4.48.0

app/.dockerignore

@@ -14,4 +14,4 @@ venv/
 .venv
 .coverage
 htmlcov
-.git/
+.git/

app/.gitignore

@@ -11,8 +11,7 @@ db.sqlite-journal
 static/upload
 venv/
 .venv
-.python-version
 .coverage
 htmlcov
 adhoc
-.env.*
+.env.*

app/CONTRIBUTING.md

@@ -20,15 +20,15 @@ SimpleLogin backend consists of 2 main components:
 ## Install dependencies
 
 The project requires:
-- Python 3.7+ and [poetry](https://python-poetry.org/) to manage dependencies
+- Python 3.10 and [rye](https://github.com/astral-sh/rye) to manage dependencies
 - Node v10 for front-end.
-- Postgres 12+
+- Postgres 13+
 
 First, install all dependencies by running the following command.
 Feel free to use `virtualenv` or similar tools to isolate development environment.
 
 ```bash
-poetry install
+rye sync
 ```
 
 On Mac, sometimes you might need to install some other packages via `brew`:
@@ -55,7 +55,7 @@ brew install -s re2 pybind11
 We use pre-commit to run all our linting and static analysis checks. Please run
 
 ```bash
-poetry run pre-commit install
+rye run pre-commit install
 ```
 
 To install it in your development environment.
@@ -160,25 +160,25 @@ Here are the small sum-ups of the directory structures and their roles:
 The code is formatted using [ruff](https://github.com/astral-sh/ruff), to format the code, simply run
 
 ```
-poetry run ruff format .
+rye run ruff format .
 ```
 
 The code is also checked with `flake8`, make sure to run `flake8` before creating the pull request by
 
 ```bash
-poetry run flake8
+rye run flake8
 ```
 
 For HTML templates, we use `djlint`. Before creating a pull request, please run
 
 ```bash
-poetry run djlint --check templates
+rye run djlint --check templates
 ```
 
 If some files aren't properly formatted, you can format all files with
 
 ```bash
-poetry run djlint --reformat .
+rye run djlint --reformat .
 ```
 
 ## Test sending email
@@ -225,4 +225,4 @@ Now open http://localhost:1080/ (or http://localhost:1080/ for MailHog), you sho
 Some features require a job handler (such as GDPR data export). To test such feature you need to run the job_runner
 ```bash
 python job_runner.py
-```
+```

app/README.md

@@ -541,7 +541,7 @@ exit
 
 Once you've created all your desired login accounts, add these lines to `/simplelogin.env` to disable further registrations:
 
-```
+```.env
 DISABLE_REGISTRATION=1
 DISABLE_ONBOARDING=true
 ```

app/app/admin_model.py

@@ -2,6 +2,8 @@ from typing import Optional
 
 import arrow
 import sqlalchemy
+from flask_admin import BaseView
+from flask_admin.form import SecureForm
 from flask_admin.model.template import EndpointLinkRowAction
 from markupsafe import Markup
 
@@ -27,10 +29,24 @@ from app.models import (
     Alias,
     Newsletter,
     PADDLE_SUBSCRIPTION_GRACE_DAYS,
+    Mailbox,
 )
 from app.newsletter_utils import send_newsletter_to_user, send_newsletter_to_address
 
 
+def _admin_action_formatter(view, context, model, name):
+    action_name = AuditLogActionEnum.get_name(model.action)
+    return "{} ({})".format(action_name, model.action)
+
+
+def _admin_date_formatter(view, context, model, name):
+    return model.created_at.format()
+
+
+def _user_upgrade_channel_formatter(view, context, model, name):
+    return Markup(model.upgrade_channel)
+
+
 class SLModelView(sqla.ModelView):
     column_default_sort = ("id", True)
     column_display_pk = True
@@ -95,11 +111,8 @@ class SLAdminIndexView(AdminIndexView):
         return redirect("/admin/user")
 
 
-def _user_upgrade_channel_formatter(view, context, model, name):
-    return Markup(model.upgrade_channel)
-
-
 class UserAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["email", "id"]
     column_exclude_list = [
         "salt",
@@ -118,6 +131,8 @@ class UserAdmin(SLModelView):
 
     column_formatters = {
         "upgrade_channel": _user_upgrade_channel_formatter,
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
     }
 
     @action(
@@ -344,17 +359,29 @@ def manual_upgrade(way: str, ids: [int], is_giveaway: bool):
 
 
 class EmailLogAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["id"]
     column_filters = ["id", "user.email", "mailbox.email", "contact.website_email"]
 
     can_edit = False
     can_create = False
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
 
 class AliasAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["id", "user.email", "email", "mailbox.email"]
     column_filters = ["id", "user.email", "email", "mailbox.email"]
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
     @action(
         "disable_email_spoofing_check",
         "Disable email spoofing protection",
@@ -377,9 +404,15 @@ class AliasAdmin(SLModelView):
 
 
 class MailboxAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["id", "user.email", "email"]
     column_filters = ["id", "user.email", "email"]
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
 
 # class LifetimeCouponAdmin(SLModelView):
 #     can_edit = True
@@ -387,14 +420,26 @@ class MailboxAdmin(SLModelView):
 
 
 class CouponAdmin(SLModelView):
+    form_base_class = SecureForm
     can_edit = False
     can_create = True
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
 
 class ManualSubscriptionAdmin(SLModelView):
+    form_base_class = SecureForm
     can_edit = True
     column_searchable_list = ["id", "user.email"]
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
     @action(
         "extend_1y",
         "Extend for 1 year",
@@ -433,15 +478,27 @@ class ManualSubscriptionAdmin(SLModelView):
 
 
 class CustomDomainAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["domain", "user.email", "user.id"]
     column_exclude_list = ["ownership_txt_token"]
     can_edit = False
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
 
 class ReferralAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["id", "user.email", "code", "name"]
     column_filters = ["id", "user.email", "code", "name"]
 
+    column_formatters = {
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
+    }
+
     def scaffold_list_columns(self):
         ret = super().scaffold_list_columns()
         ret.insert(0, "nb_user")
@@ -457,16 +514,8 @@ class ReferralAdmin(SLModelView):
 #     can_delete = True
 
 
-def _admin_action_formatter(view, context, model, name):
-    action_name = AuditLogActionEnum.get_name(model.action)
-    return "{} ({})".format(action_name, model.action)
-
-
-def _admin_created_at_formatter(view, context, model, name):
-    return model.created_at.format()
-
-
 class AdminAuditLogAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["admin.id", "admin.email", "model_id", "created_at"]
     column_filters = ["admin.id", "admin.email", "model_id", "created_at"]
     column_exclude_list = ["id"]
@@ -477,7 +526,8 @@ class AdminAuditLogAdmin(SLModelView):
 
     column_formatters = {
         "action": _admin_action_formatter,
-        "created_at": _admin_created_at_formatter,
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
     }
 
 
@@ -497,6 +547,7 @@ def _transactionalcomplaint_refused_email_id_formatter(view, context, model, nam
 
 
 class ProviderComplaintAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["id", "user.id", "created_at"]
     column_filters = ["user.id", "state"]
     column_hide_backrefs = False
@@ -505,8 +556,8 @@ class ProviderComplaintAdmin(SLModelView):
     can_delete = False
 
     column_formatters = {
-        "created_at": _admin_created_at_formatter,
-        "updated_at": _admin_created_at_formatter,
+        "created_at": _admin_date_formatter,
+        "updated_at": _admin_date_formatter,
         "state": _transactionalcomplaint_state_formatter,
         "phase": _transactionalcomplaint_phase_formatter,
         "refused_email": _transactionalcomplaint_refused_email_id_formatter,
@@ -567,6 +618,7 @@ def _newsletter_html_formatter(view, context, model: Newsletter, name):
 
 
 class NewsletterAdmin(SLModelView):
+    form_base_class = SecureForm
     list_template = "admin/model/newsletter-list.html"
     edit_template = "admin/model/newsletter-edit.html"
     edit_modal = False
@@ -648,6 +700,7 @@ class NewsletterAdmin(SLModelView):
 
 
 class NewsletterUserAdmin(SLModelView):
+    form_base_class = SecureForm
     column_searchable_list = ["id"]
     column_filters = ["id", "user.email", "newsletter.subject"]
     column_exclude_list = ["created_at", "updated_at", "id"]
@@ -657,17 +710,55 @@ class NewsletterUserAdmin(SLModelView):
 
 
 class DailyMetricAdmin(SLModelView):
+    form_base_class = SecureForm
     column_exclude_list = ["created_at", "updated_at", "id"]
 
     can_export = True
 
 
 class MetricAdmin(SLModelView):
+    form_base_class = SecureForm
     column_exclude_list = ["created_at", "updated_at", "id"]
 
     can_export = True
 
 
 class InvalidMailboxDomainAdmin(SLModelView):
+    form_base_class = SecureForm
     can_create = True
     can_delete = True
+
+
+class EmailSearchAdmin(BaseView):
+    def is_accessible(self):
+        return current_user.is_authenticated and current_user.is_admin
+
+    def inaccessible_callback(self, name, **kwargs):
+        # redirect to login page if user doesn't have access
+        flash("You don't have access to the admin page", "error")
+        return redirect(url_for("dashboard.index", next=request.url))
+
+    @expose("/", methods=["GET", "POST"])
+    def index(self):
+        alias = None
+        user = None
+        mailbox = None
+        no_match = False
+        email = None
+        if request.form and request.form["email"]:
+            email = request.form["email"]
+            alias = Alias.get_by(email=email)
+            user = User.get_by(email=email)
+            mailbox = Mailbox.get_by(email=email)
+            if not alias and not user and not mailbox:
+                no_match = True
+
+        return self.render(
+            "admin/alias_search.html",
+            email=email,
+            no_match=no_match,
+            alias=alias,
+            mailbox=mailbox,
+            user=user,
+            user_aliases=lambda user_id: Alias.filter_by(user_id=user_id).all(),
+        )

app/app/alias_suffix.py

@@ -64,8 +64,12 @@ def verify_prefix_suffix(
     # SimpleLogin domain case:
     # 1) alias_suffix must start with "." and
     # 2) alias_domain_prefix must come from the word list
+    available_sl_domains = [
+        sl_domain.domain
+        for sl_domain in user.get_sl_domains(alias_options=alias_options)
+    ]
     if (
-        alias_domain in user.available_sl_domains(alias_options=alias_options)
+        alias_domain in available_sl_domains
         and alias_domain not in user_custom_domains
         # when DISABLE_ALIAS_SUFFIX is true, alias_domain_prefix is empty
         and not config.DISABLE_ALIAS_SUFFIX
@@ -80,9 +84,7 @@ def verify_prefix_suffix(
                 LOG.e("wrong alias suffix %s, user %s", alias_suffix, user)
                 return False
 
-            if alias_domain not in user.available_sl_domains(
-                alias_options=alias_options
-            ):
+            if alias_domain not in available_sl_domains:
                 LOG.e("wrong alias suffix %s, user %s", alias_suffix, user)
                 return False
 

app/app/api/views/mailbox.py

@@ -1,22 +1,18 @@
 from smtplib import SMTPRecipientsRefused
 
-import arrow
 from flask import g
 from flask import jsonify
 from flask import request
 
+from app import mailbox_utils
 from app.api.base import api_bp, require_api_auth
-from app.config import JOB_DELETE_MAILBOX
-from app.dashboard.views.mailbox import send_verification_email
 from app.dashboard.views.mailbox_detail import verify_mailbox_change
 from app.db import Session
 from app.email_utils import (
     mailbox_already_used,
     email_can_be_used_as_mailbox,
 )
-from app.email_validation import is_valid_email
-from app.log import LOG
-from app.models import Mailbox, Job
+from app.models import Mailbox
 from app.utils import sanitize_email
 
 
@@ -44,31 +40,15 @@ def create_mailbox():
     user = g.user
     mailbox_email = sanitize_email(request.get_json().get("email"))
 
-    if not user.is_premium():
-        return jsonify(error="Only premium plan can add additional mailbox"), 400
+    try:
+        new_mailbox = mailbox_utils.create_mailbox(user, mailbox_email).mailbox
+    except mailbox_utils.MailboxError as e:
+        return jsonify(error=e.msg), 400
 
-    if not is_valid_email(mailbox_email):
-        return jsonify(error=f"{mailbox_email} invalid"), 400
-    elif mailbox_already_used(mailbox_email, user):
-        return jsonify(error=f"{mailbox_email} already used"), 400
-    elif not email_can_be_used_as_mailbox(mailbox_email):
-        return (
-            jsonify(
-                error=f"{mailbox_email} cannot be used. Please note a mailbox cannot "
-                f"be a disposable email address"
-            ),
-            400,
-        )
-    else:
-        new_mailbox = Mailbox.create(email=mailbox_email, user_id=user.id)
-        Session.commit()
-
-        send_verification_email(user, new_mailbox)
-
-        return (
-            jsonify(mailbox_to_dict(new_mailbox)),
-            201,
-        )
+    return (
+        jsonify(mailbox_to_dict(new_mailbox)),
+        201,
+    )
 
 
 @api_bp.route("/mailboxes/<int:mailbox_id>", methods=["DELETE"])
@@ -86,47 +66,17 @@ def delete_mailbox(mailbox_id):
 
     """
     user = g.user
-    mailbox = Mailbox.get(mailbox_id)
-
-    if not mailbox or mailbox.user_id != user.id:
-        return jsonify(error="Forbidden"), 403
-
-    if mailbox.id == user.default_mailbox_id:
-        return jsonify(error="You cannot delete the default mailbox"), 400
-
     data = request.get_json() or {}
     transfer_mailbox_id = data.get("transfer_aliases_to")
     if transfer_mailbox_id and int(transfer_mailbox_id) >= 0:
-        transfer_mailbox = Mailbox.get(transfer_mailbox_id)
+        transfer_mailbox_id = int(transfer_mailbox_id)
+    else:
+        transfer_mailbox_id = None
 
-        if not transfer_mailbox or transfer_mailbox.user_id != user.id:
-            return (
-                jsonify(error="You must transfer the aliases to a mailbox you own."),
-                403,
-            )
-
-        if transfer_mailbox_id == mailbox_id:
-            return (
-                jsonify(
-                    error="You can not transfer the aliases to the mailbox you want to delete."
-                ),
-                400,
-            )
-
-        if not transfer_mailbox.verified:
-            return jsonify(error="Your new mailbox is not verified"), 400
-
-    # Schedule delete account job
-    LOG.w("schedule delete mailbox job for %s", mailbox)
-    Job.create(
-        name=JOB_DELETE_MAILBOX,
-        payload={
-            "mailbox_id": mailbox.id,
-            "transfer_mailbox_id": transfer_mailbox_id,
-        },
-        run_at=arrow.now(),
-        commit=True,
-    )
+    try:
+        mailbox_utils.delete_mailbox(user, mailbox_id, transfer_mailbox_id)
+    except mailbox_utils.MailboxError as e:
+        return jsonify(error=e.msg), 400
 
     return jsonify(deleted=True), 200
 

app/app/api/views/user_info.py

@@ -10,6 +10,7 @@ from app.api.base import api_bp, require_api_auth
 from app.config import SESSION_COOKIE_NAME
 from app.dashboard.views.index import get_stats
 from app.db import Session
+from app.image_validation import detect_image_format, ImageFormat
 from app.models import ApiKey, File, PartnerUser, User
 from app.proton.utils import get_proton_partner
 from app.session import logout_session
@@ -78,17 +79,18 @@ def update_user_info():
     data = request.get_json() or {}
 
     if "profile_picture" in data:
-        if data["profile_picture"] is None:
-            if user.profile_picture_id:
-                file = user.profile_picture
-                user.profile_picture_id = None
+        if user.profile_picture_id:
+            file = user.profile_picture
+            user.profile_picture_id = None
+            Session.flush()
+            if file:
+                File.delete(file.id)
+                s3.delete(file.path)
                 Session.flush()
-                if file:
-                    File.delete(file.id)
-                    s3.delete(file.path)
-                    Session.flush()
         else:
             raw_data = base64.decodebytes(data["profile_picture"].encode())
+            if detect_image_format(raw_data) == ImageFormat.Unknown:
+                return jsonify(error="Unsupported image format"), 400
             file_path = random_string(30)
             file = File.create(user_id=user.id, path=file_path)
             Session.flush()

app/app/auth/views/register.py

@@ -115,7 +115,8 @@ def register():
 
 
 def send_activation_email(user, next_url):
-    # the activation code is valid for 1h
+    # the activation code is valid for 1h and delete all previous codes
+    Session.query(ActivationCode).filter(ActivationCode.user_id == user.id).delete()
     activation = ActivationCode.create(user_id=user.id, code=random_string(30))
     Session.commit()
 

app/app/dashboard/views/mailbox.py

@@ -2,7 +2,6 @@ import base64
 import binascii
 import json
 
-import arrow
 from flask import render_template, request, redirect, url_for, flash
 from flask_login import login_required, current_user
 from flask_wtf import FlaskForm
@@ -10,19 +9,12 @@ from itsdangerous import TimestampSigner
 from wtforms import validators, IntegerField
 from wtforms.fields.html5 import EmailField
 
-from app import parallel_limiter
-from app.config import MAILBOX_SECRET, URL, JOB_DELETE_MAILBOX
+from app import parallel_limiter, mailbox_utils, user_settings
+from app.config import MAILBOX_SECRET
 from app.dashboard.base import dashboard_bp
 from app.db import Session
-from app.email_utils import (
-    email_can_be_used_as_mailbox,
-    mailbox_already_used,
-    render,
-    send_email,
-)
-from app.email_validation import is_valid_email
 from app.log import LOG
-from app.models import Mailbox, Job
+from app.models import Mailbox
 from app.utils import CSRFValidationForm
 
 
@@ -58,120 +50,61 @@ def mailbox_route():
             if not delete_mailbox_form.validate():
                 flash("Invalid request", "warning")
                 return redirect(request.url)
-            mailbox = Mailbox.get(delete_mailbox_form.mailbox_id.data)
-
-            if not mailbox or mailbox.user_id != current_user.id:
-                flash("Invalid mailbox. Refresh the page", "warning")
+            try:
+                mailbox = mailbox_utils.delete_mailbox(
+                    current_user,
+                    delete_mailbox_form.mailbox_id.data,
+                    delete_mailbox_form.transfer_mailbox_id.data,
+                )
+            except mailbox_utils.MailboxError as e:
+                flash(e.msg, "warning")
                 return redirect(url_for("dashboard.mailbox_route"))
-
-            if mailbox.id == current_user.default_mailbox_id:
-                flash("You cannot delete default mailbox", "error")
-                return redirect(url_for("dashboard.mailbox_route"))
-
-            transfer_mailbox_id = delete_mailbox_form.transfer_mailbox_id.data
-            if transfer_mailbox_id and transfer_mailbox_id > 0:
-                transfer_mailbox = Mailbox.get(transfer_mailbox_id)
-
-                if not transfer_mailbox or transfer_mailbox.user_id != current_user.id:
-                    flash(
-                        "You must transfer the aliases to a mailbox you own.", "error"
-                    )
-                    return redirect(url_for("dashboard.mailbox_route"))
-
-                if transfer_mailbox.id == mailbox.id:
-                    flash(
-                        "You can not transfer the aliases to the mailbox you want to delete.",
-                        "error",
-                    )
-                    return redirect(url_for("dashboard.mailbox_route"))
-
-                if not transfer_mailbox.verified:
-                    flash("Your new mailbox is not verified", "error")
-                    return redirect(url_for("dashboard.mailbox_route"))
-
-            # Schedule delete account job
-            LOG.w(
-                f"schedule delete mailbox job for {mailbox.id} with transfer to mailbox {transfer_mailbox_id}"
-            )
-            Job.create(
-                name=JOB_DELETE_MAILBOX,
-                payload={
-                    "mailbox_id": mailbox.id,
-                    "transfer_mailbox_id": transfer_mailbox_id
-                    if transfer_mailbox_id > 0
-                    else None,
-                },
-                run_at=arrow.now(),
-                commit=True,
-            )
-
             flash(
                 f"Mailbox {mailbox.email} scheduled for deletion."
                 f"You will receive a confirmation email when the deletion is finished",
                 "success",
             )
-
             return redirect(url_for("dashboard.mailbox_route"))
+
         if request.form.get("form-name") == "set-default":
             if not csrf_form.validate():
                 flash("Invalid request", "warning")
                 return redirect(request.url)
-            mailbox_id = request.form.get("mailbox_id")
-            mailbox = Mailbox.get(mailbox_id)
-
-            if not mailbox or mailbox.user_id != current_user.id:
-                flash("Unknown error. Refresh the page", "warning")
+            try:
+                mailbox_id = request.form.get("mailbox_id")
+                mailbox = user_settings.set_default_mailbox(current_user, mailbox_id)
+            except user_settings.CannotSetMailbox as e:
+                flash(e.msg, "warning")
                 return redirect(url_for("dashboard.mailbox_route"))
 
-            if mailbox.id == current_user.default_mailbox_id:
-                flash("This mailbox is already default one", "error")
-                return redirect(url_for("dashboard.mailbox_route"))
-
-            if not mailbox.verified:
-                flash("Cannot set unverified mailbox as default", "error")
-                return redirect(url_for("dashboard.mailbox_route"))
-
-            current_user.default_mailbox_id = mailbox.id
-            Session.commit()
             flash(f"Mailbox {mailbox.email} is set as Default Mailbox", "success")
 
             return redirect(url_for("dashboard.mailbox_route"))
 
         elif request.form.get("form-name") == "create":
-            if not current_user.is_premium():
-                flash("Only premium plan can add additional mailbox", "warning")
+            if not new_mailbox_form.validate():
+                flash("Invalid request", "warning")
+                return redirect(request.url)
+            mailbox_email = new_mailbox_form.email.data.lower().strip().replace(" ", "")
+            try:
+                mailbox = mailbox_utils.create_mailbox(
+                    current_user, mailbox_email
+                ).mailbox
+            except mailbox_utils.MailboxError as e:
+                flash(e.msg, "warning")
                 return redirect(url_for("dashboard.mailbox_route"))
 
-            if new_mailbox_form.validate():
-                mailbox_email = (
-                    new_mailbox_form.email.data.lower().strip().replace(" ", "")
+            flash(
+                f"You are going to receive an email to confirm {mailbox.email}.",
+                "success",
+            )
+
+            return redirect(
+                url_for(
+                    "dashboard.mailbox_detail_route",
+                    mailbox_id=mailbox.id,
                 )
-
-                if not is_valid_email(mailbox_email):
-                    flash(f"{mailbox_email} invalid", "error")
-                elif mailbox_already_used(mailbox_email, current_user):
-                    flash(f"{mailbox_email} already used", "error")
-                elif not email_can_be_used_as_mailbox(mailbox_email):
-                    flash(f"You cannot use {mailbox_email}.", "error")
-                else:
-                    new_mailbox = Mailbox.create(
-                        email=mailbox_email, user_id=current_user.id
-                    )
-                    Session.commit()
-
-                    send_verification_email(current_user, new_mailbox)
-
-                    flash(
-                        f"You are going to receive an email to confirm {mailbox_email}.",
-                        "success",
-                    )
-
-                    return redirect(
-                        url_for(
-                            "dashboard.mailbox_detail_route",
-                            mailbox_id=new_mailbox.id,
-                        )
-                    )
+            )
 
     return render_template(
         "dashboard/mailbox.html",
@@ -182,34 +115,20 @@ def mailbox_route():
     )
 
 
-def send_verification_email(user, mailbox):
-    s = TimestampSigner(MAILBOX_SECRET)
-    encoded_data = json.dumps([mailbox.id, mailbox.email]).encode("utf-8")
-    b64_data = base64.urlsafe_b64encode(encoded_data)
-    mailbox_id_signed = s.sign(b64_data).decode()
-    verification_url = (
-        URL + "/dashboard/mailbox_verify" + f"?mailbox_id={mailbox_id_signed}"
-    )
-    send_email(
-        mailbox.email,
-        f"Please confirm your mailbox {mailbox.email}",
-        render(
-            "transactional/verify-mailbox.txt.jinja2",
-            user=user,
-            link=verification_url,
-            mailbox_email=mailbox.email,
-        ),
-        render(
-            "transactional/verify-mailbox.html",
-            user=user,
-            link=verification_url,
-            mailbox_email=mailbox.email,
-        ),
-    )
-
-
 @dashboard_bp.route("/mailbox_verify")
+@login_required
 def mailbox_verify():
+    mailbox_id = request.args.get("mailbox_id")
+    code = request.args.get("code")
+    if not code:
+        # Old way
+        return verify_with_signed_secret(mailbox_id)
+    mailbox = mailbox_utils.verify_mailbox_code(current_user, mailbox_id, code)
+    LOG.d("Mailbox %s is verified", mailbox)
+    return render_template("dashboard/mailbox_validation.html", mailbox=mailbox)
+
+
+def verify_with_signed_secret(request: str):
     s = TimestampSigner(MAILBOX_SECRET)
     mailbox_verify_request = request.args.get("mailbox_id")
     try:

app/app/dashboard/views/setting.py

@@ -14,7 +14,7 @@ from flask_wtf import FlaskForm
 from flask_wtf.file import FileField
 from wtforms import StringField, validators
 
-from app import s3
+from app import s3, user_settings
 from app.config import (
     FIRST_ALIAS_DOMAIN,
     ALIAS_RANDOM_SUFFIX_LENGTH,
@@ -31,12 +31,10 @@ from app.models import (
     PlanEnum,
     File,
     EmailChange,
-    CustomDomain,
     AliasGeneratorEnum,
     AliasSuffixEnum,
     ManualSubscription,
     SenderFormatEnum,
-    SLDomain,
     CoinbaseSubscription,
     AppleSubscription,
     PartnerUser,
@@ -166,38 +164,11 @@ def setting():
             return redirect(url_for("dashboard.setting"))
         elif request.form.get("form-name") == "change-random-alias-default-domain":
             default_domain = request.form.get("random-alias-default-domain")
-
-            if default_domain:
-                sl_domain: SLDomain = SLDomain.get_by(domain=default_domain)
-                if sl_domain:
-                    if sl_domain.premium_only and not current_user.is_premium():
-                        flash("You cannot use this domain", "error")
-                        return redirect(url_for("dashboard.setting"))
-
-                    current_user.default_alias_public_domain_id = sl_domain.id
-                    current_user.default_alias_custom_domain_id = None
-                else:
-                    custom_domain = CustomDomain.get_by(domain=default_domain)
-                    if custom_domain:
-                        # sanity check
-                        if (
-                            custom_domain.user_id != current_user.id
-                            or not custom_domain.verified
-                        ):
-                            LOG.w(
-                                "%s cannot use domain %s", current_user, custom_domain
-                            )
-                            flash(f"Domain {default_domain} can't be used", "error")
-                            return redirect(request.url)
-                        else:
-                            current_user.default_alias_custom_domain_id = (
-                                custom_domain.id
-                            )
-                            current_user.default_alias_public_domain_id = None
-
-            else:
-                current_user.default_alias_custom_domain_id = None
-                current_user.default_alias_public_domain_id = None
+            try:
+                user_settings.set_default_alias_domain(current_user, default_domain)
+            except user_settings.CannotSetAlias as e:
+                flash(e.msg, "error")
+                return redirect(url_for("dashboard.setting"))
 
             Session.commit()
             flash("Your preference has been updated", "success")

app/app/developer/views/client_detail.py

@@ -1,4 +1,5 @@
 from io import BytesIO
+from urllib.parse import urlparse
 
 from flask import request, render_template, redirect, url_for, flash
 from flask_login import current_user, login_required
@@ -11,6 +12,7 @@ from app.config import ADMIN_EMAIL
 from app.db import Session
 from app.developer.base import developer_bp
 from app.email_utils import send_email
+from app.image_validation import detect_image_format, ImageFormat
 from app.log import LOG
 from app.models import Client, RedirectUri, File, Referral
 from app.utils import random_string
@@ -46,16 +48,25 @@ def client_detail(client_id):
         approval_form.description.data = client.description
 
     if action == "edit" and form.validate_on_submit():
+        parsed_url = urlparse(form.url.data)
+        if parsed_url.scheme != "https":
+            flash("Only https urls are allowed", "error")
+            return redirect(url_for("developer.index"))
         client.name = form.name.data
         client.home_url = form.url.data
 
         if form.icon.data:
-            # todo: remove current icon if any
-            # todo: handle remove icon
+            icon_data = form.icon.data.read(10240)
+            if detect_image_format(icon_data) == ImageFormat.Unknown:
+                flash("Unknown file format", "warning")
+                return redirect(url_for("developer.index"))
+            if client.icon:
+                s3.delete(client.icon_id)
+                File.delete(client.icon)
             file_path = random_string(30)
             file = File.create(path=file_path, user_id=client.user_id)
 
-            s3.upload_from_bytesio(file_path, BytesIO(form.icon.data.read()))
+            s3.upload_from_bytesio(file_path, BytesIO(icon_data))
 
             Session.flush()
             LOG.d("upload file %s to s3", file)

app/app/developer/views/new_client.py

@@ -1,3 +1,5 @@
+from urllib.parse import urlparse
+
 from flask import render_template, redirect, url_for, flash
 from flask_login import current_user, login_required
 from flask_wtf import FlaskForm
@@ -20,6 +22,10 @@ def new_client():
 
     if form.validate_on_submit():
         client = Client.create_new(form.name.data, current_user.id)
+        parsed_url = urlparse(form.url.data)
+        if parsed_url.scheme != "https":
+            flash("Only https urls are allowed", "error")
+            return redirect(url_for("developer.new_client"))
         client.home_url = form.url.data
         Session.commit()
 

app/app/mailbox_utils.py

@@ -0,0 +1,260 @@
+import dataclasses
+import secrets
+import random
+from typing import Optional
+import arrow
+
+from app import config
+from app.config import JOB_DELETE_MAILBOX
+from app.db import Session
+from app.email_utils import (
+    mailbox_already_used,
+    email_can_be_used_as_mailbox,
+    send_email,
+    render,
+)
+from app.email_validation import is_valid_email
+from app.log import LOG
+from app.models import User, Mailbox, Job, MailboxActivation
+
+
+@dataclasses.dataclass
+class CreateMailboxOutput:
+    mailbox: Mailbox
+    activation: Optional[MailboxActivation]
+
+
+class MailboxError(Exception):
+    def __init__(self, msg: str):
+        self.msg = msg
+
+
+class OnlyPaidError(MailboxError):
+    def __init__(self):
+        self.msg = "Only available for paid plans"
+
+
+class CannotVerifyError(MailboxError):
+    def __init__(self, msg: str):
+        self.msg = msg
+
+
+MAX_ACTIVATION_TRIES = 3
+
+
+def create_mailbox(
+    user: User,
+    email: str,
+    verified: bool = False,
+    send_email: bool = True,
+    use_digit_codes: bool = False,
+    send_link: bool = True,
+) -> CreateMailboxOutput:
+    if not user.is_premium():
+        LOG.i(
+            f"User {user} has tried to create mailbox with {email} but is not premium"
+        )
+        raise OnlyPaidError()
+    if not is_valid_email(email):
+        LOG.i(
+            f"User {user} has tried to create mailbox with {email} but is not valid email"
+        )
+        raise MailboxError("Invalid email")
+    elif mailbox_already_used(email, user):
+        LOG.i(
+            f"User {user} has tried to create mailbox with {email} but email is already used"
+        )
+        raise MailboxError("Email already used")
+    elif not email_can_be_used_as_mailbox(email):
+        LOG.i(
+            f"User {user} has tried to create mailbox with {email} but email is invalid"
+        )
+        raise MailboxError("Invalid email")
+    new_mailbox = Mailbox.create(
+        email=email, user_id=user.id, verified=verified, commit=True
+    )
+
+    if verified:
+        LOG.i(f"User {user} as created a pre-verified mailbox with {email}")
+        return CreateMailboxOutput(mailbox=new_mailbox, activation=None)
+
+    LOG.i(f"User {user} has created mailbox with {email}")
+    activation = generate_activation_code(new_mailbox, use_digit_code=use_digit_codes)
+    output = CreateMailboxOutput(mailbox=new_mailbox, activation=activation)
+
+    if not send_email:
+        LOG.i(f"Skipping sending validation email for mailbox {new_mailbox}")
+        return output
+
+    send_verification_email(
+        user,
+        new_mailbox,
+        activation=activation,
+        send_link=send_link,
+    )
+    return output
+
+
+def delete_mailbox(
+    user: User, mailbox_id: int, transfer_mailbox_id: Optional[int]
+) -> Mailbox:
+    mailbox = Mailbox.get(mailbox_id)
+
+    if not mailbox or mailbox.user_id != user.id:
+        LOG.i(
+            f"User {user} has tried to delete another user's mailbox with {mailbox_id}"
+        )
+        raise MailboxError("Invalid mailbox")
+
+    if mailbox.id == user.default_mailbox_id:
+        LOG.i(f"User {user} has tried to delete the default mailbox")
+        raise MailboxError("Cannot delete your default mailbox")
+
+    if transfer_mailbox_id and transfer_mailbox_id > 0:
+        transfer_mailbox = Mailbox.get(transfer_mailbox_id)
+
+        if not transfer_mailbox or transfer_mailbox.user_id != user.id:
+            LOG.i(
+                f"User {user} has tried to transfer to a mailbox owned by another user"
+            )
+            raise MailboxError("You must transfer the aliases to a mailbox you own")
+
+        if transfer_mailbox.id == mailbox.id:
+            LOG.i(
+                f"User {user} has tried to transfer to the same mailbox he is deleting"
+            )
+            raise MailboxError(
+                "You can not transfer the aliases to the mailbox you want to delete"
+            )
+
+        if not transfer_mailbox.verified:
+            LOG.i(f"User {user} has tried to transfer to a non verified mailbox")
+            MailboxError("Your new mailbox is not verified")
+
+    # Schedule delete account job
+    LOG.i(
+        f"User {user} has scheduled delete mailbox job for {mailbox.id} with transfer to mailbox {transfer_mailbox_id}"
+    )
+    Job.create(
+        name=JOB_DELETE_MAILBOX,
+        payload={
+            "mailbox_id": mailbox.id,
+            "transfer_mailbox_id": transfer_mailbox_id
+            if transfer_mailbox_id and transfer_mailbox_id > 0
+            else None,
+        },
+        run_at=arrow.now(),
+        commit=True,
+    )
+    return mailbox
+
+
+def clear_activation_codes_for_mailbox(mailbox: Mailbox):
+    Session.query(MailboxActivation).filter(
+        MailboxActivation.mailbox_id == mailbox.id
+    ).delete()
+    Session.commit()
+
+
+def verify_mailbox_code(user: User, mailbox_id: int, code: str) -> Mailbox:
+    mailbox = Mailbox.get(mailbox_id)
+    if not mailbox:
+        LOG.i(
+            f"User {user} failed to verify mailbox {mailbox_id} because it does not exist"
+        )
+        raise MailboxError("Invalid mailbox")
+    if mailbox.verified:
+        LOG.i(
+            f"User {user} failed to verify mailbox {mailbox_id} because it's already verified"
+        )
+        clear_activation_codes_for_mailbox(mailbox)
+        return mailbox
+    if mailbox.user_id != user.id:
+        LOG.i(
+            f"User {user} failed to verify mailbox {mailbox_id} because it's owned by another user"
+        )
+        raise MailboxError("Invalid mailbox")
+
+    activation = (
+        MailboxActivation.filter(MailboxActivation.mailbox_id == mailbox_id)
+        .order_by(MailboxActivation.created_at.desc())
+        .first()
+    )
+    if not activation:
+        LOG.i(
+            f"User {user} failed to verify mailbox {mailbox_id} because there is no activation"
+        )
+        raise MailboxError("Invalid code")
+    if activation.tries >= MAX_ACTIVATION_TRIES:
+        LOG.i(f"User {user} failed to verify mailbox {mailbox_id} more than 3 times")
+        clear_activation_codes_for_mailbox(mailbox)
+        raise CannotVerifyError("Invalid activation code. Please request another code.")
+    if activation.created_at < arrow.now().shift(minutes=-15):
+        LOG.i(
+            f"User {user} failed to verify mailbox {mailbox_id} because code is too old"
+        )
+        clear_activation_codes_for_mailbox(mailbox)
+        raise CannotVerifyError("Invalid activation code. Please request another code.")
+    if code != activation.code:
+        LOG.i(
+            f"User {user} failed to verify mailbox {mailbox_id} because code does not match"
+        )
+        activation.tries = activation.tries + 1
+        Session.commit()
+        raise CannotVerifyError("Invalid activation code")
+    LOG.i(f"User {user} has verified mailbox {mailbox_id}")
+    mailbox.verified = True
+    clear_activation_codes_for_mailbox(mailbox)
+    return mailbox
+
+
+def generate_activation_code(
+    mailbox: Mailbox, use_digit_code: bool = False
+) -> MailboxActivation:
+    clear_activation_codes_for_mailbox(mailbox)
+    if use_digit_code:
+        code = "{:06d}".format(random.randint(1, 999999))
+    else:
+        code = secrets.token_urlsafe(16)
+    return MailboxActivation.create(
+        mailbox_id=mailbox.id,
+        code=code,
+        tries=0,
+        commit=True,
+    )
+
+
+def send_verification_email(
+    user: User, mailbox: Mailbox, activation: MailboxActivation, send_link: bool = True
+):
+    LOG.i(
+        f"Sending mailbox verification email to {mailbox.email} with send link={send_link}"
+    )
+
+    if send_link:
+        verification_url = (
+            config.URL
+            + "/dashboard/mailbox_verify"
+            + f"?mailbox_id={mailbox.id}&code={activation.code}"
+        )
+    else:
+        verification_url = None
+
+    send_email(
+        mailbox.email,
+        f"Please confirm your mailbox {mailbox.email}",
+        render(
+            "transactional/verify-mailbox.txt.jinja2",
+            user=user,
+            code=activation.code,
+            link=verification_url,
+            mailbox_email=mailbox.email,
+        ),
+        render(
+            "transactional/verify-mailbox.html",
+            user=user,
+            code=activation.code,
+            link=verification_url,
+            mailbox_email=mailbox.email,
+        ),
+    )

app/app/models.py

@@ -985,8 +985,8 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
         - the domain
         """
         res = []
-        for domain in self.available_sl_domains(alias_options=alias_options):
-            res.append((True, domain))
+        for domain in self.get_sl_domains(alias_options=alias_options):
+            res.append((True, domain.domain))
 
         for custom_domain in self.verified_custom_domains():
             res.append((False, custom_domain.domain))
@@ -1128,7 +1128,10 @@ class User(Base, ModelMixin, UserMixin, PasswordOracle):
         - Verified custom domains
 
         """
-        domains = self.available_sl_domains(alias_options=alias_options)
+        domains = [
+            sl_domain.domain
+            for sl_domain in self.get_sl_domains(alias_options=alias_options)
+        ]
 
         for custom_domain in self.verified_custom_domains():
             domains.append(custom_domain.domain)
@@ -2483,7 +2486,7 @@ class CustomDomain(Base, ModelMixin):
         return sorted(self._auto_create_rules, key=lambda rule: rule.order)
 
     def __repr__(self):
-        return f"<Custom Domain {self.domain}>"
+        return f"<Custom Domain {self.id} {self.domain}>"
 
 
 class AutoCreateRule(Base, ModelMixin):
@@ -2801,6 +2804,16 @@ class Mailbox(Base, ModelMixin):
         return f"<Mailbox {self.id} {self.email}>"
 
 
+class MailboxActivation(Base, ModelMixin):
+    __tablename__ = "mailbox_activation"
+
+    mailbox_id = sa.Column(
+        sa.ForeignKey(Mailbox.id, ondelete="cascade"), nullable=False, index=True
+    )
+    code = sa.Column(sa.String(32), nullable=False, index=True)
+    tries = sa.Column(sa.Integer, default=0, nullable=False)
+
+
 class AccountActivation(Base, ModelMixin):
     """contains code to activate the user account when they sign up on mobile"""
 
@@ -3114,7 +3127,7 @@ class SLDomain(Base, ModelMixin):
     )
 
     def __repr__(self):
-        return f"<SLDomain {self.domain} {'Premium' if self.premium_only else 'Free'}"
+        return f"<SLDomain {self.id} {self.domain} {'Premium' if self.premium_only else 'Free'}>"
 
 
 class Monitoring(Base, ModelMixin):
@@ -3484,6 +3497,7 @@ class AdminAuditLog(Base):
             action=AuditLogActionEnum.stop_trial.value,
             model="User",
             model_id=user_id,
+            data={},
         )
 
     @classmethod
@@ -3729,6 +3743,7 @@ class SyncEvent(Base, ModelMixin):
     taken_time = sa.Column(
         ArrowType, default=None, nullable=True, server_default=None, index=True
     )
+    retry_count = sa.Column(sa.Integer, default=0, nullable=False, server_default="0")
 
     __table_args__ = (
         sa.Index("ix_sync_event_created_at", "created_at"),
@@ -3750,7 +3765,7 @@ class SyncEvent(Base, ModelMixin):
         return res.rowcount > 0
 
     @classmethod
-    def get_dead_letter(cls, older_than: Arrow) -> [SyncEvent]:
+    def get_dead_letter(cls, older_than: Arrow, max_retries: int) -> [SyncEvent]:
         return (
             SyncEvent.filter(
                 (
@@ -3763,6 +3778,7 @@ class SyncEvent(Base, ModelMixin):
                         & (SyncEvent.created_at < older_than)
                     )
                 )
+                & (SyncEvent.retry_count < max_retries)
             )
             .order_by(SyncEvent.id)
             .limit(100)

app/app/user_settings.py

@@ -0,0 +1,70 @@
+from typing import Optional
+
+from app.db import Session
+from app.log import LOG
+from app.models import User, SLDomain, CustomDomain, Mailbox
+
+
+class CannotSetAlias(Exception):
+    def __init__(self, msg: str):
+        self.msg = msg
+
+
+class CannotSetMailbox(Exception):
+    def __init__(self, msg: str):
+        self.msg = msg
+
+
+def set_default_alias_domain(user: User, domain_name: Optional[str]):
+    if domain_name is None:
+        LOG.i(f"User {user} has set no domain as default domain")
+        user.default_alias_public_domain_id = None
+        user.default_alias_custom_domain_id = None
+        Session.flush()
+        return
+    sl_domain: SLDomain = SLDomain.get_by(domain=domain_name)
+    if sl_domain:
+        if sl_domain.hidden:
+            LOG.i(f"User {user} has tried to set up a hidden domain as default domain")
+            raise CannotSetAlias("Domain does not exist")
+        if sl_domain.premium_only and not user.is_premium():
+            LOG.i(f"User {user} has tried to set up a premium domain as default domain")
+            raise CannotSetAlias("You cannot use this domain")
+        LOG.i(f"User {user} has set public {sl_domain} as default domain")
+        user.default_alias_public_domain_id = sl_domain.id
+        user.default_alias_custom_domain_id = None
+        Session.flush()
+        return
+    custom_domain = CustomDomain.get_by(domain=domain_name)
+    if not custom_domain:
+        LOG.i(
+            f"User {user} has tried to set up an non existing domain as default domain"
+        )
+        raise CannotSetAlias("Domain does not exist or it hasn't been verified")
+    if custom_domain.user_id != user.id or not custom_domain.verified:
+        LOG.i(
+            f"User {user} has tried to set domain {custom_domain} as default domain that does not belong to the user or that is not verified"
+        )
+        raise CannotSetAlias("Domain does not exist or it hasn't been verified")
+    LOG.i(f"User {user} has set custom {custom_domain} as default domain")
+    user.default_alias_public_domain_id = None
+    user.default_alias_custom_domain_id = custom_domain.id
+    Session.flush()
+
+
+def set_default_mailbox(user: User, mailbox_id: int) -> Mailbox:
+    mailbox = Mailbox.get(mailbox_id)
+
+    if not mailbox or mailbox.user_id != user.id:
+        raise CannotSetMailbox("Invalid mailbox")
+
+    if not mailbox.verified:
+        raise CannotSetMailbox("This is mailbox is not verified")
+
+    if mailbox.id == user.default_mailbox_id:
+        return mailbox
+    LOG.i(f"User {user} has set mailbox {mailbox} as his default one")
+
+    user.default_mailbox_id = mailbox.id
+    Session.commit()
+    return mailbox

app/email_handler.py

@@ -262,7 +262,8 @@ def get_or_create_contact(from_header: str, mail_from: str, alias: Alias) -> Con
 
             Session.commit()
         except IntegrityError:
-            # No need to manually rollback, as IntegrityError already rolls back
+            # If the tx has been rolled back, the connection is borked. Force close to try to get a new one and start fresh
+            Session.close()
             LOG.info(
                 f"Contact with email {contact_email} for alias_id {alias_id} already existed, fetching from DB"
             )

app/event_listener.py

@@ -8,6 +8,8 @@ from events.runner import Runner
 from events.event_source import DeadLetterEventSource, PostgresEventSource
 from events.event_sink import ConsoleEventSink, HttpEventSink
 
+_DEFAULT_MAX_RETRIES = 100
+
 
 class Mode(Enum):
     DEAD_LETTER = "dead_letter"
@@ -23,10 +25,10 @@ class Mode(Enum):
             raise ValueError(f"Invalid mode: {value}")
 
 
-def main(mode: Mode, dry_run: bool):
+def main(mode: Mode, dry_run: bool, max_retries: int):
     if mode == Mode.DEAD_LETTER:
         LOG.i("Using DeadLetterEventSource")
-        source = DeadLetterEventSource()
+        source = DeadLetterEventSource(max_retries)
     elif mode == Mode.LISTENER:
         LOG.i("Using PostgresEventSource")
         source = PostgresEventSource(DB_URI)
@@ -51,6 +53,13 @@ def args():
         help="Mode to run",
         choices=[Mode.DEAD_LETTER.value, Mode.LISTENER.value],
     )
+    parser.add_argument(
+        "max_retries",
+        help="Max retries to consider an event as error and not try to process it again",
+        type=int,
+        nargs="?",
+        default=_DEFAULT_MAX_RETRIES,
+    )
     parser.add_argument("--dry-run", help="Dry run mode", action="store_true")
     return parser.parse_args()
 
@@ -61,4 +70,8 @@ if __name__ == "__main__":
         exit(1)
 
     args = args()
-    main(Mode.from_str(args.mode), args.dry_run)
+    main(
+        mode=Mode.from_str(args.mode),
+        dry_run=args.dry_run,
+        max_retries=args.max_retries,
+    )

app/events/event_source.py

@@ -4,6 +4,8 @@ import psycopg2
 import select
 
 from abc import ABC, abstractmethod
+
+from app.db import Session
 from app.log import LOG
 from app.models import SyncEvent
 from app.events.event_dispatcher import NOTIFICATION_CHANNEL
@@ -66,6 +68,7 @@ class PostgresEventSource(EventSource):
                             LOG.info(f"Could not find event with id={notify.payload}")
                     except Exception as e:
                         LOG.warn(f"Error getting event: {e}")
+                    Session.close()  # Ensure we get a new connection and we don't leave a dangling tx
 
     def __connect(self):
         self.__connection = psycopg2.connect(self.__connection_string)
@@ -76,6 +79,9 @@ class PostgresEventSource(EventSource):
 
 
 class DeadLetterEventSource(EventSource):
+    def __init__(self, max_retries: int):
+        self.__max_retries = max_retries
+
     @newrelic.agent.background_task()
     def run(self, on_event: Callable[[SyncEvent], NoReturn]):
         while True:
@@ -83,7 +89,9 @@ class DeadLetterEventSource(EventSource):
                 threshold = arrow.utcnow().shift(
                     minutes=-_DEAD_LETTER_THRESHOLD_MINUTES
                 )
-                events = SyncEvent.get_dead_letter(older_than=threshold)
+                events = SyncEvent.get_dead_letter(
+                    older_than=threshold, max_retries=self.__max_retries
+                )
                 if events:
                     LOG.info(f"Got {len(events)} dead letter events")
                     if events:
@@ -92,7 +100,8 @@ class DeadLetterEventSource(EventSource):
                         )
                     for event in events:
                         on_event(event)
-                else:
+                Session.close()  # Ensure that we have a new connection and we don't have a dangling tx with a lock
+                if not events:
                     LOG.debug("No dead letter events")
                     sleep(_DEAD_LETTER_INTERVAL_SECONDS)
             except Exception as e:

app/events/runner.py

@@ -2,6 +2,7 @@ import arrow
 import newrelic.agent
 
 from app.log import LOG
+from app.db import Session
 from app.models import SyncEvent
 from events.event_sink import EventSink
 from events.event_source import EventSource
@@ -37,6 +38,9 @@ class Runner:
                     "Custom/sync_event_elapsed_time",
                     time_between_taken_and_created.total_seconds(),
                 )
+            else:
+                event.retry_count = event.retry_count + 1
+                Session.commit()
         except Exception as e:
             LOG.warn(f"Exception processing event [id={event.id}]: {e}")
             newrelic.agent.record_custom_metric("Custom/sync_event_failed", 1)

app/local_data/words.txt

@@ -745,8 +745,6 @@ bullish
 bullpen
 bullring
 bullseye
-bullwhip
-bully
 bunch
 bundle
 bungee
@@ -1149,7 +1147,6 @@ coherence
 coherent
 cohesive
 coil
-coke
 cola
 cold
 coleslaw
@@ -1674,8 +1671,6 @@ delta
 deluge
 delusion
 deluxe
-demanding
-demeaning
 demeanor
 demise
 democracy
@@ -1897,9 +1892,6 @@ divisible
 divisibly
 division
 divisive
-divorcee
-dizziness
-dizzy
 doable
 docile
 dock
@@ -1913,7 +1905,6 @@ dole
 dollar
 dollhouse
 dollop
-dolly
 dolphin
 domain
 domelike
@@ -2027,7 +2018,6 @@ duh
 duke
 dumping
 dumpling
-dumpster
 duo
 dupe
 duplex
@@ -2036,14 +2026,12 @@ duplicity
 durable
 durably
 duration
-duress
 during
 dusk
 dust
 dutiful
 duty
 duvet
-dwarf
 dweeb
 dwelled
 dweller
@@ -3782,10 +3770,6 @@ makeshift
 making
 malformed
 malt
-mama
-mammal
-mammary
-mammogram
 manager
 managing
 manatee
@@ -3798,7 +3782,6 @@ mangle
 mango
 mangy
 manhandle
-manhole
 manhood
 manhunt
 manicotti
@@ -3813,7 +3796,6 @@ manmade
 manned
 mannish
 manor
-manpower
 mantis
 mantra
 manual
@@ -3850,7 +3832,6 @@ mashed
 mashing
 massager
 masses
-massive
 mastiff
 matador
 matchbook
@@ -3863,15 +3844,11 @@ maternal
 maternity
 math
 mating
-matriarch
 matrimony
 matrix
 matron
 matted
 matter
-maturely
-maturing
-maturity
 mauve
 maverick
 maximize
@@ -3891,9 +3868,6 @@ modify
 modular
 modulator
 module
-moisten
-moistness
-moisture
 molar
 molasses
 mold
@@ -3946,11 +3920,7 @@ morality
 morally
 morbidity
 morbidly
-morphine
-morphing
 morse
-mortality
-mortally
 mortician
 mortified
 mortify
@@ -3976,7 +3946,6 @@ mournful
 mouse
 mousiness
 moustache
-mousy
 mouth
 movable
 move
@@ -3985,7 +3954,6 @@ moving
 mower
 mowing
 much
-muck
 mud
 mug
 mulberry
@@ -4002,7 +3970,6 @@ mumbling
 mumbo
 mummified
 mummify
-mummy
 mumps
 munchkin
 mundane
@@ -4798,7 +4765,6 @@ princess
 print
 prior
 prism
-prison
 prissy
 pristine
 privacy
@@ -4822,8 +4788,6 @@ prodigal
 prodigy
 produce
 product
-profane
-profanity
 professed
 professor
 profile
@@ -5992,10 +5956,6 @@ slit
 sliver
 slobbery
 slogan
-sloped
-sloping
-sloppily
-sloppy
 slot
 slouching
 slouchy
@@ -6011,7 +5971,6 @@ smartness
 smasher
 smashing
 smashup
-smell
 smelting
 smile
 smilingly
@@ -6021,11 +5980,6 @@ smith
 smitten
 smock
 smog
-smoked
-smokeless
-smokiness
-smoking
-smoky
 smolder
 smooth
 smother
@@ -6047,7 +6001,6 @@ sneer
 sneeze
 sneezing
 snide
-sniff
 snippet
 snipping
 snitch
@@ -6203,7 +6156,6 @@ squiggle
 squiggly
 squint
 squire
-squirt
 squishier
 squishy
 stability
@@ -6323,7 +6275,6 @@ stoning
 stony
 stood
 stooge
-stool
 stoop
 stoplight
 stoppable
@@ -6458,12 +6409,9 @@ subwoofer
 subzero
 succulent
 such
-suction
 sudden
 sudoku
 suds
-sufferer
-suffering
 suffice
 suffix
 suffocate
@@ -6515,7 +6463,6 @@ surplus
 surprise
 surreal
 surrender
-surrogate
 surround
 survey
 survival
@@ -6528,7 +6475,6 @@ suspend
 suspense
 sustained
 sustainer
-swab
 swaddling
 swagger
 swampland
@@ -6536,7 +6482,6 @@ swan
 swapping
 swarm
 sway
-swear
 sweat
 sweep
 swell
@@ -6605,9 +6550,6 @@ talcum
 talisman
 tall
 talon
-tamale
-tameness
-tamer
 tamper
 tank
 tanned
@@ -6647,7 +6589,6 @@ thaw
 theater
 theatrics
 thee
-theft
 theme
 theology
 theorize
@@ -6752,7 +6693,6 @@ trade
 trading
 tradition
 traffic
-tragedy
 trailing
 trailside
 train
@@ -6772,7 +6712,6 @@ trapped
 trapper
 trapping
 traps
-trash
 travel
 traverse
 travesty

app/migrations/versions/2024_071908_56d08955fcab_add_retry_count_to_sync_event.py

@@ -0,0 +1,28 @@
+"""add retry count to sync event
+
+Revision ID: 56d08955fcab
+Revises: d608b8e48082
+Create Date: 2024-07-19 08:21:19.979973
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '56d08955fcab'
+down_revision = 'd608b8e48082'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.add_column('sync_event', sa.Column('retry_count', sa.Integer(), server_default='0', nullable=False, default=0))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_column('sync_event', 'retry_count')
+    # ### end Alembic commands ###

app/migrations/versions/2024_073011_1c14339aae90_.py

@@ -0,0 +1,42 @@
+"""empty message
+
+Revision ID: 1c14339aae90
+Revises: 56d08955fcab
+Create Date: 2024-07-30 11:46:32.460221
+
+"""
+import sqlalchemy_utils
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '1c14339aae90'
+down_revision = '56d08955fcab'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('mailbox_activation',
+    sa.Column('id', sa.Integer(), autoincrement=True, nullable=False),
+    sa.Column('created_at', sqlalchemy_utils.types.arrow.ArrowType(), nullable=False),
+    sa.Column('updated_at', sqlalchemy_utils.types.arrow.ArrowType(), nullable=True),
+    sa.Column('mailbox_id', sa.Integer(), nullable=False),
+    sa.Column('code', sa.String(length=32), nullable=False),
+    sa.Column('tries', sa.Integer(), nullable=False),
+    sa.ForeignKeyConstraint(['mailbox_id'], ['mailbox.id'], ondelete='cascade'),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index(op.f('ix_mailbox_activation_code'), 'mailbox_activation', ['code'], unique=False)
+    op.create_index(op.f('ix_mailbox_activation_mailbox_id'), 'mailbox_activation', ['mailbox_id'], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index(op.f('ix_mailbox_activation_mailbox_id'), table_name='mailbox_activation')
+    op.drop_index(op.f('ix_mailbox_activation_code'), table_name='mailbox_activation')
+    op.drop_table('mailbox_activation')
+    # ### end Alembic commands ###

app/scripts/new-migration.sh

@@ -12,10 +12,10 @@ docker run -p 25432:5432 --name ${container_name} -e POSTGRES_PASSWORD=postgres
 sleep 3
 
 # upgrade the DB to the latest stage and
-env DB_URI=postgresql://postgres:postgres@127.0.0.1:25432/sl poetry run alembic upgrade head
+env DB_URI=postgresql://postgres:postgres@127.0.0.1:25432/sl rye run alembic upgrade head
 
 # generate the migration script.
-env DB_URI=postgresql://postgres:postgres@127.0.0.1:25432/sl poetry run alembic revision --autogenerate $@
+env DB_URI=postgresql://postgres:postgres@127.0.0.1:25432/sl rye run alembic revision --autogenerate $@
 
 # remove the db
 docker rm -f ${container_name}

app/scripts/reset_local_db.sh

@@ -3,5 +3,5 @@
 export DB_URI=postgresql://myuser:mypassword@localhost:15432/simplelogin
 echo 'drop schema public cascade; create schema public;' | psql  $DB_URI
 
-poetry run alembic upgrade head
-poetry run flask dummy-data
+rye run alembic upgrade head
+rye run flask dummy-data

app/scripts/reset_test_db.sh

@@ -3,4 +3,4 @@
 export DB_URI=postgresql://myuser:mypassword@localhost:15432/test
 echo 'drop schema public cascade; create schema public;' | psql  $DB_URI
 
-poetry run alembic upgrade head
+rye run alembic upgrade head

app/server.py

@@ -45,6 +45,7 @@ from app.admin_model import (
     DailyMetricAdmin,
     MetricAdmin,
     InvalidMailboxDomainAdmin,
+    EmailSearchAdmin,
 )
 from app.api.base import api_bp
 from app.auth.base import auth_bp
@@ -200,7 +201,7 @@ def create_app() -> Flask:
                 "username": "admin",
                 "password": FLASK_PROFILER_PASSWORD,
             },
-            "ignore": ["^/static/.*", "/git", "/exception"],
+            "ignore": ["^/static/.*", "/git", "/exception", "/health"],
         }
         flask_profiler.init_app(app)
 
@@ -218,6 +219,10 @@ def create_app() -> Flask:
     def cleanup(resp_or_exc):
         Session.remove()
 
+    @app.route("/health", methods=["GET"])
+    def healthcheck():
+        return "success", 200
+
     return app
 
 
@@ -282,7 +287,9 @@ def set_index_page(app):
             and not request.path.startswith("/_debug_toolbar")
             and not request.path.startswith("/git")
             and not request.path.startswith("/favicon.ico")
+            and not request.path.startswith("/health")
         ):
+            start_time = g.start_time or time.time()
             LOG.d(
                 "%s %s %s %s %s, takes %s",
                 request.remote_addr,
@@ -290,7 +297,7 @@ def set_index_page(app):
                 request.path,
                 request.args,
                 res.status_code,
-                time.time() - g.start_time,
+                time.time() - start_time,
             )
 
         return res
@@ -780,6 +787,7 @@ def init_admin(app):
     admin.add_view(UserAdmin(User, Session))
     admin.add_view(AliasAdmin(Alias, Session))
     admin.add_view(MailboxAdmin(Mailbox, Session))
+    admin.add_view(EmailSearchAdmin(name="Email Search", endpoint="email_search"))
     admin.add_view(CouponAdmin(Coupon, Session))
     admin.add_view(ManualSubscriptionAdmin(ManualSubscription, Session))
     admin.add_view(CustomDomainAdmin(CustomDomain, Session))

app/templates/admin/alias_search.html

@@ -0,0 +1,300 @@
+{% extends 'admin/master.html' %}
+
+{% block body %}
+
+  <div class="border border-dark border-2 mt-1 mb-2 p-3">
+    <form method="post">
+      <div class="form-group">
+        <label for="email">Email to search:</label>
+        <input type="text"
+               class="form-control"
+               name="email"
+               value="{{ email or '' }}"/>
+      </div>
+      <button type="submit" class="btn btn-primary">Submit</button>
+    </form>
+  </div>
+  {% if no_match %}
+
+    <div class="border border-dark border-2 mt-1 mb-2 p-3 alert alert-warning"
+         role="alert">
+      No user, alias or mailbox found for {{ email }}
+    </div>
+  {% endif %}
+  {% if alias %}
+
+    <div class="border border-dark border-2 mt-1 mb-2 p-3">
+      <h3>Alias {{ alias.email }} found</h3>
+      <dl>
+        <dt>
+          Alias id
+        </dt>
+        <dd>
+          {{ alias.id }}
+        </dd>
+        <dt>
+          Email
+        </dt>
+        <dd>
+          {{ alias.email }}
+        </dd>
+        <dt>
+          Created at
+        </dt>
+        <dd>
+          {{ alias.created_at }}
+        </dd>
+        <dt class="mb-2">
+          User
+        </dt>
+        <dd class="ml-4 border-secondary border p-2">
+          <dl>
+            <dt>
+              User id
+            </dt>
+            <dd>
+              {{ alias.user.id }}
+            </dd>
+            <dt>
+              Email
+            </dt>
+            <dd>
+              {{ alias.user.email }}
+            </dd>
+            <dt>
+              Premium
+            </dt>
+            <dd>
+              {{ alias.user.is_premium() }}
+            </dd>
+            <dt>
+              Disabled
+            </dt>
+            <dd>
+              {{ alias.user.disabled }}
+            </dd>
+            <dt>
+              Crated At
+            </dt>
+            <dd>
+              {{ alias.user.created_at }}
+            </dd>
+            <dt class="border-dark border-top-2 mb-2">
+              Mailboxes
+            </dt>
+            <dd>
+              {% for mailbox in  alias.mailboxes %}
+
+                <dl class="border border-grey border-2 ml-4 p-2">
+                  <dt>
+                    Mailbox id
+                  </dt>
+                  <dd>
+                    {{ mailbox.id }}
+                  </dd>
+                  <dt>
+                    Email
+                  </dt>
+                  <dd>
+                    {{ mailbox.email }}
+                  </dd>
+                  <dt>
+                    Verified
+                  </dt>
+                  <dd>
+                    {{ mailbox.verified }}
+                  </dd>
+                  <dt>
+                    Created At
+                  </dt>
+                  <dd>
+                    {{ mailbox.created_at }}
+                  </dd>
+                </dl>
+              {% endfor %}
+            </dd>
+          </dl>
+        </dd>
+      </dl>
+    </div>
+  {% endif %}
+  {% if user %}
+
+    <div class="border border-dark border-2 mt-1 mb-2 p-3">
+      <h3>User {{ user.email }} found</h3>
+      <dl>
+        <dt>
+          User id
+        </dt>
+        <dd>
+          {{ user.id }}
+        </dd>
+        <dt>
+          Email
+        </dt>
+        <dd>
+          {{ user.email }}
+        </dd>
+        {% if  user.is_paid() %}
+
+          <dt>
+            Paid
+          </dt>
+          <dd>
+            Yes
+          </dd>
+          <dt>
+            Subscription
+          </dt>
+          <dd>
+            {{ user.get_active_subscription() }}
+          </dd>
+        {% else %}
+          <dt>
+            Paid
+          </dt>
+          <dd>
+            No
+          </dd>
+        {% endif %}
+        <dt>
+          Created at
+        </dt>
+        <dd>
+          {{ user.created_at }}
+        </dd>
+        <dt class="mb-2">
+          Mailboxes
+        </dt>
+        <dd>
+          {% for mailbox in  user.mailboxes() %}
+
+            <dl class="border border-dark p-2 ml-4">
+              <dt>
+                Mailbox id
+              </dt>
+              <dd>
+                {{ mailbox.id }}
+              </dd>
+              <dt>
+                Email
+              </dt>
+              <dd>
+                {{ mailbox.email }}
+              </dd>
+              <dt>
+                Verified
+              </dt>
+              <dd>
+                {{ mailbox.verified }}
+              </dd>
+              <dt>
+                Created At
+              </dt>
+              <dd>
+                {{ mailbox.created_at }}
+              </dd>
+            </dl>
+          {% endfor %}
+        </dd>
+        <dt class="mb-2">
+          Aliases
+        </dt>
+        <dd>
+          {% for mailbox in user_aliases(user.id) %}
+
+            <dl class="border border-dark p-2 ml-4">
+              <dt>
+                Mailbox id
+              </dt>
+              <dd>
+                {{ mailbox.id }}
+              </dd>
+              <dt>
+                Email
+              </dt>
+              <dd>
+                {{ mailbox.email }}
+              </dd>
+              <dt>
+                Verified
+              </dt>
+              <dd>
+                {{ mailbox.verified }}
+              </dd>
+              <dt>
+                Created At
+              </dt>
+              <dd>
+                {{ mailbox.created_at }}
+              </dd>
+            </dl>
+          {% endfor %}
+        </dd>
+      </dl>
+    </div>
+  {% endif %}
+  {% if mailbox %}
+
+    <div class="border border-dark mt-1 mb-2 p-3">
+      <h3>Mailbox {{ mailbox.email }} found</h3>
+      <dl>
+        <dt>
+          Mailbox id
+        </dt>
+        <dd>
+          {{ mailbox.id }}
+        </dd>
+        <dt>
+          Email
+        </dt>
+        <dd>
+          {{ mailbox.email }}
+        </dd>
+        <dt>
+          Created at
+        </dt>
+        <dd>
+          {{ mailbox.created_at }}
+        </dd>
+        <dt class="mb-2">
+          User
+        </dt>
+        <dd class="ml-4">
+          <dl class="border-dark border p-2">
+            <dt>
+              User id
+            </dt>
+            <dd>
+              {{ mailbox.user.id }}
+            </dd>
+            <dt>
+              Email
+            </dt>
+            <dd>
+              {{ mailbox.user.email }}
+            </dd>
+            <dt>
+              Premium
+            </dt>
+            <dd>
+              {{ mailbox.user.is_premium() }}
+            </dd>
+            <dt>
+              Disabled
+            </dt>
+            <dd>
+              {{ mailbox.user.disabled }}
+            </dd>
+            <dt>
+              Crated At
+            </dt>
+            <dd>
+              {{ mailbox.user.created_at }}
+            </dd>
+          </dl>
+        </dd>
+      </dl>
+    </div>
+  {% endif %}
+{% endblock %}

app/templates/emails/transactional/verify-mailbox.html

@@ -4,8 +4,13 @@
 
   {{ render_text("Hi") }}
   {{ render_text("You have added <b>"+ mailbox_email +"</b> as an additional mailbox.") }}
-  {{ render_text("To confirm, please click on the button below.") }}
-  {{ render_button("Confirm mailbox", link) }}
+  {% if link %}
+
+    {{ render_text("To confirm, please click on the button below.") }}
+    {{ render_button("Confirm mailbox", link) }}
+  {% else %}
+    {{ render_text("Please enter <b>"+code+"</b> as your verification code") }}
+  {% endif %}
   {{ render_text("This email will only be valid for the next 15 minutes.") }}
   {{ render_text('Thanks,
   <br />

app/templates/emails/transactional/verify-mailbox.txt.jinja2

@@ -5,9 +5,13 @@ Hi
 
 You have added {{mailbox_email}} as an additional mailbox.
 
+{% if link %}
 To confirm, please click on this link:
 
 {{link}}
+{% else %}
+Please enter {{ code }} as your verification code for this mailbox
+{% endif %}
 
 This link will only be valid during the next 15 minutes.
 {% endblock %}

app/tests/api/test_mailbox.py

@@ -28,7 +28,7 @@ def test_create_mailbox(flask_client):
     )
 
     assert r.status_code == 400
-    assert r.json == {"error": "gmail.com invalid"}
+    assert r.json == {"error": "Invalid email"}
 
 
 def test_create_mailbox_fail_for_free_user(flask_client):
@@ -42,7 +42,7 @@ def test_create_mailbox_fail_for_free_user(flask_client):
     )
 
     assert r.status_code == 400
-    assert r.json == {"error": "Only premium plan can add additional mailbox"}
+    assert r.json == {"error": "Only available for paid plans"}
 
 
 def test_delete_mailbox(flask_client):

app/tests/api/test_setting.py

@@ -44,6 +44,9 @@ def test_update_settings_alias_generator(flask_client):
 
 def test_update_settings_random_alias_default_domain(flask_client):
     user = login(flask_client)
+    custom_domain = CustomDomain.create(
+        domain=random_domain(), verified=True, user_id=user.id, flush=True
+    )
     assert user.default_random_alias_domain() == "sl.local"
 
     r = flask_client.patch(
@@ -57,6 +60,12 @@ def test_update_settings_random_alias_default_domain(flask_client):
     assert r.status_code == 200
     assert user.default_random_alias_domain() == "d1.test"
 
+    r = flask_client.patch(
+        "/api/setting", json={"random_alias_default_domain": custom_domain.domain}
+    )
+    assert r.status_code == 200
+    assert user.default_random_alias_domain() == custom_domain.domain
+
 
 def test_update_settings_sender_format(flask_client):
     user = login(flask_client)

app/tests/test_extensions.py

@@ -23,7 +23,7 @@ _MAX_PER_MINUTE = 3
     _ENDPOINT,
     methods=["GET"],
 )
-@limiter.limit(f"{_MAX_PER_MINUTE}/minute")
+@limiter.limit(f"{_MAX_PER_MINUTE}/hour")
 def rate_limited_endpoint_1():
     return "Working", HTTPStatus.OK
 

app/tests/test_mailbox_utils.py

@@ -0,0 +1,304 @@
+from typing import Optional
+
+import arrow
+import pytest
+
+from app import mailbox_utils, config
+from app.db import Session
+from app.mail_sender import mail_sender
+from app.models import Mailbox, MailboxActivation, User, Job
+from tests.utils import create_new_user, random_email
+
+
+user: Optional[User] = None
+
+
+def setup_module():
+    global user
+    config.SKIP_MX_LOOKUP_ON_CHECK = True
+    user = create_new_user()
+    user.trial_end = None
+    user.lifetime = True
+    Session.commit()
+
+
+def teardown_module():
+    config.SKIP_MX_LOOKUP_ON_CHECK = False
+
+
+def test_free_user_cannot_add_mailbox():
+    user.lifetime = False
+    email = random_email()
+    try:
+        with pytest.raises(mailbox_utils.OnlyPaidError):
+            mailbox_utils.create_mailbox(user, email)
+    finally:
+        user.lifetime = True
+
+
+def test_invalid_email():
+    user.lifetime = True
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.create_mailbox(user, "invalid")
+
+
+def test_already_used():
+    user.lifetime = True
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.create_mailbox(user, user.email)
+
+
+@mail_sender.store_emails_test_decorator
+def test_create_mailbox():
+    email = random_email()
+    mailbox_utils.create_mailbox(user, email)
+    mailbox = Mailbox.get_by(email=email)
+    assert mailbox is not None
+    assert not mailbox.verified
+    activation = MailboxActivation.get_by(mailbox_id=mailbox.id)
+    assert activation is not None
+    assert activation.tries == 0
+    assert len(activation.code) > 6
+
+    assert 1 == len(mail_sender.get_stored_emails())
+    mail_sent = mail_sender.get_stored_emails()[0]
+    mail_contents = str(mail_sent.msg)
+    assert mail_contents.find(config.URL) > 0
+    assert mail_contents.find(activation.code) > 0
+    assert mail_sent.envelope_to == email
+
+
+@mail_sender.store_emails_test_decorator
+def test_create_mailbox_verified():
+    email = random_email()
+    output = mailbox_utils.create_mailbox(user, email, verified=True)
+    assert output.mailbox is not None
+    assert output.mailbox.verified
+    assert output.activation is None
+    mailbox = Mailbox.get_by(email=email)
+    assert mailbox is not None
+    assert mailbox.verified
+    activation = MailboxActivation.get_by(mailbox_id=mailbox.id)
+    assert activation is None
+
+    assert 0 == len(mail_sender.get_stored_emails())
+
+
+@mail_sender.store_emails_test_decorator
+def test_create_mailbox_with_digits():
+    email = random_email()
+    output = mailbox_utils.create_mailbox(
+        user, email, use_digit_codes=True, send_link=False
+    )
+    assert output.activation is not None
+    assert output.activation.tries == 0
+    assert len(output.activation.code) == 6
+
+    mailbox = Mailbox.get_by(email=email)
+    assert mailbox is not None
+    assert not mailbox.verified
+    assert output.mailbox.id == mailbox.id
+
+    activation = MailboxActivation.get_by(mailbox_id=mailbox.id)
+    assert activation is not None
+    assert output.activation.mailbox_id == activation.mailbox_id
+
+    assert 1 == len(mail_sender.get_stored_emails())
+    mail_sent = mail_sender.get_stored_emails()[0]
+    mail_contents = str(mail_sent.msg)
+    assert mail_contents.find(output.activation.code) > 0
+    assert mail_contents.find(config.URL) == -1
+    assert mail_sent.envelope_to == email
+
+
+@mail_sender.store_emails_test_decorator
+def test_create_mailbox_without_verification_email():
+    email = random_email()
+    output = mailbox_utils.create_mailbox(
+        user, email, use_digit_codes=True, send_email=False
+    )
+    mailbox = Mailbox.get_by(email=email)
+    assert mailbox is not None
+    assert not mailbox.verified
+    assert mailbox.id == output.mailbox.id
+    activation = MailboxActivation.get_by(mailbox_id=mailbox.id)
+    assert activation is not None
+    assert activation.tries == 0
+    assert len(activation.code) == 6
+    assert activation.code == output.activation.code
+
+    assert 0 == len(mail_sender.get_stored_emails())
+
+
+@mail_sender.store_emails_test_decorator
+def test_send_verification_email():
+    email = random_email()
+    mailbox_utils.create_mailbox(user, email, use_digit_codes=True, send_link=False)
+    mailbox = Mailbox.get_by(email=email)
+    activation = MailboxActivation.get_by(mailbox_id=mailbox.id)
+    mail_sender.purge_stored_emails()
+    mailbox_utils.send_verification_email(user, mailbox, activation, send_link=False)
+
+    assert 1 == len(mail_sender.get_stored_emails())
+    mail_sent = mail_sender.get_stored_emails()[0]
+    mail_contents = str(mail_sent.msg)
+    assert mail_contents.find(activation.code) > 0
+    assert mail_contents.find(config.URL) == -1
+    assert mail_sent.envelope_to == email
+
+
+@mail_sender.store_emails_test_decorator
+def test_send_verification_email_with_link():
+    email = random_email()
+    mailbox_utils.create_mailbox(user, email, use_digit_codes=True, send_link=False)
+    mailbox = Mailbox.get_by(email=email)
+    activation = MailboxActivation.get_by(mailbox_id=mailbox.id)
+    mail_sender.purge_stored_emails()
+    mailbox_utils.send_verification_email(user, mailbox, activation, send_link=True)
+
+    assert 1 == len(mail_sender.get_stored_emails())
+    mail_sent = mail_sender.get_stored_emails()[0]
+    mail_contents = str(mail_sent.msg)
+    assert mail_contents.find(activation.code) > 0
+    assert mail_contents.find(config.URL) > -1
+    assert mail_sent.envelope_to == email
+
+
+def test_delete_other_user_mailbox():
+    other = create_new_user()
+    mailbox = Mailbox.create(user_id=other.id, email=random_email(), commit=True)
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.delete_mailbox(user, mailbox.id, transfer_mailbox_id=None)
+
+
+def test_delete_default_mailbox():
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.delete_mailbox(
+            user, user.default_mailbox_id, transfer_mailbox_id=None
+        )
+
+
+def test_transfer_to_same_mailbox():
+    email = random_email()
+    mailbox = mailbox_utils.create_mailbox(
+        user, email, use_digit_codes=True, send_link=False
+    ).mailbox
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.delete_mailbox(user, mailbox.id, transfer_mailbox_id=mailbox.id)
+
+
+def test_transfer_to_other_users_mailbox():
+    email = random_email()
+    mailbox = mailbox_utils.create_mailbox(
+        user, email, use_digit_codes=True, send_link=False
+    ).mailbox
+    other = create_new_user()
+    other_mailbox = Mailbox.create(user_id=other.id, email=random_email(), commit=True)
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.delete_mailbox(
+            user, mailbox.id, transfer_mailbox_id=other_mailbox.id
+        )
+
+
+def test_delete_with_no_transfer():
+    email = random_email()
+    mailbox = mailbox_utils.create_mailbox(
+        user, email, use_digit_codes=True, send_link=False
+    ).mailbox
+    mailbox_utils.delete_mailbox(user, mailbox.id, transfer_mailbox_id=None)
+    job = Session.query(Job).order_by(Job.id.desc()).first()
+    assert job is not None
+    assert job.name == config.JOB_DELETE_MAILBOX
+    assert job.payload["mailbox_id"] == mailbox.id
+    assert job.payload["transfer_mailbox_id"] is None
+
+
+def test_delete_with_transfer():
+    mailbox = mailbox_utils.create_mailbox(
+        user, random_email(), use_digit_codes=True, send_link=False
+    ).mailbox
+    transfer_mailbox = mailbox_utils.create_mailbox(
+        user, random_email(), use_digit_codes=True, send_link=False
+    ).mailbox
+    mailbox_utils.delete_mailbox(
+        user, mailbox.id, transfer_mailbox_id=transfer_mailbox.id
+    )
+    job = Session.query(Job).order_by(Job.id.desc()).first()
+    assert job is not None
+    assert job.name == config.JOB_DELETE_MAILBOX
+    assert job.payload["mailbox_id"] == mailbox.id
+    assert job.payload["transfer_mailbox_id"] == transfer_mailbox.id
+    mailbox_utils.delete_mailbox(user, mailbox.id, transfer_mailbox_id=None)
+    job = Session.query(Job).order_by(Job.id.desc()).first()
+    assert job is not None
+    assert job.name == config.JOB_DELETE_MAILBOX
+    assert job.payload["mailbox_id"] == mailbox.id
+    assert job.payload["transfer_mailbox_id"] is None
+
+
+def test_verify_non_existing_mailbox():
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.verify_mailbox_code(user, 999999999, "9999999")
+
+
+def test_verify_already_verified_mailbox():
+    mailbox = Mailbox.create(
+        user_id=user.id, email=random_email(), verified=True, commit=True
+    )
+    mbox = mailbox_utils.verify_mailbox_code(user, mailbox.id, "9999999")
+    assert mbox.id == mailbox.id
+
+
+def test_verify_other_users_mailbox():
+    other = create_new_user()
+    mailbox = Mailbox.create(
+        user_id=other.id, email=random_email(), verified=False, commit=True
+    )
+    with pytest.raises(mailbox_utils.MailboxError):
+        mailbox_utils.verify_mailbox_code(user, mailbox.id, "9999999")
+
+
+@mail_sender.store_emails_test_decorator
+def test_verify_fail():
+    output = mailbox_utils.create_mailbox(user, random_email())
+    for i in range(mailbox_utils.MAX_ACTIVATION_TRIES - 1):
+        try:
+            mailbox_utils.verify_mailbox_code(
+                user, output.mailbox.id, output.activation.code + "nop"
+            )
+            assert False, f"test {i}"
+        except mailbox_utils.CannotVerifyError:
+            activation = MailboxActivation.get_by(mailbox_id=output.mailbox.id)
+            assert activation.tries == i + 1
+
+
+@mail_sender.store_emails_test_decorator
+def test_verify_too_may():
+    output = mailbox_utils.create_mailbox(user, random_email())
+    output.activation.tries = mailbox_utils.MAX_ACTIVATION_TRIES
+    Session.commit()
+    with pytest.raises(mailbox_utils.CannotVerifyError):
+        mailbox_utils.verify_mailbox_code(
+            user, output.mailbox.id, output.activation.code
+        )
+
+
+@mail_sender.store_emails_test_decorator
+def test_verify_too_old_code():
+    output = mailbox_utils.create_mailbox(user, random_email())
+    output.activation.created_at = arrow.now().shift(minutes=-30)
+    Session.commit()
+    with pytest.raises(mailbox_utils.CannotVerifyError):
+        mailbox_utils.verify_mailbox_code(
+            user, output.mailbox.id, output.activation.code
+        )
+
+
+@mail_sender.store_emails_test_decorator
+def test_verify_ok():
+    output = mailbox_utils.create_mailbox(user, random_email())
+    mailbox_utils.verify_mailbox_code(user, output.mailbox.id, output.activation.code)
+    activation = MailboxActivation.get_by(mailbox_id=output.mailbox.id)
+    assert activation is None
+    mailbox = Mailbox.get(id=output.mailbox.id)
+    assert mailbox.verified

app/tests/test_models.py

@@ -365,12 +365,22 @@ def test_sync_event_dead_letter():
         commit=True,
     )
 
+    # create event with too many retries
+    max_retries = 5
+    e5 = SyncEvent.create(
+        content=b"content",
+        retry_count=max_retries + 1,
+        created_at=arrow.now(),
+        commit=True,
+    )
+
     # get dead letter events
     dead_letter_events = SyncEvent.get_dead_letter(
-        older_than=arrow.now().shift(minutes=-10)
+        older_than=arrow.now().shift(minutes=-10), max_retries=max_retries
     )
     assert len(dead_letter_events) == 2
     assert e1 in dead_letter_events
     assert e2 in dead_letter_events
     assert e3 not in dead_letter_events
     assert e4 not in dead_letter_events
+    assert e5 not in dead_letter_events

app/tests/user_settings/test_set_default_alias_domain.py

@@ -0,0 +1,128 @@
+import pytest
+
+from app import user_settings
+from app.db import Session
+from app.models import User, CustomDomain, SLDomain
+from tests.utils import random_token, create_new_user
+
+user_id: int = 0
+custom_domain_name: str = ""
+sl_domain_name: str = ""
+
+
+def setup_module():
+    global user_id, custom_domain_name, sl_domain_name
+    user = create_new_user()
+    user.trial_end = None
+    user_id = user.id
+    custom_domain_name = CustomDomain.create(
+        user_id=user_id,
+        catch_all=True,
+        domain=random_token() + ".com",
+        verified=True,
+        flush=True,
+    ).domain
+    sl_domain_name = SLDomain.create(
+        domain=random_token() + ".com",
+        premium_only=False,
+        flush=True,
+        order=5,
+        hidden=False,
+    ).domain
+
+
+def test_set_default_no_domain():
+    user = User.get(user_id)
+    user.default_alias_public_domain_id = SLDomain.get_by(domain=sl_domain_name).id
+    user.default_alias_private_domain_id = CustomDomain.get_by(
+        domain=custom_domain_name
+    ).id
+    Session.flush()
+    user_settings.set_default_alias_domain(user, None)
+    assert user.default_alias_public_domain_id is None
+    assert user.default_alias_custom_domain_id is None
+
+
+def test_set_premium_sl_domain_with_non_premium_user():
+    user = User.get(user_id)
+    user.lifetime = False
+    domain = SLDomain.get_by(domain=sl_domain_name)
+    domain.premium_only = True
+    Session.flush()
+    with pytest.raises(user_settings.CannotSetAlias):
+        user_settings.set_default_alias_domain(user, sl_domain_name)
+
+
+def test_set_hidden_sl_domain():
+    user = User.get(user_id)
+    domain = SLDomain.get_by(domain=sl_domain_name)
+    domain.hidden = True
+    domain.premium_only = False
+    Session.flush()
+    with pytest.raises(user_settings.CannotSetAlias):
+        user_settings.set_default_alias_domain(user, sl_domain_name)
+
+
+def test_set_sl_domain():
+    user = User.get(user_id)
+    user.lifetime = False
+    domain = SLDomain.get_by(domain=sl_domain_name)
+    domain.hidden = False
+    domain.premium_only = False
+    Session.flush()
+    user_settings.set_default_alias_domain(user, sl_domain_name)
+    assert user.default_alias_public_domain_id == domain.id
+    assert user.default_alias_custom_domain_id is None
+
+
+def test_set_sl_premium_domain():
+    user = User.get(user_id)
+    user.lifetime = True
+    domain = SLDomain.get_by(domain=sl_domain_name)
+    domain.hidden = False
+    domain.premium_only = True
+    Session.flush()
+    user_settings.set_default_alias_domain(user, sl_domain_name)
+    assert user.default_alias_public_domain_id == domain.id
+    assert user.default_alias_custom_domain_id is None
+
+
+def test_set_other_user_custom_domain():
+    user = User.get(user_id)
+    user.lifetime = True
+    other_user_domain_name = CustomDomain.create(
+        user_id=create_new_user().id,
+        catch_all=True,
+        domain=random_token() + ".com",
+        verified=True,
+    ).domain
+    Session.flush()
+    with pytest.raises(user_settings.CannotSetAlias):
+        user_settings.set_default_alias_domain(user, other_user_domain_name)
+
+
+def test_set_unverified_custom_domain():
+    user = User.get(user_id)
+    user.lifetime = True
+    domain = CustomDomain.get_by(domain=custom_domain_name)
+    domain.verified = False
+    Session.flush()
+    with pytest.raises(user_settings.CannotSetAlias):
+        user_settings.set_default_alias_domain(user, custom_domain_name)
+
+
+def test_set_custom_domain():
+    user = User.get(user_id)
+    user.lifetime = True
+    domain = CustomDomain.get_by(domain=custom_domain_name)
+    domain.verified = True
+    Session.flush()
+    user_settings.set_default_alias_domain(user, custom_domain_name)
+    assert user.default_alias_public_domain_id is None
+    assert user.default_alias_custom_domain_id == domain.id
+
+
+def test_set_invalid_custom_domain():
+    user = User.get(user_id)
+    with pytest.raises(user_settings.CannotSetAlias):
+        user_settings.set_default_alias_domain(user, "invalid_nop" + random_token())

app/tests/user_settings/test_set_default_mailbox.py

@@ -0,0 +1,61 @@
+from typing import Optional
+import pytest
+
+from app import mailbox_utils, user_settings, config
+from app.db import Session
+from app.models import User
+from tests.utils import random_email, create_new_user
+
+
+user: Optional[User] = None
+
+
+def setup_module():
+    global user
+    config.SKIP_MX_LOOKUP_ON_CHECK = True
+    user = create_new_user()
+    user.trial_end = None
+    user.lifetime = True
+    Session.commit()
+
+
+def teardown_module():
+    config.SKIP_MX_LOOKUP_ON_CHECK = False  # noqa: F821
+
+
+def test_set_default_mailbox():
+    other = create_new_user()
+    output = mailbox_utils.create_mailbox(
+        other,
+        random_email(),
+        use_digit_codes=True,
+        send_link=False,
+    )
+    output.mailbox.verified = True
+    Session.commit()
+    user_settings.set_default_mailbox(other, output.mailbox.id)
+    other = User.get(other.id)
+    assert other.default_mailbox_id == output.mailbox.id
+
+
+def test_cannot_set_unverified():
+    output = mailbox_utils.create_mailbox(
+        user,
+        random_email(),
+        use_digit_codes=True,
+        send_link=False,
+    )
+    with pytest.raises(user_settings.CannotSetMailbox):
+        user_settings.set_default_mailbox(user, output.mailbox.id)
+
+
+def test_cannot_default_other_user_mailbox():
+    other = create_new_user()
+    mailbox = mailbox_utils.create_mailbox(
+        other,
+        random_email(),
+        use_digit_codes=True,
+        send_link=False,
+    ).mailbox
+    with pytest.raises(user_settings.CannotSetMailbox):
+        user_settings.set_default_mailbox(user, mailbox.id)