ashpie/rainbox.email
ashpie/rainbox.email
1
0
Fork 0
Code Issues Pull Requests Releases 4 Wiki Activity

Merge branch 'develop'

Browse Source
This commit is contained in:
Alice Gaudon 2020-11-10 15:36:34 +01:00
commit a645c2dc96
12 changed files with 218 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@ -8,12 +8,12 @@ Please feel free to contribute by making issues, bug reports and pull requests.
## /!\ THIS PROJECT STILL LACKS ESSENTIAL FEATURES SUCH AS: /!\
- Change password
- Password recovery (recovery emails are unused yet)
- Quota management
- Editable terms of service
- Complex permissions system
- Redirections (can be manually setup with sql queries)
- [x] ~~Change password~~
- [ ] Password recovery (recovery emails are unused yet)
- [ ] Quota management
- [ ] Editable terms of service
- [ ] Complex permissions system
- [ ] Redirections (can be manually setup with sql queries)
- Probably many others, please make an issue so I can add them to this list
## How does it work?
@ -31,7 +31,7 @@ Note that a user only has one mailbox once they create their first address and c
### Requirements
- mariadb (for the mysql database that will be operated)
- redis (cache) (this may go as I think I'm not using it at all, but it won't start without it yet)
- redis (session, cache)
- A working mail smtp server (to send emails)
- git and yarn for updates

8
assets/sass/app.scss
View File

@ -12,10 +12,6 @@ td.actions {
justify-content: center;
align-items: center;
> *:not(:first-child) {
margin-left: 8px;
}
form {
padding: 0;
display: inline;
@ -29,6 +25,10 @@ td.actions {
margin-right: 0;
}
}
> *:not(:first-child) {
margin-left: 8px;
}
}
body > header {

2
package.json
View File

@ -1,6 +1,6 @@
{
"name": "rainbox.email",
"version": "2.1.2",
"version": "2.2.0",
"description": "ISP mail provider manager with mysql and integrated LDAP server",
"repository": "https://gitlab.com/ArisuOngaku/rainbox.email",
"author": "Alice Gaudon <alice@gaudon.pro>",

6
src/App.ts
View File

@ -19,7 +19,6 @@ import AuthGuard from "wms-core/auth/AuthGuard";
import {PasswordAuthProof} from "./models/UserPasswordComponent";
import LDAPServerComponent from "./LDAPServerComponent";
import AutoUpdateComponent from "wms-core/components/AutoUpdateComponent";
import packageJson = require('../package.json');
import DummyMigration from "wms-core/migrations/DummyMigration";
import DropLegacyLogsTable from "wms-core/migrations/DropLegacyLogsTable";
import AccountController from "./controllers/AccountController";
@ -37,9 +36,11 @@ import DropNameFromUsers from "wms-core/auth/migrations/DropNameFromUsers";
import MagicLink from "wms-core/auth/models/MagicLink";
import AddNameToUsers from "./migrations/AddNameToUsers";
import CreateMailTables from "./migrations/CreateMailTables";
import MailboxBackendController from "./controllers/MailboxBackendController";
import MailboxBackendController from "./controllers/backend/MailboxBackendController";
import RedirectBackComponent from "wms-core/components/RedirectBackComponent";
import MailAutoConfigController from "./controllers/MailAutoConfigController";
import AccountBackendController from "./controllers/backend/AccountBackendController";
import packageJson = require('../package.json');
export default class App extends Application {
private magicLinkWebSocketListener?: MagicLinkWebSocketListener<this>;
@ -136,6 +137,7 @@ export default class App extends Application {
this.use(new MagicLinkController(this.as(MagicLinkWebSocketListener)));
this.use(new BackendController());
this.use(new MailboxBackendController());
this.use(new AccountBackendController());
this.use(new AuthController());
this.use(new MailAutoConfigController()); // Needs to override MailController

26
src/controllers/AccountController.ts
View File

@ -12,6 +12,7 @@ import UserMailIdentityComponent from "../models/UserMailIdentityComponent";
import MailIdentity from "../models/MailIdentity";
import UserNameComponent from "../models/UserNameComponent";
import {WhereOperator, WhereTest} from "wms-core/db/ModelQuery";
import UserPasswordComponent from "../models/UserPasswordComponent";
export default class AccountController extends Controller {
public getRoutesPrefix(): string {
@ -20,6 +21,9 @@ export default class AccountController extends Controller {
public routes(): void {
this.get('/', this.getAccount, 'account', RequireAuthMiddleware);
this.post('/change-password', this.postChangePassword, 'change-password', RequireAuthMiddleware);
this.post('/add-recovery-email', this.addRecoveryEmail, 'add-recovery-email', RequireAuthMiddleware);
this.post('/set-main-email', this.postSetMainRecoveryEmail, 'set-main-recovery-email', RequireAuthMiddleware);
this.post('/remove-email', this.postRemoveRecoveryEmail, 'remove-recovery-email', RequireAuthMiddleware);
@ -33,6 +37,7 @@ export default class AccountController extends Controller {
const userMailIdentity = user.as(UserMailIdentityComponent);
res.render('account', {
main_email: await user.mainEmail.get(),
emails: await user.emails.get(),
mailboxIdentity: await (await userMailIdentity.mainMailIdentity.get())?.toEmail(),
identities: await Promise.all((await userMailIdentity.mailIdentities.get()).map(async identity => ({
@ -51,6 +56,27 @@ export default class AccountController extends Controller {
});
}
protected async postChangePassword(req: Request, res: Response): Promise<void> {
await this.validate({
'current_password': new Validator().defined(),
'new_password': new Validator().defined(),
'new_password_confirmation': new Validator().sameAs('new_password', req.body.new_password),
}, req.body);
const user = req.as(RequireAuthMiddleware).getUser();
if (!await user.as(UserPasswordComponent).verifyPassword(req.body.current_password)) {
req.flash('error', 'Invalid current password.');
res.redirectBack(Controller.route('account'));
return;
}
await user.as(UserPasswordComponent).setPassword(req.body.new_password, 'new_password');
await user.save();
req.flash('success', 'Password change successfully.');
res.redirectBack(Controller.route('account'));
}
protected async addRecoveryEmail(req: Request, res: Response): Promise<void> {
await this.validate({
email: new Validator().defined().regexp(EMAIL_REGEX),

65
src/controllers/backend/AccountBackendController.ts Normal file
View File

@ -0,0 +1,65 @@
import Controller from "wms-core/Controller";
import BackendController from "wms-core/helpers/BackendController";
import {RequireAdminMiddleware, RequireAuthMiddleware} from "wms-core/auth/AuthComponent";
import {Request, Response} from "express";
import User from "wms-core/auth/models/User";
import {NotFoundHttpError} from "wms-core/HttpError";
import Validator from "wms-core/db/Validator";
import UserPasswordComponent from "../../models/UserPasswordComponent";
import UserNameComponent from "../../models/UserNameComponent";
export default class AccountBackendController extends Controller {
public constructor() {
super();
BackendController.registerMenuElement({
getLink: async () => Controller.route('backend-list-users'),
getDisplayString: async () => 'Users',
getDisplayIcon: async () => 'user',
});
}
public getRoutesPrefix(): string {
return '/backend/users';
}
public routes(): void {
this.get('/', this.getListUsers, 'backend-list-users', RequireAuthMiddleware, RequireAdminMiddleware);
this.get('/:user_id/change-password', this.getChangeUserPassword, 'backend-change-user-password', RequireAuthMiddleware, RequireAdminMiddleware);
this.post('/:user_id/change-password', this.postChangeUserPassword, 'backend-change-user-password', RequireAuthMiddleware, RequireAdminMiddleware);
}
protected async getListUsers(req: Request, res: Response): Promise<void> {
res.render('backend/users', {
accounts: await User.select()
.with('mainEmail')
.get(),
});
}
protected async getChangeUserPassword(req: Request, res: Response): Promise<void> {
const user = await User.getById(req.params.user_id);
if (!user) throw new NotFoundHttpError('user', req.url);
res.render('backend/users-change-password', {
user: user,
});
}
protected async postChangeUserPassword(req: Request, res: Response): Promise<void> {
const user = await User.getById(req.params.user_id);
if (!user) throw new NotFoundHttpError('user', req.url);
await this.validate({
'new_password': new Validator().defined(),
'new_password_confirmation': new Validator().sameAs('new_password', req.body.new_password),
}, req.body);
await user.as(UserPasswordComponent).setPassword(req.body.new_password, 'new_password');
await user.save();
req.flash('success', `New password set for ${user.as(UserNameComponent).name}`);
res.redirect(Controller.route('backend-list-users'));
}
}

9
src/controllers/MailboxBackendController.ts → src/controllers/backend/MailboxBackendController.ts
View File

@ -2,12 +2,12 @@ import Controller from "wms-core/Controller";
import {Request, Response} from "express";
import User from "wms-core/auth/models/User";
import {WhereTest} from "wms-core/db/ModelQuery";
import UserNameComponent from "../models/UserNameComponent";
import UserMailIdentityComponent from "../models/UserMailIdentityComponent";
import UserNameComponent from "../../models/UserNameComponent";
import UserMailIdentityComponent from "../../models/UserMailIdentityComponent";
import {NotFoundHttpError} from "wms-core/HttpError";
import MailDomain from "../models/MailDomain";
import MailDomain from "../../models/MailDomain";
import BackendController from "wms-core/helpers/BackendController";
import MailIdentity from "../models/MailIdentity";
import MailIdentity from "../../models/MailIdentity";
import {RequireAdminMiddleware, RequireAuthMiddleware} from "wms-core/auth/AuthComponent";
export default class MailboxBackendController extends Controller {
@ -86,6 +86,7 @@ export default class MailboxBackendController extends Controller {
res.render('backend/mailbox', {
mailbox: {
id: user.id,
userName: user.as(UserNameComponent).name,
name: await mainMailIdentity?.toEmail() || 'Not created.',
},
domains: mailDomains.map(d => ({

4
src/models/UserPasswordComponent.ts
View File

@ -11,9 +11,9 @@ export default class UserPasswordComponent extends ModelComponent<User> {
this.setValidation('password').acceptUndefined().maxLength(128);
}
public async setPassword(rawPassword: string): Promise<void> {
public async setPassword(rawPassword: string, fieldName: string = 'password'): Promise<void> {
await new Validator<string>().defined().minLength(8).maxLength(512)
.execute('password', rawPassword, true);
.execute(fieldName, rawPassword, true);
this.password = await argon2.hash(rawPassword, {
timeCost: 10,
memoryCost: 65536,

27
views/account.njk
View File

@ -4,12 +4,33 @@
{% block body %}
<main class="container">
<div class="panel">
<i data-feather="user"></i>
<h1>My account</h1>
{% if emails | length <= 0 %}
{{ macros.message('warning', 'To avoid losing access to your account, please add a recovery email address.') }}
{% endif %}
<section class="panel">
<h2><i data-feather="user"></i> Personnal info</h2>
<p>Name: {{ user.name }}</p>
</div>
<p>Contact email: {{ main_email.email | default('-') }}</p>
</section>
<section class="panel">
<h2><i data-feather="key"></i> Change password</h2>
<form action="{{ route('change-password') }}" method="POST">
{{ macros.field(_locals, 'password', 'current_password', null, 'Current password') }}
{{ macros.field(_locals, 'password', 'new_password', null, 'New password') }}
{{ macros.field(_locals, 'password', 'new_password_confirmation', null, 'New password confirmation') }}
<button type="submit"><i data-feather="save"></i> Save</button>
{{ macros.csrf(getCsrfToken) }}
</form>
</section>
<section class="panel">
<h2><i data-feather="shield"></i> Recovery email addresses</h2>

10
views/backend/mailbox.njk
View File

@ -4,14 +4,14 @@
{% block body %}
<div class="container">
{{ macros.breadcrumb(mailbox.name, [
{{ macros.breadcrumb(mailbox.userName + ' - ' + mailbox.name, [
{title: 'Backend', link: route('backend')},
{title: 'Mailboxes', link: route('backend-mailboxes')}
]) }}
<h1>Mailbox: {{ mailbox.userName }} - {{ mailbox.name }}</h1>
<div class="panel">
<i data-feather="mail"></i>
<h1>Mailbox: {{ mailbox.name }}</h1>
<section class="panel">
<h2><i data-feather="mail"></i> Identities</h2>
<table class="data-table">
<thead>
@ -57,6 +57,6 @@
{{ macros.csrf(getCsrfToken) }}
</form>
</div>
</section>
</div>
{% endblock %}

27
views/backend/users-change-password.njk Normal file
View File

@ -0,0 +1,27 @@
{% extends 'layouts/base.njk' %}
{% set title = app.name + ' - Backend' %}
{% block body %}
<div class="container">
{{ macros.breadcrumb('Change ' + user.name + '\'s password', [
{title: 'Backend', link: route('backend')},
{title: 'Users', link: route('backend-list-users')}
]) }}
<h1>Accounts manager</h1>
<section class="panel">
<h2><i data-feather="key"></i> Change {{ user.name }}'s password</h2>
<form action="{{ route('backend-change-user-password', user.id) }}" method="POST">
{{ macros.field(_locals, 'password', 'new_password', null, 'New password') }}
{{ macros.field(_locals, 'password', 'new_password_confirmation', null, 'New password confirmation') }}
<button type="submit"><i data-feather="save"></i> Save</button>
{{ macros.csrf(getCsrfToken) }}
</form>
</section>
</div>
{% endblock %}

47
views/backend/users.njk Normal file
View File

@ -0,0 +1,47 @@
{% extends 'layouts/base.njk' %}
{% set title = app.name + ' - Backend' %}
{% block body %}
<div class="container">
{{ macros.breadcrumb('Users', [
{title: 'Backend', link: route('backend')}
]) }}
<h1>Accounts manager</h1>
<section class="panel">
<h2><i data-feather="user"></i> Accounts</h2>
<table class="data-table">
<thead>
<tr>
<th>#</th>
<th>Name</th>
<th>Email</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
{% for account in accounts %}
<tr>
<td>{{ account.id }}</td>
<td>{{ account.name }}</td>
<td>{{ account.mainEmail.getOrFail().email | default('-') }}</td>
<td class="actions">
<a href="{{ route('backend-change-user-password', account.id) }}" class="button">
<i data-feather="key"></i> <span class="tip">Change password</span>
</a>
<a href="{{ route('backend-mailbox', account.id) }}" class="button">
<i data-feather="mail"></i> <span class="tip">Edit mailbox</span>
</a>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</section>
</div>
{% endblock %}