j3d1/multimail
1
1
Fork 0
Code Issues Pull requests Releases Wiki Activity

use a password field in mailbox instead of raw hash input

Browse source
This commit is contained in:
j3d1 2020-11-09 15:52:02 +01:00
parent b8073cc539
commit e8d9347443
4 changed files with 31 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
backend/multimail/forms.py
View file

@ -1,6 +1,5 @@
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.forms import ModelForm from django.forms import ModelForm, CharField, PasswordInput
from django.forms.utils import ErrorList
from django.http import HttpResponseRedirect, Http404 from django.http import HttpResponseRedirect, Http404
from django.shortcuts import render from django.shortcuts import render
from django.db import IntegrityError from django.db import IntegrityError
@ -17,9 +16,19 @@ class DomainForm(ModelForm):
class MailboxForm(ModelForm): class MailboxForm(ModelForm):
plain_password = CharField(label='Password', required=False, widget=PasswordInput())
class Meta: class Meta:
model = Mailbox model = Mailbox
fields = '__all__' # fields = '__all__'
fields = ['domain', 'username', 'plain_password', 'sendonly', 'enabled']
def save(self, commit=True):
mailbox = super(MailboxForm, self).save(commit=False)
if not self.cleaned_data["plain_password"] == '':
mailbox.set_password(self.cleaned_data["plain_password"])
if commit:
mailbox.save()
return mailbox
class AliasForm(ModelForm): class AliasForm(ModelForm):
@ -82,7 +91,7 @@ def edit_mailbox(request, mailbox_id):
if request.method == 'POST': if request.method == 'POST':
form = MailboxForm(request.POST, instance=mailbox) form = MailboxForm(request.POST, instance=mailbox)
try: try:
if form.is_valid(): if form.is_valid() and form.cleaned_data['domain'] in domains:
form.save() form.save()
return HttpResponseRedirect('/mailboxes/') return HttpResponseRedirect('/mailboxes/')
@ -102,7 +111,7 @@ def new_mailbox(request):
domains = [o.domain for o in Domain.objects.filter(admin__admin=user['name'], admin__source=user['source'])] domains = [o.domain for o in Domain.objects.filter(admin__admin=user['name'], admin__source=user['source'])]
form = MailboxForm(request.POST) form = MailboxForm(request.POST)
try: try:
if form.is_valid() and form.domain in domains: if form.is_valid() and form.cleaned_data['domain'] in domains:
form.save() form.save()
return HttpResponseRedirect('/mailboxes/') return HttpResponseRedirect('/mailboxes/')
@ -126,7 +135,7 @@ def edit_alias(request, alias_id):
if request.method == 'POST': if request.method == 'POST':
form = AliasForm(request.POST, instance=alias) form = AliasForm(request.POST, instance=alias)
try: try:
if form.is_valid(): if form.is_valid() and form.cleaned_data['source_domain'] in domains:
form.save() form.save()
return HttpResponseRedirect('/aliases/') return HttpResponseRedirect('/aliases/')
@ -146,7 +155,7 @@ def new_alias(request):
domains = [o.domain for o in Domain.objects.filter(admin__admin=user['name'], admin__source=user['source'])] domains = [o.domain for o in Domain.objects.filter(admin__admin=user['name'], admin__source=user['source'])]
form = AliasForm(request.POST) form = AliasForm(request.POST)
try: try:
if form.is_valid() and form.source_domain in domains: if form.is_valid() and form.cleaned_data['source_domain'] in domains:
form.save() form.save()
return HttpResponseRedirect('/aliases/') return HttpResponseRedirect('/aliases/')

10
backend/multimail/models.py
View file

@ -1,3 +1,5 @@
import crypt
from django.db import models from django.db import models
@ -12,6 +14,7 @@ class Alias(models.Model):
class Meta: class Meta:
managed = False managed = False
db_table = 'aliases' db_table = 'aliases'
unique_together = (('source_domain', 'source_username'),)
def __str__(self): def __str__(self):
return self.source_username + '@' + self.source_domain return self.source_username + '@' + self.source_domain
@ -40,6 +43,10 @@ class Mailbox(models.Model):
class Meta: class Meta:
managed = False managed = False
db_table = 'mailboxes' db_table = 'mailboxes'
unique_together = (('domain', 'username'),)
def set_password(self, password):
self.password = '{SHA512-CRYPT}' + crypt.crypt(password)
def __str__(self): def __str__(self):
return self.username + '@' + self.domain return self.username + '@' + self.domain
@ -64,5 +71,8 @@ class DomainOwner(models.Model):
source = models.CharField(max_length=8, choices=[('system', 'system'), ('ldap', 'ldap'), ('mail', 'mail')], source = models.CharField(max_length=8, choices=[('system', 'system'), ('ldap', 'ldap'), ('mail', 'mail')],
default=0) default=0)
class Meta:
unique_together = (('domain', 'admin', 'source'),)
def __str__(self): def __str__(self):
return self.admin return self.admin

2
backend/requirements.txt
View file

@ -4,6 +4,4 @@ django-ldapdb==1.5.1
django-static-fontawesome==5.14.0.0 django-static-fontawesome==5.14.0.0
django-bootstrap4==2.3.1 django-bootstrap4==2.3.1
mysqlclient==2.0.1 mysqlclient==2.0.1
passlib==1.7.4
python-ldap==3.3.1 python-ldap==3.3.1
# djangorestframework==3.12.1

8
update.sh Normal file → Executable file
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
DIR=$(dirname $0) export DIR=$(dirname $0)
function prefix_date(){ function prefix_date(){
while read line while read line
@ -10,9 +10,11 @@ function prefix_date(){
} }
function run_update(){ function run_update(){
cd $DIR
echo run autoupdate in $(pwd)
git pull git pull
cd backend cd backend
python manage.py migrate python3 manage.py migrate
} }
run_update | prefix_date > $DIR/update.log run_update | prefix_date >> $DIR/update.log