Replace deprecated logger.warn calls with logger.warning for consistency

Some files were not included due to currently being refactored

core/admin/mailu/api/common.py

@@ -27,7 +27,7 @@ def api_token_authorization(func):
             abort(401, 'A valid Authorization header is mandatory')
         if len(v1.api_token) < 4 or not hmac.compare_digest(request.headers.get('Authorization').removeprefix('Bearer '), v1.api_token):
             utils.limiter.rate_limit_ip(client_ip)
-            flask.current_app.logger.warn(f'Invalid API token provided by {client_ip}.')
+            flask.current_app.logger.warning(f'Invalid API token provided by {client_ip}.')
             abort(403, 'Invalid API token')
         flask.current_app.logger.info(f'Valid API token provided by {client_ip}.')
         return func(*args, **kwds)

core/admin/mailu/internal/nginx.py

@@ -102,13 +102,13 @@ def handle_authentication(headers):
             password = urllib.parse.unquote(headers["Auth-Pass"])
             ip = urllib.parse.unquote(headers["Client-Ip"])
         except:
-            app.logger.warn(f'Received undecodable user/password from front: {headers.get("Auth-User", "")!r}')
+            app.logger.warning(f'Received undecodable user/password from front: {headers.get("Auth-User", "")!r}')
         else:
             try:
                 user = models.User.query.get(user_email) if '@' in user_email else None
             except sqlalchemy.exc.StatementError as exc:
                 exc = str(exc).split('\n', 1)[0]
-                app.logger.warn(f'Invalid user {user_email!r}: {exc}')
+                app.logger.warning(f'Invalid user {user_email!r}: {exc}')
             else:
                 is_valid_user = user is not None
                 ip = urllib.parse.unquote(headers["Client-Ip"])

core/admin/mailu/internal/views/auth.py

@@ -103,7 +103,7 @@ def basic_authentication():
             user = models.User.query.get(user_email) if '@' in user_email else None
         except sqlalchemy.exc.StatementError as exc:
             exc = str(exc).split('\n', 1)[0]
-            app.logger.warn(f'Invalid user {user_email!r}: {exc}')
+            app.logger.warning(f'Invalid user {user_email!r}: {exc}')
         else:
             if user is not None and nginx.check_credentials(user, password.decode('utf-8'), client_ip, "web", flask.request.headers.get('X-Real-Port', None), user_email):
                 response = flask.Response()

core/admin/mailu/limiter.py

@@ -49,7 +49,7 @@ class LimitWraperFactory(object):
         client_network = utils.extract_network_from_ip(ip)
         is_rate_limited = self.is_subject_to_rate_limits(ip) and not limiter.test(client_network)
         if is_rate_limited:
-            app.logger.warn(f'Authentication attempt from {ip} has been rate-limited.')
+            app.logger.warning(f'Authentication attempt from {ip} has been rate-limited.')
         return is_rate_limited
 
     def rate_limit_ip(self, ip, username=None):
@@ -65,7 +65,7 @@ class LimitWraperFactory(object):
         limiter = self.get_limiter(app.config["AUTH_RATELIMIT_USER"], 'auth-user')
         is_rate_limited = self.is_subject_to_rate_limits(ip) and not limiter.test(device_cookie if device_cookie_name == username else username)
         if is_rate_limited:
-            app.logger.warn(f'Authentication attempt from {ip} for {username} has been rate-limited.')
+            app.logger.warning(f'Authentication attempt from {ip} for {username} has been rate-limited.')
         return is_rate_limited
 
     def rate_limit_user(self, username, ip, device_cookie=None, device_cookie_name=None, password=''):
@@ -78,10 +78,10 @@ class LimitWraperFactory(object):
             limiter.hit(device_cookie if device_cookie_name == username else username)
             self.rate_limit_ip(ip, username)
 
-    """ Device cookies as described on:
-    https://owasp.org/www-community/Slow_Down_Online_Guessing_Attacks_with_Device_Cookies
-    """
-    def parse_device_cookie(self, cookie):
+    def parse_device_cookie(self, cookie: str):
+        """ Device cookies as described on:
+        https://owasp.org/www-community/Slow_Down_Online_Guessing_Attacks_with_Device_Cookies
+        """
         try:
             login, nonce, _ = cookie.split('$')
             if hmac.compare_digest(cookie, self.device_cookie(login, nonce)):
@@ -90,11 +90,11 @@ class LimitWraperFactory(object):
             pass
         return None, None
 
-    """ Device cookies don't require strong crypto:
-        72bits of nonce, 96bits of signature is more than enough
-        and these values avoid padding in most cases
-    """
     def device_cookie(self, username, nonce=None):
+        """ Device cookies don't require strong crypto:
+            72bits of nonce, 96bits of signature is more than enough
+            and these values avoid padding in most cases
+        """
         if not nonce:
             nonce = secrets.token_urlsafe(9)
         sig = str(base64.urlsafe_b64encode(hmac.new(app.device_cookie_key, bytearray(f'device_cookie|{username}|{nonce}', 'utf-8'), 'sha256').digest()[20:]), 'utf-8')

core/base/libs/socrate/socrate/system.py

@@ -19,7 +19,7 @@ def resolve_hostname(hostname):
     try:
         return sorted(socket.getaddrinfo(hostname, None, socket.AF_UNSPEC, socket.SOCK_STREAM, 0, socket.AI_PASSIVE), key=lambda s:s[0])[0][4][0]
     except Exception as e:
-        log.warn("Unable to lookup '%s': %s",hostname,e)
+        log.warning("Unable to lookup '%s': %s",hostname,e)
         raise e
 
 def _coerce_value(value):