-alias-default-domain")
@ -287,7 +202,6 @@ def setting():
            Session.commit()
            flash("Your preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "random-alias-suffix":
            scheme = int(request.form.get("random-alias-suffix-generator"))
            if AliasSuffixEnum.has_value(scheme):
@ -295,7 +209,6 @@ def setting():
                Session.commit()
            flash("Your preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "change-sender-format":
            sender_format = int(request.form.get("sender-format"))
            if SenderFormatEnum.has_value(sender_format):
@ -305,7 +218,6 @@ def setting():
                flash("Your sender format preference has been updated", "success")
            Session.commit()
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "replace-ra":
            choose = request.form.get("replace-ra")
            if choose == "on":
@ -315,7 +227,6 @@ def setting():
            Session.commit()
            flash("Your preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "sender-in-ra":
            choose = request.form.get("enable")
            if choose == "on":
@ -325,7 +236,6 @@ def setting():
            Session.commit()
            flash("Your preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "expand-alias-info":
            choose = request.form.get("enable")
            if choose == "on":
@ -387,14 +297,6 @@ def setting():
            Session.commit()
            flash("Your preference has been updated", "success")
            return redirect(url_for("dashboard.setting"))
        elif request.form.get("form-name") == "send-full-user-report":
            if ExportUserDataJob(current_user).store_job_in_db():
                flash(
                    "You will receive your SimpleLogin data via email shortly",
                    "success",
                )
            else:
                flash("An export of your data is currently in progress", "error")
    manual_sub = ManualSubscription.get_by(user_id=current_user.id)
    apple_sub = AppleSubscription.get_by(user_id=current_user.id)
@ -417,7 +319,6 @@ def setting():
        SenderFormatEnum=SenderFormatEnum,
        BlockBehaviourEnum=BlockBehaviourEnum,
        promo_form=promo_form,
        change_email_form=change_email_form,
        pending_email=pending_email,
        AliasGeneratorEnum=AliasGeneratorEnum,
        UnsubscribeBehaviourEnum=UnsubscribeBehaviourEnum,
@ -432,85 +333,3 @@ def setting():
        connect_with_proton=CONNECT_WITH_PROTON,
        proton_linked_account=proton_linked_account,
    )
 def send_reset_password_email(user):
    """
    generate a new ResetPasswordCode and send it over email to user
    """
    # the activation code is valid for 1h
    reset_password_code = ResetPasswordCode.create(
        user_id=user.id, code=random_string(60)
    )
    Session.commit()
    reset_password_link = f"{URL}/auth/reset_password?code={reset_password_code.code}"
    email_utils.send_reset_password_email(user.email, reset_password_link)
 def send_change_email_confirmation(user: User, email_change: EmailChange):
    """
    send confirmation email to the new email address
    """
    link = f"{URL}/auth/change_email?code={email_change.code}"
    email_utils.send_change_email(email_change.new_email, user.email, link)
@dashboard_bp.route("/resend_email_change", methods=["GET", "POST"])
@limiter.limit("5/hour")
@login_required
 def resend_email_change():
    form = CSRFValidationForm()
    if not form.validate():
        flash("Invalid request. Please try again", "warning")
        return redirect(url_for("dashboard.setting"))
    email_change = EmailChange.get_by(user_id=current_user.id)
    if email_change:
        # extend email change expiration
        email_change.expired = arrow.now().shift(hours=12)
        Session.commit()
        send_change_email_confirmation(current_user, email_change)
        flash("A confirmation email is on the way, please check your inbox", "success")
        return redirect(url_for("dashboard.setting"))
    else:
        flash(
            "You have no pending email change. Redirect back to Setting page", "warning"
        )
        return redirect(url_for("dashboard.setting"))
@dashboard_bp.route("/cancel_email_change", methods=["GET", "POST"])
@login_required
 def cancel_email_change():
    form = CSRFValidationForm()
    if not form.validate():
        flash("Invalid request. Please try again", "warning")
        return redirect(url_for("dashboard.setting"))
    email_change = EmailChange.get_by(user_id=current_user.id)
    if email_change:
        EmailChange.delete(email_change.id)
        Session.commit()
        flash("Your email change is cancelled", "success")
        return redirect(url_for("dashboard.setting"))
    else:
        flash(
            "You have no pending email change. Redirect back to Setting page", "warning"
        )
        return redirect(url_for("dashboard.setting"))
@dashboard_bp.route("/unlink_proton_account", methods=["POST"])
@login_required
 def unlink_proton_account():
    csrf_form = CSRFValidationForm()
    if not csrf_form.validate():
        flash("Invalid request", "warning")
        return redirect(url_for("dashboard.setting"))
    perform_proton_account_unlink(current_user)
    flash("Your Proton account has been unlinked", "success")
    return redirect(url_for("dashboard.setting"))
--- a/app/app/email/headers.py
+++ b/app/app/email/headers.py
@ -21,6 +21,7 @@ LIST_UNSUBSCRIBE = "List-Unsubscribe"
 LIST_UNSUBSCRIBE_POST = "List-Unsubscribe-Post"
 RETURN_PATH = "Return-Path"
 AUTHENTICATION_RESULTS = "Authentication-Results"
 SL_QUEUE_ID = "X-SL-Queue-Id"
 # headers used to DKIM sign in order of preference
 DKIM_HEADERS = [
--- a/app/app/email_utils.py
+++ b/app/app/email_utils.py
@ -494,9 +494,10 @@ def delete_header(msg: Message, header: str):
 def sanitize_header(msg: Message, header: str):
    """remove trailing space and remove linebreak from a header"""
    header_lowercase = header.lower()
    for i in reversed(range(len(msg._headers))):
        header_name = msg._headers[i][0].lower()
-        if header_name == header.lower():
+        if header_name == header_lowercase:
            # msg._headers[i] is a tuple like ('From', 'hey@google.com')
            if msg._headers[i][1]:
                msg._headers[i] = (
@ -1403,7 +1404,7 @@ def generate_verp_email(
    # Time is in minutes granularity and start counting on 2022-01-01 to reduce bytes to represent time
    data = [
        verp_type.value,
-        object_id,
+        object_id or 0,
        int((time.time() - VERP_TIME_START) / 60),
    ]
    json_payload = json.dumps(data).encode("utf-8")
--- a/app/app/handler/dmarc.py
+++ b/app/app/handler/dmarc.py
@ -30,7 +30,9 @@ def apply_dmarc_policy_for_forward_phase(
 ) -> Tuple[Message, Optional[str]]:
    spam_result = SpamdResult.extract_from_headers(msg, Phase.forward)
    if not DMARC_CHECK_ENABLED or not spam_result:
        LOG.i("DMARC check disabled")
        return msg, None
    LOG.i(f"Spam check result in {spam_result}")
    from_header = get_header_unicode(msg[headers.FROM])
@ -150,8 +152,10 @@ def apply_dmarc_policy_for_reply_phase(
 ) -> Optional[str]:
    spam_result = SpamdResult.extract_from_headers(msg, Phase.reply)
    if not DMARC_CHECK_ENABLED or not spam_result:
        LOG.i("DMARC check disabled")
        return None
    LOG.i(f"Spam check result is {spam_result}")
    if spam_result.dmarc not in (
        DmarcCheckResult.quarantine,
        DmarcCheckResult.reject,
--- a/app/app/handler/unsubscribe_generator.py
+++ b/app/app/handler/unsubscribe_generator.py
@ -3,6 +3,7 @@ from email.header import Header
 from email.message import Message
 from app.email import headers
 from app import config
 from app.email_utils import add_or_replace_header, delete_header
 from app.handler.unsubscribe_encoder import (
    UnsubscribeEncoder,
@ -47,6 +48,11 @@ class UnsubscribeGenerator:
            method = raw_method[start + 1 : end]
            url_data = urllib.parse.urlparse(method)
            if url_data.scheme == "mailto":
                if url_data.path == config.UNSUBSCRIBER:
                    LOG.debug(
                        f"Skipping replacing unsubscribe since the original email already points to {config.UNSUBSCRIBER}"
                    )
                    return message
                query_data = urllib.parse.parse_qs(url_data.query)
                mailto_unsubs = (url_data.path, query_data.get("subject", [""])[0])
                LOG.debug(f"Unsub is mailto to {mailto_unsubs}")
--- a/app/app/import_utils.py
+++ b/app/app/import_utils.py
@ -30,7 +30,10 @@ def handle_batch_import(batch_import: BatchImport):
    LOG.d("Download file %s from %s", batch_import.file, file_url)
    r = requests.get(file_url)
-    lines = [line.decode("utf-8") for line in r.iter_lines()]
+    # Replace invisible character
    lines = [
        line.decode("utf-8").replace("\ufeff", "").strip() for line in r.iter_lines()
    ]
    import_from_csv(batch_import, user, lines)
--- a/app/app/models.py
+++ b/app/app/models.py
@ -727,6 +727,11 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
        return True
    def is_active(self) -> bool:
        if self.delete_on is None:
            return True
        return self.delete_on < arrow.now()
    def in_trial(self):
        """return True if user does not have lifetime licence or an active subscription AND is in trial period"""
        if self.lifetime_or_active_subscription():
@ -828,6 +833,9 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
        Whether user can create a new alias. User can't create a new alias if
        - has more than 15 aliases in the free plan, *even in the free trial*
        """
        if not self.is_active():
            return False
        if self.disabled:
            return False
@ -1414,6 +1422,9 @@ def generate_random_alias_email(
 class Alias(Base, ModelMixin):
    __tablename__ = "alias"
    FLAG_PARTNER_CREATED = 1 << 0
    user_id = sa.Column(
        sa.ForeignKey(User.id, ondelete="cascade"), nullable=False, index=True
    )
@ -1423,6 +1434,9 @@ class Alias(Base, ModelMixin):
    name = sa.Column(sa.String(128), nullable=True, default=None)
    enabled = sa.Column(sa.Boolean(), default=True, nullable=False)
    flags = sa.Column(
        sa.BigInteger(), default=0, server_default="0", nullable=False, index=True
    )
    custom_domain_id = sa.Column(
        sa.ForeignKey("custom_domain.id", ondelete="cascade"), nullable=True, index=True
@ -2578,10 +2592,13 @@ class Job(Base, ModelMixin):
        nullable=False,
        server_default=str(JobState.ready.value),
        default=JobState.ready.value,
        index=True,
    )
    attempts = sa.Column(sa.Integer, nullable=False, server_default="0", default=0)
    taken_at = sa.Column(ArrowType, nullable=True)
    __table_args__ = (Index("ix_state_run_at_taken_at", state, run_at, taken_at),)
    def __repr__(self):
        return f"<Job {self.id} {self.name} {self.payload}>"
@ -2929,7 +2946,9 @@ class RecoveryCode(Base, ModelMixin):
 class Notification(Base, ModelMixin):
    __tablename__ = "notification"
-    user_id = sa.Column(sa.ForeignKey(User.id, ondelete="cascade"), nullable=False)
+    user_id = sa.Column(
        sa.ForeignKey(User.id, ondelete="cascade"), nullable=False, index=True
    )
    message = sa.Column(sa.Text, nullable=False)
    title = sa.Column(sa.String(512))
@ -3170,6 +3189,20 @@ class TransactionalEmail(Base, ModelMixin):
    __table_args__ = (sa.Index("ix_transactional_email_created_at", "created_at"),)
    @classmethod
    def create(cls, **kw):
        # whether to call Session.commit
        commit = kw.pop("commit", False)
        r = cls(**kw)
        if not config.STORE_TRANSACTIONAL_EMAILS:
            return r
        Session.add(r)
        if commit:
            Session.commit()
        return r
 class Payout(Base, ModelMixin):
    """Referral payouts"""
--- a/app/app/oauth/views/authorize.py
+++ b/app/app/oauth/views/authorize.py
@ -140,7 +140,7 @@ def authorize():
                Scope=Scope,
            )
    else:  # POST - user allows or denies
-        if not current_user.is_authenticated or not current_user.is_active:
+        if not current_user.is_authenticated or not current_user.is_active():
            LOG.i(
                "Attempt to validate a OAUth allow request by an unauthenticated user"
            )
--- a/app/app/rate_limiter.py
+++ b/app/app/rate_limiter.py
@ -30,7 +30,9 @@ def check_bucket_limit(
    try:
        value = lock_redis.incr(bucket_lock_name, bucket_seconds)
        if value > max_hits:
-            LOG.i(f"Rate limit hit for {bucket_lock_name} -> {value}/{max_hits}")
+            LOG.i(
                f"Rate limit hit for {lock_name} (bucket id {bucket_id}) -> {value}/{max_hits}"
            )
            newrelic.agent.record_custom_event(
                "BucketRateLimit",
                {"lock_name": lock_name, "bucket_seconds": bucket_seconds},
--- a/app/app/s3.py
+++ b/app/app/s3.py
@ -5,19 +5,9 @@ from typing import Optional
 import boto3
 import requests
-from app.config import (
+from app import config
    AWS_REGION,
    BUCKET,
    AWS_ACCESS_KEY_ID,
    AWS_SECRET_ACCESS_KEY,
    LOCAL_FILE_UPLOAD,
    UPLOAD_DIR,
    URL,
    AWS_ENDPOINT_URL,
 )
 from app.log import LOG
 _s3_client = None
@ -25,12 +15,12 @@ def _get_s3client():
    global _s3_client
    if _s3_client is None:
        args = {
-            "aws_access_key_id": AWS_ACCESS_KEY_ID,
+            "aws_access_key_id": config.AWS_ACCESS_KEY_ID,
-            "aws_secret_access_key": AWS_SECRET_ACCESS_KEY,
+            "aws_secret_access_key": config.AWS_SECRET_ACCESS_KEY,
-            "region_name": AWS_REGION,
+            "region_name": config.AWS_REGION,
        }
-        if AWS_ENDPOINT_URL:
+        if config.AWS_ENDPOINT_URL:
-            args["endpoint_url"] = AWS_ENDPOINT_URL
+            args["endpoint_url"] = config.AWS_ENDPOINT_URL
        _s3_client = boto3.client("s3", **args)
    return _s3_client
@ -38,8 +28,8 @@ def _get_s3client():
 def upload_from_bytesio(key: str, bs: BytesIO, content_type="application/octet-stream"):
    bs.seek(0)
-    if LOCAL_FILE_UPLOAD:
+    if config.LOCAL_FILE_UPLOAD:
-        file_path = os.path.join(UPLOAD_DIR, key)
+        file_path = os.path.join(config.UPLOAD_DIR, key)
        file_dir = os.path.dirname(file_path)
        os.makedirs(file_dir, exist_ok=True)
        with open(file_path, "wb") as f:
@ -47,7 +37,7 @@ def upload_from_bytesio(key: str, bs: BytesIO, content_type="application/octet-s
    else:
        _get_s3client().put_object(
-            Bucket=BUCKET,
+            Bucket=config.BUCKET,
            Key=key,
            Body=bs,
            ContentType=content_type,
@ -57,8 +47,8 @@ def upload_from_bytesio(key: str, bs: BytesIO, content_type="application/octet-s
 def upload_email_from_bytesio(path: str, bs: BytesIO, filename):
    bs.seek(0)
-    if LOCAL_FILE_UPLOAD:
+    if config.LOCAL_FILE_UPLOAD:
-        file_path = os.path.join(UPLOAD_DIR, path)
+        file_path = os.path.join(config.UPLOAD_DIR, path)
        file_dir = os.path.dirname(file_path)
        os.makedirs(file_dir, exist_ok=True)
        with open(file_path, "wb") as f:
@ -66,7 +56,7 @@ def upload_email_from_bytesio(path: str, bs: BytesIO, filename):
    else:
        _get_s3client().put_object(
-            Bucket=BUCKET,
+            Bucket=config.BUCKET,
            Key=path,
            Body=bs,
            # Support saving a remote file using Http header
@ -77,12 +67,12 @@ def upload_email_from_bytesio(path: str, bs: BytesIO, filename):
 def download_email(path: str) -> Optional[str]:
-    if LOCAL_FILE_UPLOAD:
+    if config.LOCAL_FILE_UPLOAD:
-        file_path = os.path.join(UPLOAD_DIR, path)
+        file_path = os.path.join(config.UPLOAD_DIR, path)
        with open(file_path, "rb") as f:
            return f.read()
    resp = _get_s3client().get_object(
-        Bucket=BUCKET,
+        Bucket=config.BUCKET,
        Key=path,
    )
    if not resp or "Body" not in resp:
@ -96,29 +86,30 @@ def upload_from_url(url: str, upload_path):
 def get_url(key: str, expires_in=3600) -> str:
-    if LOCAL_FILE_UPLOAD:
+    if config.LOCAL_FILE_UPLOAD:
-        return URL + "/static/upload/" + key
+        return config.URL + "/static/upload/" + key
    else:
        return _get_s3client().generate_presigned_url(
            ExpiresIn=expires_in,
            ClientMethod="get_object",
-            Params={"Bucket": BUCKET, "Key": key},
+            Params={"Bucket": config.BUCKET, "Key": key},
        )
 def delete(path: str):
-    if LOCAL_FILE_UPLOAD:
+    if config.LOCAL_FILE_UPLOAD:
-        os.remove(os.path.join(UPLOAD_DIR, path))
+        file_path = os.path.join(config.UPLOAD_DIR, path)
        os.remove(file_path)
    else:
-        _get_s3client().delete_object(Bucket=BUCKET, Key=path)
+        _get_s3client().delete_object(Bucket=config.BUCKET, Key=path)
 def create_bucket_if_not_exists():
    s3client = _get_s3client()
    buckets = s3client.list_buckets()
    for bucket in buckets["Buckets"]:
-        if bucket["Name"] == BUCKET:
+        if bucket["Name"] == config.BUCKET:
            LOG.i("Bucket already exists")
            return
-    s3client.create_bucket(Bucket=BUCKET)
+    s3client.create_bucket(Bucket=config.BUCKET)
-    LOG.i(f"Bucket {BUCKET} created")
+    LOG.i(f"Bucket {config.BUCKET} created")
--- a/app/cron.py
+++ b/app/cron.py
@ -61,6 +61,11 @@ from app.pgp_utils import load_public_key_and_check, PGPException
 from app.proton.utils import get_proton_partner
 from app.utils import sanitize_email
 from server import create_light_app
 from tasks.cleanup_old_imports import cleanup_old_imports
 from tasks.cleanup_old_jobs import cleanup_old_jobs
 from tasks.cleanup_old_notifications import cleanup_old_notifications
 DELETE_GRACE_DAYS = 30
 def notify_trial_end():
@ -960,6 +965,9 @@ async def _hibp_check(api_key, queue):
    This function to be ran simultaneously (multiple _hibp_check functions with different keys on the same queue) to make maximum use of multiple API keys.
    """
    default_rate_sleep = (60.0 / config.HIBP_RPM) + 0.1
    rate_sleep = default_rate_sleep
    rate_hit_counter = 0
    while True:
        try:
            alias_id = queue.get_nowait()
@ -967,9 +975,14 @@ async def _hibp_check(api_key, queue):
            return
        alias = Alias.get(alias_id)
        # an alias can be deleted in the meantime
        if not alias:
-            return
+            continue
        user = alias.user
        if user.disabled or not user.is_paid():
            # Mark it as hibp done to skip it as if it had been checked
            alias.hibp_last_check = arrow.utcnow()
            Session.commit()
            continue
        LOG.d("Checking HIBP for %s", alias)
@ -981,7 +994,6 @@ async def _hibp_check(api_key, queue):
            f"https://haveibeenpwned.com/api/v3/breachedaccount/{urllib.parse.quote(alias.email)}",
            headers=request_headers,
        )
        if r.status_code == 200:
            # Breaches found
            alias.hibp_breaches = [
@ -989,20 +1001,27 @@ async def _hibp_check(api_key, queue):
            ]
            if len(alias.hibp_breaches) > 0:
                LOG.w("%s appears in HIBP breaches %s", alias, alias.hibp_breaches)
            if rate_hit_counter > 0:
                rate_hit_counter -= 1
        elif r.status_code == 404:
            # No breaches found
            alias.hibp_breaches = []
        elif r.status_code == 429:
            # rate limited
            LOG.w("HIBP rate limited, check alias %s in the next run", alias)
-            await asyncio.sleep(1.6)
+            rate_hit_counter += 1
-            return
+            rate_sleep = default_rate_sleep + (0.2 * rate_hit_counter)
            if rate_hit_counter > 10:
                LOG.w(f"HIBP rate limited too many times stopping with alias {alias}")
                return
            # Just sleep for a while
            asyncio.sleep(5)
        elif r.status_code > 500:
            LOG.w("HIBP server 5** error %s", r.status_code)
            return
        else:
            LOG.error(
-                "An error occured while checking alias %s: %s - %s",
+                "An error occurred while checking alias %s: %s - %s",
                alias,
                r.status_code,
                r.text,
@ -1013,9 +1032,62 @@ async def _hibp_check(api_key, queue):
        Session.add(alias)
        Session.commit()
-        LOG.d("Updated breaches info for %s", alias)
+        LOG.d("Updated breach info for %s", alias)
        await asyncio.sleep(rate_sleep)
-        await asyncio.sleep(1.6)
+
 def get_alias_to_check_hibp(
    oldest_hibp_allowed: arrow.Arrow,
    user_ids_to_skip: list[int],
    min_alias_id: int,
    max_alias_id: int,
 ):
    now = arrow.now()
    alias_query = (
        Session.query(Alias)
        .join(User, User.id == Alias.user_id)
        .join(Subscription, User.id == Subscription.user_id, isouter=True)
        .join(ManualSubscription, User.id == ManualSubscription.user_id, isouter=True)
        .join(AppleSubscription, User.id == AppleSubscription.user_id, isouter=True)
        .join(
            CoinbaseSubscription,
            User.id == CoinbaseSubscription.user_id,
            isouter=True,
        )
        .join(PartnerUser, User.id == PartnerUser.user_id, isouter=True)
        .join(
            PartnerSubscription,
            PartnerSubscription.partner_user_id == PartnerUser.id,
            isouter=True,
        )
        .filter(
            or_(
                Alias.hibp_last_check.is_(None),
                Alias.hibp_last_check < oldest_hibp_allowed,
            ),
            Alias.user_id.notin_(user_ids_to_skip),
            Alias.enabled,
            Alias.id >= min_alias_id,
            Alias.id < max_alias_id,
            User.disabled == False,  # noqa: E712
            or_(
                User.lifetime,
                ManualSubscription.end_at > now,
                Subscription.next_bill_date > now.date(),
                AppleSubscription.expires_date > now,
                CoinbaseSubscription.end_at > now,
                PartnerSubscription.end_at > now,
            ),
        )
    )
    if config.HIBP_SKIP_PARTNER_ALIAS:
        alias_query = alias_query.filter(
            Alias.flags.op("&")(Alias.FLAG_PARTNER_CREATED) == 0
        )
    for alias in (
        alias_query.order_by(Alias.id.asc()).enable_eagerloads(False).yield_per(500)
    ):
        yield alias
 async def check_hibp():
@ -1038,40 +1110,49 @@ async def check_hibp():
    Session.commit()
    LOG.d("Updated list of known breaches")
-    LOG.d("Preparing list of aliases to check")
+    LOG.d("Getting the list of users to skip")
    query = "select u.id, count(a.id) from users u, alias a where a.user_id=u.id group by u.id having count(a.id) > :max_alias"
    rows = Session.execute(query, {"max_alias": config.HIBP_MAX_ALIAS_CHECK})
    user_ids = [row[0] for row in rows]
    LOG.d("Got %d users to skip" % len(user_ids))
    LOG.d("Checking aliases")
    queue = asyncio.Queue()
-    max_date = arrow.now().shift(days=-config.HIBP_SCAN_INTERVAL_DAYS)
+    min_alias_id = 0
-    for alias in (
+    max_alias_id = Session.query(func.max(Alias.id)).scalar()
-        Alias.filter(
+    step = 10000
-            or_(Alias.hibp_last_check.is_(None), Alias.hibp_last_check < max_date)
+    now = arrow.now()
    oldest_hibp_allowed = now.shift(days=-config.HIBP_SCAN_INTERVAL_DAYS)
    alias_checked = 0
    for alias_batch_id in range(min_alias_id, max_alias_id, step):
        for alias in get_alias_to_check_hibp(
            oldest_hibp_allowed, user_ids, alias_batch_id, alias_batch_id + step
        ):
            await queue.put(alias.id)
        alias_checked += queue.qsize()
        LOG.d(
            f"Need to check about {queue.qsize()} aliases in this loop {alias_batch_id}/{max_alias_id}"
        )
        .filter(Alias.enabled)
        .order_by(Alias.hibp_last_check.asc())
        .yield_per(500)
        .enable_eagerloads(False)
    ):
        await queue.put(alias.id)
-    LOG.d("Need to check about %s aliases", queue.qsize())
+        # Start one checking process per API key
-
+        # Each checking process will take one alias from the queue, get the info
-    # Start one checking process per API key
+        # and then sleep for 1.5 seconds (due to HIBP API request limits)
-    # Each checking process will take one alias from the queue, get the info
+        checkers = []
-    # and then sleep for 1.5 seconds (due to HIBP API request limits)
+        for i in range(len(config.HIBP_API_KEYS)):
-    checkers = []
+            checker = asyncio.create_task(
-    for i in range(len(config.HIBP_API_KEYS)):
+                _hibp_check(
-        checker = asyncio.create_task(
+                    config.HIBP_API_KEYS[i],
-            _hibp_check(
+                    queue,
-                config.HIBP_API_KEYS[i],
+                )
                queue,
            )
-        )
+            checkers.append(checker)
        checkers.append(checker)
-    # Wait until all checking processes are done
+        # Wait until all checking processes are done
-    for checker in checkers:
+        for checker in checkers:
-        await checker
+            await checker
-    LOG.d("Done checking HIBP API for aliases in breaches")
+    LOG.d(f"Done checking {alias_checked} HIBP API for aliases in breaches")
 def notify_hibp():
@ -1126,18 +1207,30 @@ def notify_hibp():
        Session.commit()
-def clear_users_scheduled_to_be_deleted():
+def clear_users_scheduled_to_be_deleted(dry_run=False):
    users = User.filter(
-        and_(User.delete_on.isnot(None), User.delete_on < arrow.now())
+        and_(
            User.delete_on.isnot(None),
            User.delete_on <= arrow.now().shift(days=-DELETE_GRACE_DAYS),
        )
    ).all()
    for user in users:
        LOG.i(
            f"Scheduled deletion of user {user} with scheduled delete on {user.delete_on}"
        )
        if dry_run:
            continue
        User.delete(user.id)
        Session.commit()
 def delete_old_data():
    oldest_valid = arrow.now().shift(days=-config.KEEP_OLD_DATA_DAYS)
    cleanup_old_imports(oldest_valid)
    cleanup_old_jobs(oldest_valid)
    cleanup_old_notifications(oldest_valid)
 if __name__ == "__main__":
    LOG.d("Start running cronjob")
    parser = argparse.ArgumentParser()
@ -1152,6 +1245,7 @@ if __name__ == "__main__":
            "notify_manual_subscription_end",
            "notify_premium_end",
            "delete_logs",
            "delete_old_data",
            "poll_apple_subscription",
            "sanity_check",
            "delete_old_monitoring",
@ -1180,6 +1274,9 @@ if __name__ == "__main__":
        elif args.job == "delete_logs":
            LOG.d("Deleted Logs")
            delete_logs()
        elif args.job == "delete_old_data":
            LOG.d("Delete old data")
            delete_old_data()
        elif args.job == "poll_apple_subscription":
            LOG.d("Poll Apple Subscriptions")
            poll_apple_subscription()
@ -1206,4 +1303,4 @@ if __name__ == "__main__":
            load_unsent_mails_from_fs_and_resend()
        elif args.job == "delete_scheduled_users":
            LOG.d("Deleting users scheduled to be deleted")
-            clear_users_scheduled_to_be_deleted()
+            clear_users_scheduled_to_be_deleted(dry_run=True)
--- a/app/crontab.yml
+++ b/app/crontab.yml
@ -37,6 +37,12 @@ jobs:
    schedule: "15 5 * * *"
    captureStderr: true
  - name: SimpleLogin Delete Old data
    command: python /code/cron.py -j delete_old_data
    shell: /bin/bash
    schedule: "30 5 * * *"
    captureStderr: true
  - name: SimpleLogin Poll Apple Subscriptions
    command: python /code/cron.py -j poll_apple_subscription
    shell: /bin/bash
@ -62,7 +68,7 @@ jobs:
    captureStderr: true
  - name: SimpleLogin delete users scheduled to be deleted
-    command: echo disabled_user_deletion #python /code/cron.py -j delete_scheduled_users
+    command: python /code/cron.py -j delete_scheduled_users
    shell: /bin/bash
    schedule: "15 11 * * *"
    captureStderr: true
--- a/app/email_handler.py
+++ b/app/email_handler.py
@ -236,15 +236,16 @@ def get_or_create_contact(from_header: str, mail_from: str, alias: Alias) -> Con
            Session.commit()
    else:
        try:
            contact_email_for_reply = (
                contact_email if is_valid_email(contact_email) else ""
            )
            contact = Contact.create(
                user_id=alias.user_id,
                alias_id=alias.id,
                website_email=contact_email,
                name=contact_name,
                mail_from=mail_from,
-                reply_email=generate_reply_email(contact_email, alias)
+                reply_email=generate_reply_email(contact_email_for_reply, alias),
                if is_valid_email(contact_email)
                else NOREPLY,
                automatic_created=True,
            )
            if not contact_email:
@ -636,6 +637,10 @@ def handle_forward(envelope, msg: Message, rcpt_to: str) -> List[Tuple[bool, str
    user = alias.user
    if not user.is_active():
        LOG.w(f"User {user} has been soft deleted")
        return False, status.E502
    if not user.can_send_or_receive():
        LOG.i(f"User {user} cannot receive emails")
        if should_ignore_bounce(envelope.mail_from):
@ -870,6 +875,7 @@ def forward_email_to_mailbox(
        # References and In-Reply-To are used for keeping the email thread
        headers.REFERENCES,
        headers.IN_REPLY_TO,
        headers.SL_QUEUE_ID,
        headers.LIST_UNSUBSCRIBE,
        headers.LIST_UNSUBSCRIBE_POST,
    ] + headers.MIME_HEADERS
@ -1055,6 +1061,9 @@ def handle_reply(envelope, msg: Message, rcpt_to: str) -> (bool, str):
    if not contact:
        LOG.w(f"No contact with {reply_email} as reverse alias")
        return False, status.E502
    if not contact.user.is_active():
        LOG.w(f"User {contact.user} has been soft deleted")
        return False, status.E502
    alias = contact.alias
    alias_address: str = contact.alias.email
@ -1883,24 +1892,30 @@ def handle_transactional_bounce(
    envelope: Envelope, msg, rcpt_to, transactional_id=None
 ):
    LOG.d("handle transactional bounce sent to %s", rcpt_to)
    if transactional_id is None:
        LOG.i(
            f"No transactional record for {envelope.mail_from} -> {envelope.rcpt_tos}"
        )
        return
    # parse the TransactionalEmail
    transactional_id = transactional_id or parse_id_from_bounce(rcpt_to)
    transactional = TransactionalEmail.get(transactional_id)
    # a transaction might have been deleted in delete_logs()
-    if transactional:
+    if not transactional:
-        LOG.i("Create bounce for %s", transactional.email)
+        LOG.i(
-        bounce_info = get_mailbox_bounce_info(msg)
+            f"No transactional record for {envelope.mail_from} -> {envelope.rcpt_tos}"
-        if bounce_info:
+        )
-            Bounce.create(
+        return
-                email=transactional.email,
+    LOG.i("Create bounce for %s", transactional.email)
-                info=bounce_info.as_bytes().decode(),
+    bounce_info = get_mailbox_bounce_info(msg)
-                commit=True,
+    if bounce_info:
-            )
+        Bounce.create(
-        else:
+            email=transactional.email,
-            LOG.w("cannot get bounce info, debug at %s", save_email_for_debugging(msg))
+            info=bounce_info.as_bytes().decode(),
-            Bounce.create(email=transactional.email, commit=True)
+            commit=True,
        )
    else:
        LOG.w("cannot get bounce info, debug at %s", save_email_for_debugging(msg))
        Bounce.create(email=transactional.email, commit=True)
 def handle_bounce(envelope, email_log: EmailLog, msg: Message) -> str:
@ -1921,6 +1936,9 @@ def handle_bounce(envelope, email_log: EmailLog, msg: Message) -> str:
        contact,
        alias,
    )
    if not email_log.user.is_active():
        LOG.d(f"User {email_log.user} is not active")
        return status.E510
    if email_log.is_reply:
        content_type = msg.get_content_type().lower()
@ -1982,6 +2000,9 @@ def send_no_reply_response(mail_from: str, msg: Message):
    if not mailbox:
        LOG.d("Unknown sender. Skipping reply from {}".format(NOREPLY))
        return
    if not mailbox.user.is_active():
        LOG.d(f"User {mailbox.user} is soft-deleted. Skipping sending reply response")
        return
    send_email_at_most_times(
        mailbox.user,
        ALERT_TO_NOREPLY,
@ -2020,10 +2041,11 @@ def handle(envelope: Envelope, msg: Message) -> str:
        return status.E204
    # sanitize email headers
-    sanitize_header(msg, "from")
+    sanitize_header(msg, headers.FROM)
-    sanitize_header(msg, "to")
+    sanitize_header(msg, headers.TO)
-    sanitize_header(msg, "cc")
+    sanitize_header(msg, headers.CC)
-    sanitize_header(msg, "reply-to")
+    sanitize_header(msg, headers.REPLY_TO)
    sanitize_header(msg, headers.MESSAGE_ID)
    LOG.d(
        "==>> Handle mail_from:%s, rcpt_tos:%s, header_from:%s, header_to:%s, "
--- a/app/example.env
+++ b/app/example.env
@ -116,6 +116,16 @@ WORDS_FILE_PATH=local_data/test_words.txt
 # CONNECT_WITH_PROTON=true
 # CONNECT_WITH_PROTON_COOKIE_NAME=to_fill
 # Login with OIDC
 # CONNECT_WITH_OIDC_ICON=fa-github
 # OIDC_AUTHORIZATION_URL=to_fill
 # OIDC_USER_INFO_URL=to_fill
 # OIDC_TOKEN_URL=to_fill
 # OIDC_SCOPES=openid email profile
 # OIDC_NAME_FIELD=name
 # OIDC_CLIENT_ID=to_fill
 # OIDC_CLIENT_SECRET=to_fill
 # Flask profiler
 # FLASK_PROFILER_PATH=/tmp/flask-profiler.sql
 # FLASK_PROFILER_PASSWORD=password
--- a/app/local_data/words.txt
+++ b/app/local_data/words.txt
@ -7460,9 +7460,7 @@ villain
 vindicate
 vineyard
 vintage
 violate
 violation
 violator
 violet
 violin
 viper
--- a/app/migrations/versions/2024_031212_52510a633d6f_.py
+++ b/app/migrations/versions/2024_031212_52510a633d6f_.py
@ -0,0 +1,48 @@
 """empty message
 Revision ID: 52510a633d6f
 Revises: 818b0a956205
 Create Date: 2024-03-12 12:46:24.161644
 """
 import sqlalchemy_utils
 from alembic import op
 import sqlalchemy as sa
 # revision identifiers, used by Alembic.
 revision = "52510a633d6f"
 down_revision = "818b0a956205"
 branch_labels = None
 depends_on = None
 def upgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    op.add_column(
        "alias", sa.Column("flags", sa.BigInteger(), server_default="0", nullable=False)
    )
    with op.get_context().autocommit_block():
        op.create_index(op.f("ix_alias_flags"), "alias", ["flags"], unique=False)
        op.create_index(op.f("ix_job_state"), "job", ["state"], unique=False)
        op.create_index(
            "ix_state_run_at_taken_at",
            "job",
            ["state", "run_at", "taken_at"],
            unique=False,
        )
        op.create_index(
            op.f("ix_notification_user_id"), "notification", ["user_id"], unique=False
        )
    # ### end Alembic commands ###
 def downgrade():
    # ### commands auto generated by Alembic - please adjust! ###
    with op.get_context().autocommit_block():
        op.drop_index(op.f("ix_notification_user_id"), table_name="notification")
        op.drop_index("ix_state_run_at_taken_at", table_name="job")
        op.drop_index(op.f("ix_job_state"), table_name="job")
        op.drop_index(op.f("ix_alias_flags"), table_name="alias")
    op.drop_column("alias", "flags")
    # ### end Alembic commands ###
--- a/app/oneshot/emulate_dummy_load.py
+++ b/app/oneshot/emulate_dummy_load.py
@ -0,0 +1,37 @@
 #!/usr/bin/env python3
 import argparse
 import random
 import time
 from sqlalchemy import func
 from app import config
 from app.models import Alias, Contact
 from app.db import Session
 parser = argparse.ArgumentParser(
    prog=f"Replace {config.NOREPLY}",
    description=f"Replace {config.NOREPLY} from contacts reply email",
 )
 args = parser.parse_args()
 max_alias_id: int = Session.query(func.max(Alias.id)).scalar()
 start = time.time()
 tests = 1000
 for i in range(tests):
    alias = (
        Alias.filter(Alias.id > int(random.random() * max_alias_id))
        .order_by(Alias.id.asc())
        .limit(1)
        .first()
    )
    contact = Contact.filter_by(alias_id=alias.id).order_by(Contact.id.asc()).first()
    mailboxes = alias.mailboxes
    user = alias.user
    if i % 10:
        print("{i} -> {alias.id}")
 end = time.time()
 time_taken = end - start
 print(f"Took {time_taken} -> {time_taken/tests} per test")
--- a/app/oneshot/mark_aliases_as_partner_created.py
+++ b/app/oneshot/mark_aliases_as_partner_created.py
@ -0,0 +1,56 @@
 #!/usr/bin/env python3
 import argparse
 import time
 from sqlalchemy import func
 from app.models import Alias, SLDomain
 from app.db import Session
 parser = argparse.ArgumentParser(
    prog="Mark partner created aliases with the PARTNER_CREATED flag",
 )
 parser.add_argument(
    "-s", "--start_alias_id", default=0, type=int, help="Initial alias_id"
 )
 parser.add_argument("-e", "--end_alias_id", default=0, type=int, help="Last alias_id")
 args = parser.parse_args()
 alias_id_start = args.start_alias_id
 max_alias_id = args.end_alias_id
 if max_alias_id == 0:
    max_alias_id = Session.query(func.max(Alias.id)).scalar()
 print(f"Updating aliases from {alias_id_start} to {max_alias_id}")
 domains = SLDomain.filter(SLDomain.partner_id.isnot(None)).all()
 cond = [f"email like '%{domain.domain}'" for domain in domains]
 sql_or_cond = " OR ".join(cond)
 sql = f"UPDATE alias set flags = (flags | :flag) WHERE id >= :start and id<:end and flags & :flag = 0 and ({sql_or_cond})"
 print(sql)
 step = 1000
 updated = 0
 start_time = time.time()
 for batch_start in range(alias_id_start, max_alias_id, step):
    updated += Session.execute(
        sql,
        {
            "start": batch_start,
            "end": batch_start + step,
            "flag": Alias.FLAG_PARTNER_CREATED,
        },
    ).rowcount
    elapsed = time.time() - start_time
    time_per_alias = elapsed / (batch_start - alias_id_start + step)
    last_batch_id = batch_start + step
    remaining = max_alias_id - last_batch_id
    time_remaining = (max_alias_id - last_batch_id) * time_per_alias
    hours_remaining = time_remaining / 3600.0
    percent = int(
        ((batch_start - alias_id_start) * 100) / (max_alias_id - alias_id_start)
    )
    print(
        f"\rAlias {batch_start}/{max_alias_id} {percent}% {updated} updated {hours_remaining:.2f}hrs remaining"
    )
 print(f"Updated aliases up to {max_alias_id}")
--- a/app/oneshot/replace_noreply_in_contacts.py
+++ b/app/oneshot/replace_noreply_in_contacts.py
@ -0,0 +1,53 @@
 #!/usr/bin/env python3
 import argparse
 import time
 from app import config
 from app.email_utils import generate_reply_email
 from app.email_validation import is_valid_email
 from app.models import Alias
 from app.db import Session
 parser = argparse.ArgumentParser(
    prog=f"Replace {config.NOREPLY}",
    description=f"Replace {config.NOREPLY} from contacts reply email",
 )
 args = parser.parse_args()
 el_query = "SELECT id, alias_id, website_email from contact where id>=:last_id AND reply_email=:reply_email ORDER BY id ASC LIMIT :step"
 update_query = "UPDATE contact SET reply_email=:reply_email WHERE id=:contact_id "
 updated = 0
 start_time = time.time()
 step = 100
 last_id = 0
 print(f"Replacing contacts with reply_email={config.NOREPLY}")
 while True:
    rows = Session.execute(
        el_query, {"last_id": last_id, "reply_email": config.NOREPLY, "step": step}
    )
    loop_updated = 0
    for row in rows:
        contact_id = row[0]
        alias_id = row[1]
        last_id = contact_id
        website_email = row[2]
        contact_email_for_reply = website_email if is_valid_email(website_email) else ""
        alias = Alias.get(alias_id)
        if alias is None:
            print(f"CANNOT find alias {alias_id} in database for contact {contact_id}")
        reply_email = generate_reply_email(contact_email_for_reply, alias)
        print(
            f"Replacing contact {contact_id} with {website_email} reply_email for {reply_email}"
        )
        Session.execute(
            update_query, {"contact_id": row[0], "reply_email": reply_email}
        )
        Session.commit()
        updated += 1
        loop_updated += 1
    elapsed = time.time() - start_time
    print(f"\rContact {last_id} done")
    if loop_updated == 0:
        break
 print("")
--- a/app/server.py
+++ b/app/server.py
@ -228,6 +228,8 @@ def load_user(alternative_id):
        sentry_sdk.set_user({"email": user.email, "id": user.id})
        if user.disabled:
            return None
        if not user.is_active():
            return None
    return user
--- a/app/tasks/init.py
+++ b/app/tasks/init.py
--- a/app/tasks/cleanup_old_imports.py
+++ b/app/tasks/cleanup_old_imports.py
@ -0,0 +1,19 @@
 import arrow
 from app import s3
 from app.log import LOG
 from app.models import BatchImport
 def cleanup_old_imports(oldest_allowed: arrow.Arrow):
    LOG.i(f"Deleting imports older than {oldest_allowed}")
    for batch_import in (
        BatchImport.filter(BatchImport.created_at < oldest_allowed).yield_per(500).all()
    ):
        LOG.i(
            f"Deleting batch import {batch_import} with file {batch_import.file.path}"
        )
        file = batch_import.file
        if file is not None:
            s3.delete(file.path)
        BatchImport.delete(batch_import.id, commit=True)
--- a/app/tasks/cleanup_old_jobs.py
+++ b/app/tasks/cleanup_old_jobs.py
@ -0,0 +1,24 @@
 import arrow
 from sqlalchemy import or_, and_
 from app import config
 from app.db import Session
 from app.log import LOG
 from app.models import Job, JobState
 def cleanup_old_jobs(oldest_allowed: arrow.Arrow):
    LOG.i(f"Deleting jobs older than {oldest_allowed}")
    count = Job.filter(
        or_(
            Job.state == JobState.done.value,
            Job.state == JobState.error.value,
            and_(
                Job.state == JobState.taken.value,
                Job.attempts >= config.JOB_MAX_ATTEMPTS,
            ),
        ),
        Job.updated_at < oldest_allowed,
    ).delete()
    Session.commit()
    LOG.i(f"Deleted {count} jobs")
--- a/app/tasks/cleanup_old_notifications.py
+++ b/app/tasks/cleanup_old_notifications.py
@ -0,0 +1,12 @@
 import arrow
 from app.db import Session
 from app.log import LOG
 from app.models import Notification
 def cleanup_old_notifications(oldest_allowed: arrow.Arrow):
    LOG.i(f"Deleting notifications older than {oldest_allowed}")
    count = Notification.filter(Notification.created_at < oldest_allowed).delete()
    Session.commit()
    LOG.i(f"Deleted {count} notifications")
--- a/app/templates/auth/login.html
+++ b/app/templates/auth/login.html
@ -38,11 +38,21 @@
          <span>or</span>
        </div>
        <a class="btn btn-primary btn-block mt-2 proton-button"
-           href="{{ url_for("auth.proton_login", next=next_url) }}">
+           href="{{ url_for('auth.proton_login', next=next_url) }}">
          <img class="mr-2" src="/static/images/proton.svg" />
          Log in with Proton
        </a>
      {% endif %}
      {% if connect_with_oidc %}
        <div class="text-center my-2 text-gray">
          <span>or</span>
        </div>
        <a class="btn btn-primary btn-block mt-2 btn-social"
           href="{{ url_for('auth.oidc_login', next=next_url) }}">
          <i class="fa {{ connect_with_oidc_icon }}"></i> Log in with SSO
        </a>
      {% endif %}
    </div>
  </div>
  <div class="text-center text-muted mt-2">
--- a/app/templates/auth/register.html
+++ b/app/templates/auth/register.html
@ -50,11 +50,21 @@
          <span>or</span>
        </div>
        <a class="btn btn-primary btn-block mt-2 proton-button"
-           href="{{ url_for("auth.proton_login", next=next_url) }}">
+           href="{{ url_for('auth.proton_login', next=next_url) }}">
          <img class="mr-2" src="/static/images/proton.svg" />
          Sign up with Proton
        </a>
      {% endif %}
      {% if connect_with_oidc %}
        <div class="text-center my-2 text-gray">
          <span>or</span>
        </div>
        <a class="btn btn-primary btn-block mt-2 btn-social"
           href="{{ url_for('auth.oidc_login', next=next_url) }}">
          <i class="fa {{ connect_with_oidc_icon }}"></i> Sign up with SSO
        </a>
      {% endif %}
    </div>
  </form>
  <div class="text-center text-muted mb-6">
--- a/app/templates/dashboard/account_setting.html
+++ b/app/templates/dashboard/account_setting.html
@ -0,0 +1,164 @@
 {% extends "default.html" %}
 {% set active_page = "setting" %}
 {% block title %}Settings{% endblock %}
 {% block head %}
  <style>
        .card-title {
            font-size: 22px;
            font-weight: 600;
            margin-bottom: 3px;
        }
        .highlighted{
            border: solid 2px #5675E2;
        }
        li {
            margin-top: 8px;
        }
  </style>
 {% endblock %}
 {% block default_content %}
  <div class="col pb-3">
    <!-- Change email -->
    <div class="card">
      <div class="card-body">
        <form method="post" enctype="multipart/form-data">
          <input type="hidden" name="form-name" value="update-email">
          {{ change_email_form.csrf_token }}
          <div class="card-title">Account Email</div>
          <div class="mb-3">
            This email address is used to log in to SimpleLogin.
            <br />
            If you want to change the mailbox that emails are forwarded to, use the
            <a href="{{ url_for('dashboard.mailbox_route') }}">
              <i class="fe fe-inbox"></i> Mailboxes page
            </a>
            instead.
          </div>
          <div class="form-group mt-2">
            <!-- Not allow user to change email if there's a pending change -->
            {{ change_email_form.email(class="form-control", value=current_user.email, readonly=pending_email != None) }}
            {{ render_field_errors(change_email_form.email) }}
          </div>
          <button class="btn btn-outline-primary">Change Email</button>
        </form>
        {% if pending_email %}
          <div class="mt-2">
            <span class="text-danger float-left">Pending email change: {{ pending_email }}</span>
            <form method="POST"
                  action="{{ url_for('dashboard.resend_email_change') }}"
                  class="float-left ml-2">
              {{ change_email_form.csrf_token }}
              <a onclick="this.closest('form').submit()"
                 class="btn btn-secondary btn-sm">Resend confirmation email</a>
            </form>
            <form method="POST"
                  action="{{ url_for('dashboard.cancel_email_change') }}"
                  class="float-left ml-2">
              {{ change_email_form.csrf_token }}
              <a onclick="this.closest('form').submit()"
                 class="btn btn-secondary btn-sm">Cancel email change</a>
            </form>
          </div>
        {% endif %}
      </div>
    </div>
    <!-- END Change email -->
    <!-- Change password -->
    <div class="card" id="change_password">
      <div class="card-body">
        <div class="card-title">Password</div>
        <div class="mb-3">You will receive an email containing instructions on how to change your password.</div>
        <form method="post">
          {{ csrf_form.csrf_token }}
          <input type="hidden" name="form-name" value="change-password">
          <button class="btn btn-outline-primary">Change password</button>
        </form>
      </div>
    </div>
    <!-- END Change password -->
    <!-- TOTP -->
    <div class="card" id="totp">
      <div class="card-body">
        <div class="card-title">Two Factor Authentication</div>
        <div class="mb-3">
          Secure your account with 2FA, you'll be asked for a code generated through an app when you login.
          <br />
        </div>
        {% if not current_user.enable_otp %}
          <a href="{{ url_for('dashboard.mfa_setup') }}"
             class="btn btn-outline-primary">Setup TOTP</a>
        {% else %}
          <a href="{{ url_for('dashboard.mfa_cancel') }}"
             class="btn btn-outline-danger">Disable TOTP</a>
        {% endif %}
      </div>
    </div>
    <!-- END TOTP -->
    <!-- WebAuthn -->
    <div class="card">
      <div class="card-body">
        <div class="card-title">Security Key (WebAuthn)</div>
        <div class="mb-3">
          You can secure your account by linking either your FIDO-supported physical key such as Yubikey, Google
          Titan,
          or a device with appropriate hardware to your account.
        </div>
        {% if current_user.fido_uuid is none %}
          <a href="{{ url_for('dashboard.fido_setup') }}"
             class="btn btn-outline-primary">Setup WebAuthn</a>
        {% else %}
          <a href="{{ url_for('dashboard.fido_manage') }}"
             class="btn btn-outline-info">Manage WebAuthn</a>
        {% endif %}
      </div>
    </div>
    <!-- END WebAuthn -->
    <!-- data export -->
    <div class="card">
      <div class="card-body">
        <div class="card-title">SimpleLogin data export</div>
        <div class="mb-3">
          As per GDPR (General Data Protection Regulation) law, you can request a copy of your data which are stored on
          SimpleLogin.
          A zip file that contains all information will be sent to your SimpleLogin account address.
        </div>
        <div class="d-flex">
          <div>
            <form method="post">
              {{ csrf_form.csrf_token }}
              <input type="hidden" name="form-name" value="send-full-user-report">
              <button class="btn btn-outline-info">Request your data</button>
            </form>
          </div>
        </div>
      </div>
    </div>
    <!-- END data export -->
    <!-- Delete account -->
    <div class="card">
      <div class="card-body">
        <div class="card-title">Account Deletion</div>
        <div class="mb-3">If SimpleLogin isn't the right fit for you, you can simply delete your account.</div>
        <a href="{{ url_for('dashboard.delete_account') }}"
           class="btn btn-outline-danger">Delete account</a>
      </div>
    </div>
    <!-- END Delete account -->
  </div>
 {% endblock %}
 {% block script %}
  <script>
        let anchor = window.location.hash;
        $(anchor).addClass("highlighted")
  </script>
 {% endblock %}
--- a/app/templates/dashboard/enter_sudo.html
+++ b/app/templates/dashboard/enter_sudo.html
@ -22,11 +22,20 @@
          <p>Alternatively you can use your Proton credentials to ensure it's you.</p>
        </div>
        <a class="btn btn-primary btn-block mt-2 proton-button w-25"
-           href="{{ url_for("auth.proton_login", next=next) }}">
+           href="{{ url_for('auth.proton_login', next=next) }}">
          <img class="mr-2" src="/static/images/proton.svg" />
          Authenticate with Proton
        </a>
      {% endif %}
      {% if connect_with_oidc %}
        <div class="my-3">
          <p>Alternatively you can use your SSO credentials to ensure it's you.</p>
          <a class="btn btn-primary btn-block mt-2 btn-social w-25"
             href="{{ url_for('auth.oidc_login', next=next) }}">
            <i class="fa {{ connect_with_oidc_icon }}"></i> Authenticate with SSO
          </a>
        {% endif %}
      </div>
    </div>
-  </div>
+  {% endblock %}
 {% endblock %}
--- a/app/templates/dashboard/setting.html
+++ b/app/templates/dashboard/setting.html
@ -88,45 +88,6 @@
      </div>
    </div>
    <!-- END Current plan -->
    <!-- TOTP -->
    <div class="card" id="totp">
      <div class="card-body">
        <div class="card-title">Two Factor Authentication</div>
        <div class="mb-3">
          Secure your account with 2FA, you'll be asked for a code generated through an app when you login.
          <br />
        </div>
        {% if not current_user.enable_otp %}
          <a href="{{ url_for('dashboard.mfa_setup') }}"
             class="btn btn-outline-primary">Setup TOTP</a>
        {% else %}
          <a href="{{ url_for('dashboard.mfa_cancel') }}"
             class="btn btn-outline-danger">Disable TOTP</a>
        {% endif %}
      </div>
    </div>
    <!-- END TOTP -->
    <!-- WebAuthn -->
    <div class="card">
      <div class="card-body">
        <div class="card-title">Security Key (WebAuthn)</div>
        <div class="mb-3">
          You can secure your account by linking either your FIDO-supported physical key such as Yubikey, Google
          Titan,
          or a device with appropriate hardware to your account.
        </div>
        {% if current_user.fido_uuid is none %}
          <a href="{{ url_for('dashboard.fido_setup') }}"
             class="btn btn-outline-primary">Setup WebAuthn</a>
        {% else %}
          <a href="{{ url_for('dashboard.fido_manage') }}"
             class="btn btn-outline-info">Manage WebAuthn</a>
        {% endif %}
      </div>
    </div>
    <!-- END WebAuthn -->
    <!-- Newsletter -->
    <div class="card" id="notification">
      <div class="card-body">
@ -179,52 +140,6 @@
      </form>
    </div>
    <!-- END change name & profile picture -->
    <!-- Change email -->
    <div class="card">
      <div class="card-body">
        <form method="post" enctype="multipart/form-data">
          <input type="hidden" name="form-name" value="update-email">
          {{ change_email_form.csrf_token }}
          <div class="card-title">Account Email</div>
          <div class="mb-3">
            This email address is used to log in to SimpleLogin.
            <br />
            If you want to change the mailbox that emails are forwarded to, use the
            <a href="{{ url_for('dashboard.mailbox_route') }}">
              <i class="fe fe-inbox"></i> Mailboxes page
            </a>
            instead.
          </div>
          <div class="form-group mt-2">
            <!-- Not allow user to change email if there's a pending change -->
            {{ change_email_form.email(class="form-control", value=current_user.email, readonly=pending_email != None) }}
            {{ render_field_errors(change_email_form.email) }}
          </div>
          <button class="btn btn-outline-primary">Change Email</button>
        </form>
        {% if pending_email %}
          <div class="mt-2">
            <span class="text-danger float-left">Pending email change: {{ pending_email }}</span>
            <form method="POST"
                  action="{{ url_for('dashboard.resend_email_change') }}"
                  class="float-left ml-2">
              {{ change_email_form.csrf_token }}
              <a onclick="this.closest('form').submit()"
                 class="btn btn-secondary btn-sm">Resend confirmation email</a>
            </form>
            <form method="POST"
                  action="{{ url_for('dashboard.cancel_email_change') }}"
                  class="float-left ml-2">
              {{ change_email_form.csrf_token }}
              <a onclick="this.closest('form').submit()"
                 class="btn btn-secondary btn-sm">Cancel email change</a>
            </form>
          </div>
        {% endif %}
      </div>
    </div>
    <!-- END Change email -->
    <!-- Connect with Proton -->
    {% if connect_with_proton %}
@ -265,32 +180,11 @@
      </div>
    {% endif %}
    <!-- END Connect with Proton -->
    <!-- Change password -->
    <div class="card" id="change_password">
      <div class="card-body">
        <div class="card-title">Password</div>
        <div class="mb-3">
          You will receive an email containing instructions on how to change your password.
        </div>
        <form method="post">
          {{ csrf_form.csrf_token }}
          <input type="hidden" name="form-name" value="change-password">
          <button class="btn btn-outline-primary">
            Change password
          </button>
        </form>
      </div>
    </div>
    <!-- END Change password -->
    <!-- Random alias -->
    <div id="random-alias" class="card">
      <div class="card-body">
-        <div class="card-title">
+        <div class="card-title">Aliases</div>
-          Aliases
+        <div class="mt-3 mb-1">Change the way random aliases are generated by default.</div>
        </div>
        <div class="mt-3 mb-1">
          Change the way random aliases are generated by default.
        </div>
        <form method="post" action="#random-alias" class="form-inline">
          {{ csrf_form.csrf_token }}
          <input type="hidden" name="form-name" value="change-alias-generator">
@ -306,13 +200,9 @@
              on {{ AliasGeneratorEnum.uuid.name.upper() }}
            </option>
          </select>
-          <button class="btn btn-outline-primary">
+          <button class="btn btn-outline-primary">Update</button>
            Update
          </button>
        </form>
-        <div class="mt-3 mb-1">
+        <div class="mt-3 mb-1">Select the default domain for aliases.</div>
          Select the default domain for aliases.
        </div>
        <form method="post" action="#random-alias" class="form-inline">
          {{ csrf_form.csrf_token }}
          <input type="hidden"
@ -338,13 +228,9 @@
              </option>
            {% endfor %}
          </select>
-          <button class="btn btn-outline-primary">
+          <button class="btn btn-outline-primary">Update</button>
            Update
          </button>
        </form>
-        <div id="random-alias-suffix" class="mt-3 mb-1">
+        <div id="random-alias-suffix" class="mt-3 mb-1">Select the default suffix generator for aliases.</div>
          Select the default suffix generator for aliases.
        </div>
        <form method="post" action="#random-alias-suffix" class="form-inline">
          {{ csrf_form.csrf_token }}
          <input type="hidden" name="form-name" value="random-alias-suffix">
@ -358,9 +244,7 @@
              Random combination of {{ ALIAS_RAND_SUFFIX_LENGTH }} letter and digits
            </option>
          </select>
-          <button class="btn btn-outline-primary">
+          <button class="btn btn-outline-primary">Update</button>
            Update
          </button>
        </form>
      </div>
    </div>
@ -368,9 +252,7 @@
    <!-- Sender Format -->
    <div class="card" id="sender-format">
      <div class="card-body">
-        <div class="card-title">
+        <div class="card-title">Sender Address Format</div>
          Sender Address Format
        </div>
        <div class="mt-1 mb-3">
          When your alias receives an email, say from: <b>John Wick &lt;john@wick.com&gt;</b>,
          SimpleLogin forwards it to your mailbox.
@ -403,9 +285,7 @@
              No Name (i.e. only reverse-alias)
            </option>
          </select>
-          <button class="btn btn-outline-primary mt-3">
+          <button class="btn btn-outline-primary mt-3">Update</button>
            Update
          </button>
        </form>
      </div>
    </div>
@ -415,9 +295,7 @@
      <div class="card-body">
        <div class="card-title">
          Reverse Alias Replacement
-          <div class="badge badge-warning">
+          <div class="badge badge-warning">Experimental</div>
            Experimental
          </div>
        </div>
        <div class="mb-3">
          When replying to a forwarded email, the <b>reverse-alias</b> can be automatically included
@ -434,13 +312,9 @@
                   name="replace-ra"
                   {% if current_user.replace_reverse_alias %} checked{% endif %}
                   class="form-check-input">
-            <label for="replace-ra">
+            <label for="replace-ra">Enable replacing reverse alias</label>
              Enable replacing reverse alias
            </label>
          </div>
-          <button type="submit" class="btn btn-outline-primary">
+          <button type="submit" class="btn btn-outline-primary">Update</button>
            Update
          </button>
        </form>
      </div>
    </div>
@ -685,7 +559,7 @@
              sender address.
              <br />
              If this option is enabled, the original sender addresses is stored in the email header <b>X-SimpleLogin-Envelope-From</b>
-              and the original From header is stored in <b>X-SimpleLogin-Original-From<b>.
+              and the original From header is stored in <b>X-SimpleLogin-Original-From</b>.
              You can choose to display this header in your email client.
              <br />
              As email headers aren't encrypted, your mailbox service can know the sender address via this header.
@ -709,6 +583,7 @@
            </form>
          </div>
        </div>
        <!-- Alias import/export -->
        <div class="card">
          <div class="card-body">
            <div class="card-title">
@ -719,52 +594,12 @@
              You can also export your aliases to a readable csv format for a future batch import.
            </div>
            <a href="{{ url_for('dashboard.batch_import_route') }}"
-               class="btn btn-outline-primary">
+               class="btn btn-outline-primary">Batch Import</a>
              Batch Import
            </a>
            <a href="{{ url_for('dashboard.alias_export_route') }}"
-               class="btn btn-outline-secondary">
+               class="btn btn-outline-secondary">Export Aliases</a>
              Export Aliases
            </a>
          </div>
        </div>
        <div class="card">
          <div class="card-body">
            <div class="card-title">
              SimpleLogin data export
            </div>
            <div class="mb-3">
              As per GDPR (General Data Protection Regulation) law, you can request a copy of your data which are stored on
              SimpleLogin.
              A zip file that contains all information will be sent to your SimpleLogin account address.
            </div>
            <div class="d-flex">
              <div>
                <form method="post">
                  {{ csrf_form.csrf_token }}
                  <input type="hidden" name="form-name" value="send-full-user-report">
                  <button class="btn btn-outline-info">
                    Request your data
                  </button>
                </form>
              </div>
            </div>
          </div>
        </div>
        <div class="card">
          <div class="card-body">
            <div class="card-title">
              Account Deletion
            </div>
            <div class="mb-3">
              If SimpleLogin isn't the right fit for you, you can simply delete your account.
            </div>
            <a href="{{ url_for('dashboard.delete_account') }}"
               class="btn btn-outline-danger">
              Delete account
            </a>
          </div>
        </div>
        <!-- END Alias import/export -->
      </div>
    {% endblock %}
    {% block script %}
--- a/app/templates/emails/com/newsletter/safari-extension.html
+++ b/app/templates/emails/com/newsletter/safari-extension.html
@ -28,7 +28,7 @@
  {{ render_text("Hi") }}
  {{ render_text("If you use Safari on a MacBook or iMac, you should check out our new Safari extension.") }}
  {{ render_text('It can be installed on
-  <a href="https://apps.apple.com/app/id1494051017">App Store</a>
+  <a href="https://apps.apple.com/app/id6475835429">App Store</a>
  . Its code is available on
  <a href="https://github.com/simple-login/mac-app">GitHub</a>
  .') }}
--- a/app/templates/emails/com/newsletter/safari-extension.txt
+++ b/app/templates/emails/com/newsletter/safari-extension.txt
@ -8,7 +8,7 @@ If you use Safari on a MacBook or iMac, you should check out our new Safari exte
 It can be installed on:
-https://apps.apple.com/app/id1494051017
+https://apps.apple.com/app/id6475835429
 As usual, let me know if you have any question by replying to this email.
--- a/app/templates/emails/com/onboarding/browser-extension.html
+++ b/app/templates/emails/com/onboarding/browser-extension.html
@ -12,7 +12,7 @@ If you want to quickly create aliases <b>without</b> going to SimpleLogin websit
 (or other Chromium-based browsers like Brave or Vivaldi),
 <a href="https://addons.mozilla.org/firefox/addon/simplelogin/">Firefox</a>
 and
-<a href="https://apps.apple.com/app/id1494051017 ">Safari</a>
+<a href="https://apps.apple.com/app/id6475835429 ">Safari</a>
 extension.
 {% endcall %}
--- a/app/templates/emails/com/onboarding/browser-extension.txt
+++ b/app/templates/emails/com/onboarding/browser-extension.txt
@ -11,7 +11,7 @@ Chrome: https://chrome.google.com/webstore/detail/dphilobhebphkdjbpfohgikllaljmg
 Firefox: https://addons.mozilla.org/firefox/addon/simplelogin/
-Safari: https://apps.apple.com/app/id1494051017
+Safari: https://apps.apple.com/app/id6475835429
 You can also manage your aliases using SimpleLogin mobile apps, available at
 - Play Store https://play.google.com/store/apps/details?id=io.simplelogin.android
--- a/app/templates/footer.html
+++ b/app/templates/footer.html
@ -124,7 +124,7 @@
          <li>
            <a class="list-group-item text-white footer-item "
               rel="noopener noreferrer"
-               href="https://apps.apple.com/app/id1494051017">
+               href="https://apps.apple.com/app/id6475835429">
              Safari
              Extension
            </a>
--- a/app/templates/header.html
+++ b/app/templates/header.html
@ -148,6 +148,10 @@
            <a class="dropdown-item mb-3" href="{{ url_for('dashboard.api_key') }}">
              <i class="dropdown-icon fa fa-key"></i> API Keys
            </a>
            <a class="dropdown-item mb-3"
               href="{{ url_for('dashboard.account_setting') }}">
              <i class="dropdown-icon fa fa-user"></i> Account settings
            </a>
            <a class="dropdown-item" href="{{ url_for('auth.logout') }}">
              <i class="dropdown-icon fe fe-log-out"></i> Sign out
            </a>
--- a/app/tests/auth/test_login.py
+++ b/app/tests/auth/test_login.py
@ -6,16 +6,27 @@ from tests.utils import create_new_user
 def test_unactivated_user_login(flask_client):
-    user = create_new_user()
+    """
-    user.activated = False
+    Test function for logging in with an unactivated user.
    Session.commit()
    Steps:
    1. Creates a new user.
    2. Sets the user's activated status to False.
    3. Sends a POST request to the login route with user credentials.
    4. Checks the response status code and content for expected messages.
    """
    user = create_new_user()  # Creating a new user
    user.activated = False  # Setting the user's activated status to False
    Session.commit()  # Committing the session changes
    # Sending a POST request to the login route with user credentials and following redirects
    r = flask_client.post(
        url_for("auth.login"),
        data={"email": user.email, "password": "password"},
        follow_redirects=True,
    )
    # Asserting the response status code and content for expected messages
    assert r.status_code == 200
    assert (
        b"Please check your inbox for the activation email. You can also have this email re-sent"
@ -24,59 +35,98 @@ def test_unactivated_user_login(flask_client):
 def test_non_canonical_login(flask_client):
-    email = f"pre.{random_string(10)}@gmail.com"
+    """
-    name = f"NAME-{random_string(10)}"
+    Test function for logging in with a non-canonical email.
    user = create_new_user(email, name)
    Session.commit()
    Steps:
    1. Creates a new user with a non-canonical email.
    2. Sends a POST request to the login route with user credentials.
    3. Checks the response status code and content for expected messages.
    4. Checks the canonicalization of the email.
    5. Logs out the user.
    6. Sends a POST request to the login route with the canonicalized email.
    7. Checks the response status code and content for expected messages.
    """
    email = f"pre.{random_string(10)}@gmail.com"  # Generating a non-canonical email
    name = f"NAME-{random_string(10)}"  # Generating a random name
    user = create_new_user(
        email, name
    )  # Creating a new user with the generated email and name
    Session.commit()  # Committing the session changes
    # Sending a POST request to the login route with user credentials and following redirects
    r = flask_client.post(
        url_for("auth.login"),
        data={"email": user.email, "password": "password"},
        follow_redirects=True,
    )
    # Asserting the response status code and content for expected messages
    assert r.status_code == 200
    assert name.encode("utf-8") in r.data
    # Canonicalizing the email
    canonical_email = canonicalize_email(email)
-    assert canonical_email != email
+    assert (
        canonical_email != email
    )  # Checking if the canonical email is different from the original email
-    flask_client.get(url_for("auth.logout"))
+    flask_client.get(url_for("auth.logout"))  # Logging out the user
    # Sending a POST request to the login route with the canonicalized email and following redirects
    r = flask_client.post(
        url_for("auth.login"),
        data={"email": canonical_email, "password": "password"},
        follow_redirects=True,
    )
    # Asserting the response status code and content for expected messages
    assert r.status_code == 200
    assert name.encode("utf-8") not in r.data
 def test_canonical_login_with_non_canonical_email(flask_client):
-    suffix = f"{random_string(10)}@gmail.com"
+    """
-    canonical_email = f"pre{suffix}"
+    Test function for logging in with a canonical email and a non-canonical email.
    non_canonical_email = f"pre.{suffix}"
    name = f"NAME-{random_string(10)}"
    create_new_user(canonical_email, name)
    Session.commit()
    Steps:
    1. Generates canonical and non-canonical email addresses.
    2. Creates a new user with the canonical email.
    3. Sends a POST request to the login route with the non-canonical email.
    4. Checks the response status code and content for expected messages.
    5. Logs out the user.
    6. Sends a POST request to the login route with the canonical email.
    7. Checks the response status code and content for expected messages.
    """
    suffix = f"{random_string(10)}@gmail.com"  # Generating a random suffix for emails
    canonical_email = f"pre{suffix}"  # Generating a canonical email
    non_canonical_email = f"pre.{suffix}"  # Generating a non-canonical email
    name = f"NAME-{random_string(10)}"  # Generating a random name
    create_new_user(
        canonical_email, name
    )  # Creating a new user with the canonical email
    Session.commit()  # Committing the session changes
    # Sending a POST request to the login route with the non-canonical email and following redirects
    r = flask_client.post(
        url_for("auth.login"),
        data={"email": non_canonical_email, "password": "password"},
        follow_redirects=True,
    )
    # Asserting the response status code and content for expected messages
    assert r.status_code == 200
    assert name.encode("utf-8") in r.data
-    flask_client.get(url_for("auth.logout"))
+    flask_client.get(url_for("auth.logout"))  # Logging out the user
    # Sending a POST request to the login route with the canonical email and following redirects
    r = flask_client.post(
        url_for("auth.login"),
        data={"email": canonical_email, "password": "password"},
        follow_redirects=True,
    )
    # Asserting the response status code and content for expected messages
    assert r.status_code == 200
    assert name.encode("utf-8") in r.data
--- a/app/tests/auth/test_oidc.py
+++ b/app/tests/auth/test_oidc.py
@ -0,0 +1,304 @@
 from app import config
 from flask import url_for
 from urllib.parse import parse_qs
 from urllib3.util import parse_url
 from app.auth.views.oidc import create_user
 from app.utils import random_string
 from unittest.mock import patch
 from app.models import User
 from app.config import URL, OIDC_CLIENT_ID
 def test_oidc_login(flask_client):
    r = flask_client.get(
        url_for("auth.oidc_login"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    query = parse_qs(parsed.query)
    expected_redirect_url = f"{URL}/auth/oidc/callback"
    assert "code" == query["response_type"][0]
    assert OIDC_CLIENT_ID == query["client_id"][0]
    assert expected_redirect_url == query["redirect_uri"][0]
 def test_oidc_login_no_client_id(flask_client):
    config.OIDC_CLIENT_ID = None
    r = flask_client.get(
        url_for("auth.oidc_login"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/login"
    assert expected_redirect_url == parsed.path
    config.OIDC_CLIENT_ID = "to_fill"
 def test_oidc_login_no_client_secret(flask_client):
    config.OIDC_CLIENT_SECRET = None
    r = flask_client.get(
        url_for("auth.oidc_login"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/login"
    assert expected_redirect_url == parsed.path
    config.OIDC_CLIENT_SECRET = "to_fill"
 def test_oidc_callback_no_oauth_state(flask_client):
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is None
 def test_oidc_callback_no_client_id(flask_client):
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    config.OIDC_CLIENT_ID = None
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/login"
    assert expected_redirect_url == parsed.path
    config.OIDC_CLIENT_ID = "to_fill"
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
 def test_oidc_callback_no_client_secret(flask_client):
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    config.OIDC_CLIENT_SECRET = None
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/login"
    assert expected_redirect_url == parsed.path
    config.OIDC_CLIENT_SECRET = "to_fill"
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
@patch("requests_oauthlib.OAuth2Session.fetch_token")
@patch("requests_oauthlib.OAuth2Session.get")
 def test_oidc_callback_invalid_user(mock_get, mock_fetch_token, flask_client):
    mock_get.return_value = MockResponse(400, {})
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/login"
    assert expected_redirect_url == parsed.path
    assert mock_get.called
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
@patch("requests_oauthlib.OAuth2Session.fetch_token")
@patch("requests_oauthlib.OAuth2Session.get")
 def test_oidc_callback_no_email(mock_get, mock_fetch_token, flask_client):
    mock_get.return_value = MockResponse(200, {})
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/login"
    assert expected_redirect_url == parsed.path
    assert mock_get.called
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
@patch("requests_oauthlib.OAuth2Session.fetch_token")
@patch("requests_oauthlib.OAuth2Session.get")
 def test_oidc_callback_disabled_registration(mock_get, mock_fetch_token, flask_client):
    config.DISABLE_REGISTRATION = True
    email = random_string()
    mock_get.return_value = MockResponse(200, {"email": email})
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/auth/register"
    assert expected_redirect_url == parsed.path
    assert mock_get.called
    config.DISABLE_REGISTRATION = False
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
@patch("requests_oauthlib.OAuth2Session.fetch_token")
@patch("requests_oauthlib.OAuth2Session.get")
 def test_oidc_callback_registration(mock_get, mock_fetch_token, flask_client):
    email = random_string()
    mock_get.return_value = MockResponse(
        200,
        {
            "email": email,
            config.OIDC_NAME_FIELD: "name",
        },
    )
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    user = User.get_by(email=email)
    assert user is None
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/dashboard/"
    assert expected_redirect_url == parsed.path
    assert mock_get.called
    user = User.get_by(email=email)
    assert user is not None
    assert user.email == email
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
@patch("requests_oauthlib.OAuth2Session.fetch_token")
@patch("requests_oauthlib.OAuth2Session.get")
 def test_oidc_callback_login(mock_get, mock_fetch_token, flask_client):
    email = random_string()
    mock_get.return_value = MockResponse(
        200,
        {
            "email": email,
        },
    )
    with flask_client.session_transaction() as session:
        session["oauth_state"] = "state"
    user = User.create(
        email=email,
        name="name",
        password="",
        activated=True,
    )
    user = User.get_by(email=email)
    assert user is not None
    r = flask_client.get(
        url_for("auth.oidc_callback"),
        follow_redirects=False,
    )
    location = r.headers.get("Location")
    assert location is not None
    parsed = parse_url(location)
    expected_redirect_url = "/dashboard/"
    assert expected_redirect_url == parsed.path
    assert mock_get.called
    with flask_client.session_transaction() as session:
        session["oauth_state"] = None
 def test_create_user():
    email = random_string()
    user = create_user(
        email,
        {
            config.OIDC_NAME_FIELD: "name",
        },
    )
    assert user.email == email
    assert user.name == "name"
    assert user.activated
 class MockResponse:
    def __init__(self, status_code, json_data):
        self.status_code = status_code
        self.json_data = json_data
        self.text = "error"
    def json(self):
        return self.json_data
--- a/app/tests/cron/init.py
+++ b/app/tests/cron/init.py
--- a/app/tests/cron/test_cron.py
+++ b/app/tests/cron/test_cron.py
@ -39,15 +39,17 @@ def test_cleanup_tokens(flask_client):
 def test_cleanup_users():
    u_delete_none_id = create_new_user().id
-    u_delete_after = create_new_user()
+    u_delete_grace_has_expired = create_new_user()
-    u_delete_after_id = u_delete_after.id
+    u_delete_grace_has_expired_id = u_delete_grace_has_expired.id
-    u_delete_before = create_new_user()
+    u_delete_grace_has_not_expired = create_new_user()
-    u_delete_before_id = u_delete_before.id
+    u_delete_grace_has_not_expired_id = u_delete_grace_has_not_expired.id
    now = arrow.now()
-    u_delete_after.delete_on = now.shift(minutes=1)
+    u_delete_grace_has_expired.delete_on = now.shift(days=-(cron.DELETE_GRACE_DAYS + 1))
-    u_delete_before.delete_on = now.shift(minutes=-1)
+    u_delete_grace_has_not_expired.delete_on = now.shift(
        days=-(cron.DELETE_GRACE_DAYS - 1)
    )
    Session.flush()
    cron.clear_users_scheduled_to_be_deleted()
    assert User.get(u_delete_none_id) is not None
-    assert User.get(u_delete_after_id) is not None
+    assert User.get(u_delete_grace_has_not_expired_id) is not None
-    assert User.get(u_delete_before_id) is None
+    assert User.get(u_delete_grace_has_expired_id) is None
--- a/app/tests/cron/test_get_alias_for_hibp.py
+++ b/app/tests/cron/test_get_alias_for_hibp.py
@ -0,0 +1,142 @@
 import arrow
 import pytest
 import cron
 from app.db import Session
 from app.models import (
    Alias,
    AppleSubscription,
    PlanEnum,
    CoinbaseSubscription,
    ManualSubscription,
    Subscription,
    PartnerUser,
    PartnerSubscription,
    User,
 )
 from app.proton.utils import get_proton_partner
 from tests.utils import create_new_user, random_token
 def test_get_alias_for_free_user_has_no_alias():
    user = create_new_user()
    alias_id = Alias.create_new_random(user).id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
    )
    assert len(aliases) == 0
 def test_get_alias_for_lifetime_with_null_hibp_date():
    user = create_new_user()
    user.lifetime = True
    alias_id = Alias.create_new_random(user).id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
    )
    assert alias_id == aliases[0].id
 def test_get_alias_for_lifetime_with_old_hibp_date():
    user = create_new_user()
    user.lifetime = True
    alias = Alias.create_new_random(user)
    alias.hibp_last_check = arrow.now().shift(days=-1)
    alias_id = alias.id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
    )
    assert alias_id == aliases[0].id
 def create_partner_sub(user: User):
    pu = PartnerUser.create(
        partner_id=get_proton_partner().id,
        partner_email=user.email,
        external_user_id=random_token(10),
        user_id=user.id,
        flush=True,
    )
    PartnerSubscription.create(
        partner_user_id=pu.id, end_at=arrow.utcnow().shift(days=15)
    )
 sub_generator_list = [
    lambda u: AppleSubscription.create(
        user_id=u.id,
        expires_date=arrow.now().shift(days=15),
        original_transaction_id=random_token(10),
        receipt_data=random_token(10),
        plan=PlanEnum.monthly,
    ),
    lambda u: CoinbaseSubscription.create(
        user_id=u.id,
        end_at=arrow.now().shift(days=15),
    ),
    lambda u: ManualSubscription.create(
        user_id=u.id,
        end_at=arrow.now().shift(days=15),
    ),
    lambda u: Subscription.create(
        user_id=u.id,
        cancel_url="",
        update_url="",
        subscription_id=random_token(10),
        event_time=arrow.now(),
        next_bill_date=arrow.now().shift(days=15).date(),
        plan=PlanEnum.monthly,
    ),
    create_partner_sub,
 ]
@pytest.mark.parametrize("sub_generator", sub_generator_list)
 def test_get_alias_for_sub(sub_generator):
    user = create_new_user()
    sub_generator(user)
    alias_id = Alias.create_new_random(user).id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
    )
    assert alias_id == aliases[0].id
 def test_disabled_user_is_not_checked():
    user = create_new_user()
    user.lifetime = True
    user.disabled = True
    alias_id = Alias.create_new_random(user).id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [], alias_id, alias_id + 1)
    )
    assert len(aliases) == 0
 def test_skipped_user_is_not_checked():
    user = create_new_user()
    user.lifetime = True
    alias_id = Alias.create_new_random(user).id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [user.id], alias_id, alias_id + 1)
    )
    assert len(aliases) == 0
 def test_already_checked_is_not_checked():
    user = create_new_user()
    user.lifetime = True
    alias = Alias.create_new_random(user)
    alias.hibp_last_check = arrow.now().shift(days=1)
    alias_id = alias.id
    Session.commit()
    aliases = list(
        cron.get_alias_to_check_hibp(arrow.now(), [user.id], alias_id, alias_id + 1)
    )
    assert len(aliases) == 0
--- a/app/tests/dashboard/test_setting.py
+++ b/app/tests/dashboard/test_setting.py
@ -13,7 +13,7 @@ def test_setup_done(flask_client):
    noncanonical_email = f"nonca.{random_email()}"
    r = flask_client.post(
-        url_for("dashboard.setting"),
+        url_for("dashboard.account_setting"),
        data={
            "form-name": "update-email",
            "email": noncanonical_email,
--- a/app/tests/dashboard/test_sudo_setting.py
+++ b/app/tests/dashboard/test_sudo_setting.py
@ -0,0 +1,28 @@
 from flask import url_for
 from app import config
 from app.models import EmailChange
 from app.utils import canonicalize_email
 from tests.utils import login, random_email, create_new_user
 def test_setup_done(flask_client):
    config.SKIP_MX_LOOKUP_ON_CHECK = True
    user = create_new_user()
    login(flask_client, user)
    noncanonical_email = f"nonca.{random_email()}"
    r = flask_client.post(
        url_for("dashboard.account_setting"),
        data={
            "form-name": "update-email",
            "email": noncanonical_email,
        },
        follow_redirects=True,
    )
    assert r.status_code == 200
    email_change = EmailChange.get_by(user_id=user.id)
    assert email_change is not None
    assert email_change.new_email == canonicalize_email(noncanonical_email)
    config.SKIP_MX_LOOKUP_ON_CHECK = False
--- a/app/tests/handler/test_unsubscribe_generator.py
+++ b/app/tests/handler/test_unsubscribe_generator.py
@ -13,8 +13,7 @@ from app.handler.unsubscribe_encoder import (
 )
 from app.handler.unsubscribe_generator import UnsubscribeGenerator
 from app.models import Alias, Contact, UnsubscribeBehaviourEnum
-from tests.utils import create_new_user
+from tests.utils import create_new_user, random_email
 TEST_UNSUB_EMAIL = "unsub@sl.com"
@ -204,3 +203,23 @@ def test_unsub_preserve_original(
        assert message[headers.LIST_UNSUBSCRIBE_POST] is None
    else:
        assert "List-Unsubscribe=One-Click" == message[headers.LIST_UNSUBSCRIBE_POST]
 def test_unsub_preserves_sl_unsubscriber():
    user = create_new_user()
    user.unsub_behaviour = UnsubscribeBehaviourEnum.PreserveOriginal
    alias = Alias.create_new_random(user)
    Session.commit()
    config.UNSUBSCRIBER = random_email()
    contact = Contact.create(
        user_id=user.id,
        alias_id=alias.id,
        website_email="contact@example.com",
        reply_email="rep@sl.local",
        commit=True,
    )
    message = Message()
    original_header = f"<mailto:{config.UNSUBSCRIBER}?subject=dummysubject>"
    message[headers.LIST_UNSUBSCRIBE] = original_header
    message = UnsubscribeGenerator().add_header_to_message(alias, contact, message)
    assert original_header == message[headers.LIST_UNSUBSCRIBE]
--- a/app/tests/tasks/init.py
+++ b/app/tests/tasks/init.py
--- a/app/tests/tasks/test_cleanup_old_imports.py
+++ b/app/tests/tasks/test_cleanup_old_imports.py
@ -0,0 +1,35 @@
 import tempfile
 from io import BytesIO
 import arrow
 from app import s3, config
 from app.models import File, BatchImport
 from tasks.cleanup_old_imports import cleanup_old_imports
 from tests.utils import random_token, create_new_user
 def test_cleanup_old_imports():
    BatchImport.filter().delete()
    with tempfile.TemporaryDirectory() as tmpdir:
        config.UPLOAD_DIR = tmpdir
        user = create_new_user()
        path = random_token()
        s3.upload_from_bytesio(path, BytesIO("data".encode("utf-8")))
        file = File.create(path=path, commit=True)  # noqa: F821
        now = arrow.now()
        delete_batch_import_id = BatchImport.create(
            user_id=user.id,
            file_id=file.id,
            created_at=now.shift(minutes=-1),
            flush=True,
        ).id
        keep_batch_import_id = BatchImport.create(
            user_id=user.id,
            file_id=file.id,
            created_at=now.shift(minutes=+1),
            commit=True,
        ).id
        cleanup_old_imports(now)
        assert BatchImport.get(id=delete_batch_import_id) is None
        assert BatchImport.get(id=keep_batch_import_id) is not None
--- a/app/tests/tasks/test_cleanup_old_jobs.py
+++ b/app/tests/tasks/test_cleanup_old_jobs.py
@ -0,0 +1,72 @@
 import arrow
 from app import config
 from app.models import Job, JobState
 from tasks.cleanup_old_jobs import cleanup_old_jobs
 def test_cleanup_old_jobs():
    Job.filter().delete()
    now = arrow.now()
    delete_ids = [
        Job.create(
            updated_at=now.shift(minutes=-1),
            state=JobState.done.value,
            name="",
            payload="",
            flush=True,
        ).id,
        Job.create(
            updated_at=now.shift(minutes=-1),
            state=JobState.error.value,
            name="",
            payload="",
            flush=True,
        ).id,
        Job.create(
            updated_at=now.shift(minutes=-1),
            state=JobState.taken.value,
            attempts=config.JOB_MAX_ATTEMPTS,
            name="",
            payload="",
            flush=True,
        ).id,
    ]
    keep_ids = [
        Job.create(
            updated_at=now.shift(minutes=+1),
            state=JobState.done.value,
            name="",
            payload="",
            flush=True,
        ).id,
        Job.create(
            updated_at=now.shift(minutes=+1),
            state=JobState.error.value,
            name="",
            payload="",
            flush=True,
        ).id,
        Job.create(
            updated_at=now.shift(minutes=+1),
            state=JobState.taken.value,
            attempts=config.JOB_MAX_ATTEMPTS,
            name="",
            payload="",
            flush=True,
        ).id,
        Job.create(
            updated_at=now.shift(minutes=-1),
            state=JobState.taken.value,
            attempts=config.JOB_MAX_ATTEMPTS - 1,
            name="",
            payload="",
            flush=True,
        ).id,
    ]
    cleanup_old_jobs(now)
    for delete_id in delete_ids:
        assert Job.get(id=delete_id) is None
    for keep_id in keep_ids:
        assert Job.get(id=keep_id) is not None
--- a/app/tests/tasks/test_cleanup_old_notifications.py
+++ b/app/tests/tasks/test_cleanup_old_notifications.py
@ -0,0 +1,26 @@
 import arrow
 from app.models import Notification
 from tasks.cleanup_old_notifications import cleanup_old_notifications
 from tests.utils import create_new_user
 def test_cleanup_old_notifications():
    Notification.filter().delete()
    user = create_new_user()
    now = arrow.now()
    delete_id = Notification.create(
        user_id=user.id,
        created_at=now.shift(minutes=-1),
        message="",
        flush=True,
    ).id
    keep_id = Notification.create(
        user_id=user.id,
        created_at=now.shift(minutes=+1),
        message="",
        flush=True,
    ).id
    cleanup_old_notifications(now)
    assert Notification.get(id=delete_id) is None
    assert Notification.get(id=keep_id) is not None
--- a/app/tests/test.env
+++ b/app/tests/test.env
@ -49,6 +49,16 @@ GOOGLE_CLIENT_SECRET=to_fill
 FACEBOOK_CLIENT_ID=to_fill
 FACEBOOK_CLIENT_SECRET=to_fill
 # Login with OIDC
 CONNECT_WITH_OIDC_ICON=fa-github
 OIDC_AUTHORIZATION_URL=to_fill
 OIDC_USER_INFO_URL=to_fill
 OIDC_TOKEN_URL=to_fill
 OIDC_SCOPES=openid email profile
 OIDC_NAME_FIELD=name
 OIDC_CLIENT_ID=to_fill
 OIDC_CLIENT_SECRET=to_fill
 PGP_SENDER_PRIVATE_KEY_PATH=local_data/private-pgp.asc
 ALIAS_AUTOMATIC_DISABLE=true
--- a/app/tests/test_email_handler.py
+++ b/app/tests/test_email_handler.py
@ -384,3 +384,30 @@ def test_break_loop_alias_as_mailbox(flask_client):
    msg[headers.SUBJECT] = random_string()
    result = email_handler.handle(envelope, msg)
    assert result == status.E525
@mail_sender.store_emails_test_decorator
 def test_preserve_headers(flask_client):
    headers_to_keep = [
        headers.SUBJECT,
        headers.DATE,
        headers.MESSAGE_ID,
        headers.REFERENCES,
        headers.IN_REPLY_TO,
        headers.SL_QUEUE_ID,
    ] + headers.MIME_HEADERS
    user = create_new_user()
    alias = Alias.create_new_random(user)
    envelope = Envelope()
    envelope.mail_from = "somewhere@lo.cal"
    envelope.rcpt_tos = [alias.email]
    msg = EmailMessage()
    for header in headers_to_keep:
        msg[header] = header + "keep"
    result = email_handler.handle(envelope, msg)
    assert result == status.E200
    sent_mails = mail_sender.get_stored_emails()
    assert len(sent_mails) == 1
    msg = sent_mails[0].msg
    for header in headers_to_keep:
        assert msg[header] == header + "keep"
Author	SHA1	Message	Date
MrMeeb	24ba25ab6a	4.42.2	2024-04-10 17:23:11 +01:00
MrMeeb	78184eeae4	4.42.1	2024-03-26 12:00:08 +00:00
MrMeeb	c111fbe8e1	4.42.0	2024-03-19 12:00:09 +00:00
MrMeeb	d5981588e4	4.41.2	2024-03-15 12:00:08 +00:00
MrMeeb	6af1c2ccf4	Merge pull request 'Correct docker package name' (#2 ) from fix-package-name-in-gitea-actions into main Reviewed-on: #2	2024-03-14 15:47:01 +00:00
MrMeeb	76664f6e4c	Correct docker package name	2024-03-14 15:46:44 +00:00
MrMeeb	f7125618c4	4.41.0	2024-03-14 12:00:08 +00:00
MrMeeb	050cef0e4e	4.40.2	2024-03-07 12:00:08 +00:00
MrMeeb	0d557ef875	4.40.1	2024-03-05 12:00:09 +00:00
MrMeeb	6e56ea4489	Merge pull request 'Replace Drone with Gitea Actions' (#1 ) from gitea-actions into main Reviewed-on: #1	2024-03-04 13:42:58 +00:00
MrMeeb	def0de643b	Remove Drone	2024-03-04 13:38:57 +00:00
MrMeeb	9e7cb2c7dd	Add Gitea Actions	2024-03-04 13:38:52 +00:00
MrMeeb	f1110506c0	4.39.3	2024-02-27 12:00:07 +00:00
MrMeeb	f5bce7d7ff	4.39.2	2024-02-23 12:00:07 +00:00