cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-10 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

doveauth: add invite_token to override nocreate file

Browse Source
This commit is contained in:
missytake
2025-07-08 16:30:54 +02:00
parent 7bf2dfd62e
commit 56cbd6f35b
4 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
chatmaild/src/chatmaild/config.py
View File

@@ -31,6 +31,7 @@ class Config:
self.username_min_length = int(params["username_min_length"])
self.username_max_length = int(params["username_max_length"])
self.password_min_length = int(params["password_min_length"])
self.invite_token = params["invite_token"]
self.passthrough_senders = params["passthrough_senders"].split()
self.passthrough_recipients = params["passthrough_recipients"].split()
self.www_folder = params.get("www_folder", "")

7
chatmaild/src/chatmaild/doveauth.py
View File

@@ -24,10 +24,11 @@ def encrypt_password(password: str):
def is_allowed_to_create(config: Config, user, cleartext_password) -> bool:
"""Return True if user and password are admissable."""
if os.path.exists(NOCREATE_FILE):
logging.warning(f"blocked account creation because {NOCREATE_FILE!r} exists.")
return False
if config.invite_token and config.invite_token not in cleartext_password:
logging.warning(f"blocked account creation because {NOCREATE_FILE!r} exists.")
return False
if len(cleartext_password) < config.password_min_length:
if len(cleartext_password.replace(config.invite_token, "")) < config.password_min_length:
logging.warning(
"Password needs to be at least %s characters long",
config.password_min_length,

5
chatmaild/src/chatmaild/newemail.py
View File

@@ -3,6 +3,7 @@
"""CGI script for creating new accounts."""
import json
import os
import random
import secrets
import string
@@ -20,7 +21,9 @@ def create_newemail_dict(config: Config):
secrets.choice(ALPHANUMERIC_PUNCT)
for _ in range(config.password_min_length + 3)
)
return dict(email=f"{user}@{config.mail_domain}", password=f"{password}")
redirect_uri = os.getenv("REQUEST_URI")
invite_token = redirect_uri[5:] if redirect_uri != "/new" else ""
return dict(email=f"{user}@{config.mail_domain}", password=f"{invite_token}{password}")
def print_new_account():

1
cmdeploy/src/cmdeploy/nginx/nginx.conf.j2
View File

@@ -90,6 +90,7 @@ http {
fastcgi_pass unix:/run/fcgiwrap.socket;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin/newemail.py;
fastcgi_param QUERY_STRING $query_string;
}
# Old URL for compatibility with e.g. printed QR codes.