globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

gets the emails of each admin to send them the compromised_password_check_failure_mail

Browse source
This commit is contained in:
sebastien 2024-11-06 12:56:35 +01:00
parent b47c949239
commit fa3a5f6616
2 changed files with 14 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
canaille/app/forms.py
View file

@ -93,19 +93,25 @@ def compromised_password_validator(form, field):
except ImportError: except ImportError:
return None return None
group_user = Backend.instance.query(models.User)
emails_of_admins = []
for user in group_user:
for group in user.groups:
if "admins" == group.display_name:
emails_of_admins.append(user.emails[0])
hashed_password = sha1(field.data.encode("utf-8")).hexdigest() hashed_password = sha1(field.data.encode("utf-8")).hexdigest()
hashed_password_prefix, hashed_password_suffix = ( hashed_password_prefix, hashed_password_suffix = (
hashed_password[:5].upper(), hashed_password[:5].upper(),
hashed_password[5:].upper(), hashed_password[5:].upper(),
) )
api_url = f"https://api.pwnedpasswords.com/range/{hashed_password_prefix}" api_url = f"https://api2.pwnedpasswords.com/range/{hashed_password_prefix}"
try: try:
response = requests.api.get(api_url, timeout=10) response = requests.api.get(api_url, timeout=10)
except Exception as e: except Exception as e:
print("Error: " + str(e)) print("Error: " + str(e))
if current_app.features.has_smtp and not request_is_htmx(): if current_app.features.has_smtp and not request_is_htmx():
if form.user is not None: if form.user is not None:
user_name = form.user.user_name user_name = form.user.user_name
@ -113,10 +119,10 @@ def compromised_password_validator(form, field):
else: else:
user_name = form["user_name"].data user_name = form["user_name"].data
user_email = form["emails"].data[0] user_email = form["emails"].data[0]
for admin_email in emails_of_admins:
send_compromised_password_check_failure_mail( send_compromised_password_check_failure_mail(
api_url, user_name, user_email, hashed_password_suffix api_url, user_name, user_email, hashed_password_suffix, admin_email
) )
return None return None

5
canaille/core/mails.py
View file

@ -213,7 +213,7 @@ def send_registration_mail(email, registration_url):
def send_compromised_password_check_failure_mail( def send_compromised_password_check_failure_mail(
check_password_url, user_name, user_email, hashed_password check_password_url, user_name, user_email, hashed_password, admin_email
): ):
base_url = url_for("core.account.index", _external=True) base_url = url_for("core.account.index", _external=True)
logo_cid, logo_filename, logo_raw = logo() logo_cid, logo_filename, logo_raw = logo()
@ -244,8 +244,7 @@ def send_compromised_password_check_failure_mail(
return send_email( return send_email(
subject=subject, subject=subject,
# line to change with admin group mails.... recipient=admin_email,
recipient="sebastien@yaal.coop",
text=text_body, text=text_body,
html=html_body, html=html_body,
attachments=[(logo_cid, logo_filename, logo_raw)] if logo_filename else None, attachments=[(logo_cid, logo_filename, logo_raw)] if logo_filename else None,