nodemailer/wildduck
1
1
Fork 0
mirror of https://github.com/nodemailer/wildduck.git synced 2024-09-20 07:16:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

allow to use predefined asp passwords

Browse source
This commit is contained in:
Andris Reinman 2021-06-04 10:34:26 +03:00
parent f633e3a89d
commit d95f4fe4cd
4 changed files with 55 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
docs/api/openapi.yml
View file

@ -5003,6 +5003,9 @@ components:
address:
type: string
description: E-mail address to be used as the account address in mobileconfig file. Must be one of the listed identity addresses of the user. Defaults to the main address of the user
password:
type: string
description: Optional pregenerated password. Must be 16 characters, latin letters only.
ttl:
type: number
description: 'TTL in seconds for this password. Every time password is used, TTL is reset to this value'

3
lib/api/asps.js
View file

@ -230,6 +230,9 @@ module.exports = (db, server, userHandler) => {
)
.unique(),
address: Joi.string().empty('').email({ tlds: false }),
password: Joi.string()
.empty('')
.pattern(/^[a-z]{16}$/, { name: 'password' }),
generateMobileconfig: booleanSchema.default(false),
ttl: Joi.number().empty([0, '']),
sess: sessSchema,

14
lib/user-handler.js
View file

@ -1088,12 +1088,14 @@ class UserHandler {
}
async generateASP(user, data) {
let password = generatePassword.generate({
length: 16,
uppercase: false,
numbers: false,
symbols: false
});
let password =
data.password ||
generatePassword.generate({
length: 16,
uppercase: false,
numbers: false,
symbols: false
});
// We need a quick hash key that can be used to identify the password.
// Otherwise, when authenticating, we'd need to check the password against all stored bcrypt
// hashes which would make forever if the user has a longer list of application specific passwords

41
test/api-test.js
View file

@ -151,6 +151,35 @@ describe('API tests', function () {
asp = response.body.password;
});
it('should POST /users/:user/asps to generate ASP with custom password', async () => {
const response = await server
.post(`/users/${userId}/asps`)
.send({
description: 'test',
scopes: ['imap', 'smtp'],
generateMobileconfig: true,
password: 'a'.repeat(16)
})
.expect(200);
expect(response.body.error).to.not.exist;
expect(response.body.success).to.be.true;
expect(response.body.password).to.equal('a'.repeat(16));
expect(response.body.mobileconfig).to.exist;
});
it('should fail POST /users/:user/asps to generate ASP with custom password', async () => {
const response = await server
.post(`/users/${userId}/asps`)
.send({
description: 'test',
scopes: ['imap', 'smtp'],
generateMobileconfig: true,
password: '0'.repeat(16)
})
.expect(400);
expect(response.body.error).to.exist;
});
it('should POST /authenticate using ASP and allowed scope', async () => {
const response = await server
.post(`/authenticate`)
@ -163,6 +192,18 @@ describe('API tests', function () {
expect(response.body.success).to.be.true;
});
it('should POST /authenticate using ASP and allowed scope with custom password', async () => {
const response = await server
.post(`/authenticate`)
.send({
username: 'testuser@jõgeva.öö',
password: 'a'.repeat(16),
scope: 'imap'
})
.expect(200);
expect(response.body.success).to.be.true;
});
it('should POST /authenticate with failure using ASP and master scope', async () => {
const response = await server
.post(`/authenticate`)