scottk/Mailu
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu.git synced 2025-11-01 18:47:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow multiple IP addresses/networks to be set for tokens

Browse Source
This commit is contained in:
Florent Daigniere
2023-06-08 13:26:41 +02:00
parent 9299b68c62
commit 29cd857c5f
8 changed files with 40 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
core/admin/mailu/internal/nginx.py
View File

@@ -39,10 +39,13 @@ def check_credentials(user, password, ip, protocol=None, auth_port=None, source_
return True
if utils.is_app_token(password):
for token in user.tokens:
if (token.check_password(password) and
(not token.ip or token.ip == ip)):
if token.check_password(password):
if not token.ip or utils.is_ip_in_subnet(ip, token.ip):
app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: success: token-{token.id}: {token.comment or ""!r}')
return True
else:
app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: failed: badip: token-{token.id}: {token.comment or ""!r}')
return False # we can return directly here since the token is valid
if user.check_password(password):
app.logger.info(f'Login attempt for: {user}/{protocol}/{auth_port} from: {ip}/{source_port}: success: password')
return True