mirror of
https://github.com/simple-login/app.git
synced 2025-09-07 07:04:18 +08:00
Add more debug info
This commit is contained in:
Adrià Casajús
parent
2e4a86f9c0
commit
4bda49e7ad
2 changed files with 24 additions and 3 deletions
|
|
@ -60,15 +60,18 @@ def new_custom_alias_v2():
|
|||
|
||||
data = request.get_json()
|
||||
if not data:
|
||||
LOG.i(f"User {user} tried to create an alias with empty data")
|
||||
return jsonify(error="request body cannot be empty"), 400
|
||||
|
||||
alias_prefix = data.get("alias_prefix", "")
|
||||
if not isinstance(alias_prefix, str) or not alias_prefix:
|
||||
LOG.i(f"User {user} tried to create alias with invalid prefix")
|
||||
return jsonify(error="invalid value for alias_prefix"), 400
|
||||
|
||||
alias_prefix = alias_prefix.strip().lower().replace(" ", "")
|
||||
signed_suffix = data.get("signed_suffix", "")
|
||||
if not isinstance(signed_suffix, str) or not signed_suffix:
|
||||
LOG.i(f"User {user} tried to create alias with invalid signed_suffix")
|
||||
return jsonify(error="invalid value for signed_suffix"), 400
|
||||
|
||||
signed_suffix = signed_suffix.strip()
|
||||
|
|
@ -86,6 +89,7 @@ def new_custom_alias_v2():
|
|||
return jsonify(error="Tampered suffix"), 400
|
||||
|
||||
if not verify_prefix_suffix(user, alias_prefix, alias_suffix):
|
||||
LOG.i(f"User {user} tried to use invalid prefix or suffix")
|
||||
return jsonify(error="wrong alias prefix or suffix"), 400
|
||||
|
||||
full_alias = alias_prefix + alias_suffix
|
||||
|
|
@ -94,10 +98,11 @@ def new_custom_alias_v2():
|
|||
or DeletedAlias.get_by(email=full_alias)
|
||||
or DomainDeletedAlias.get_by(email=full_alias)
|
||||
):
|
||||
LOG.d("full alias already used %s", full_alias)
|
||||
LOG.d(f"full alias already used {full_alias} for user {user}")
|
||||
return jsonify(error=f"alias {full_alias} already exists"), 409
|
||||
|
||||
if ".." in full_alias:
|
||||
LOG.d(f"User {user} tried to create an alias with ..")
|
||||
return (
|
||||
jsonify(error="2 consecutive dot signs aren't allowed in an email address"),
|
||||
400,
|
||||
|
|
@ -111,6 +116,7 @@ def new_custom_alias_v2():
|
|||
note=note,
|
||||
)
|
||||
except EmailNotValidError:
|
||||
LOG.d(f"User {user} tried to create an alias with invalid email {full_alias}")
|
||||
return jsonify(error="Email is not valid"), 400
|
||||
|
||||
Session.commit()
|
||||
|
|
@ -161,20 +167,24 @@ def new_custom_alias_v3():
|
|||
|
||||
data = request.get_json()
|
||||
if not data:
|
||||
LOG.i(f"User {user} tried to create an alias with empty data")
|
||||
return jsonify(error="request body cannot be empty"), 400
|
||||
|
||||
if not isinstance(data, dict):
|
||||
LOG.i(f"User {user} tried to create an alias with invalid format")
|
||||
return jsonify(error="request body does not follow the required format"), 400
|
||||
|
||||
alias_prefix_data = data.get("alias_prefix", "") or ""
|
||||
|
||||
if not isinstance(alias_prefix_data, str):
|
||||
LOG.i(f"User {user} tried to create an alias with data as string")
|
||||
return jsonify(error="request body does not follow the required format"), 400
|
||||
|
||||
alias_prefix = alias_prefix_data.strip().lower().replace(" ", "")
|
||||
signed_suffix = data.get("signed_suffix", "") or ""
|
||||
|
||||
if not isinstance(signed_suffix, str):
|
||||
LOG.i(f"User {user} tried to create an alias with invalid signed_suffix")
|
||||
return jsonify(error="request body does not follow the required format"), 400
|
||||
|
||||
signed_suffix = signed_suffix.strip()
|
||||
|
|
@ -187,32 +197,39 @@ def new_custom_alias_v3():
|
|||
alias_prefix = convert_to_id(alias_prefix)
|
||||
|
||||
if not check_alias_prefix(alias_prefix):
|
||||
LOG.i(f"User {user} tried to create an alias with invalid prefix or too long")
|
||||
return jsonify(error="alias prefix invalid format or too long"), 400
|
||||
|
||||
# check if mailbox is not tempered with
|
||||
if not isinstance(mailbox_ids, list):
|
||||
LOG.i(f"User {user} tried to create an alias with invalid mailbox array")
|
||||
return jsonify(error="mailbox_ids must be an array of id"), 400
|
||||
mailboxes = []
|
||||
for mailbox_id in mailbox_ids:
|
||||
mailbox = Mailbox.get(mailbox_id)
|
||||
if not mailbox or mailbox.user_id != user.id or not mailbox.verified:
|
||||
LOG.i(f"User {user} tried to create an alias with invalid mailbox")
|
||||
return jsonify(error="Errors with Mailbox"), 400
|
||||
mailboxes.append(mailbox)
|
||||
|
||||
if not mailboxes:
|
||||
LOG.i(f"User {user} tried to create an alias with missing mailbox")
|
||||
return jsonify(error="At least one mailbox must be selected"), 400
|
||||
|
||||
# hypothesis: user will click on the button in the 600 secs
|
||||
try:
|
||||
alias_suffix = check_suffix_signature(signed_suffix)
|
||||
if not alias_suffix:
|
||||
LOG.i(f"User {user} tried to create an alias with expired suffix")
|
||||
LOG.w("Alias creation time expired for %s", user)
|
||||
return jsonify(error="Alias creation time is expired, please retry"), 412
|
||||
except Exception:
|
||||
LOG.i(f"User {user} tried to create an alias with tampered suffix")
|
||||
LOG.w("Alias suffix is tampered, user %s", user)
|
||||
return jsonify(error="Tampered suffix"), 400
|
||||
|
||||
if not verify_prefix_suffix(user, alias_prefix, alias_suffix):
|
||||
LOG.i(f"User {user} tried to create an alias with invalid prefix or suffix")
|
||||
return jsonify(error="wrong alias prefix or suffix"), 400
|
||||
|
||||
full_alias = alias_prefix + alias_suffix
|
||||
|
|
@ -221,10 +238,11 @@ def new_custom_alias_v3():
|
|||
or DeletedAlias.get_by(email=full_alias)
|
||||
or DomainDeletedAlias.get_by(email=full_alias)
|
||||
):
|
||||
LOG.d("full alias already used %s", full_alias)
|
||||
LOG.i(f"User {user} tried to create an alias with already used alias")
|
||||
return jsonify(error=f"alias {full_alias} already exists"), 409
|
||||
|
||||
if ".." in full_alias:
|
||||
LOG.i(f"User {user} tried to create an alias with ..")
|
||||
return (
|
||||
jsonify(error="2 consecutive dot signs aren't allowed in an email address"),
|
||||
400,
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ def new_random_alias():
|
|||
|
||||
# cannot use this alias as it belongs to another user
|
||||
if alias and not alias.user_id == user.id:
|
||||
LOG.d("%s belongs to another user", alias)
|
||||
LOG.i(f"User {user} tried to create an alias that belongs to another user")
|
||||
alias = None
|
||||
elif alias and alias.user_id == user.id:
|
||||
# make sure alias was created for this website
|
||||
|
|
@ -101,6 +101,9 @@ def new_random_alias():
|
|||
elif mode == "uuid":
|
||||
scheme = AliasGeneratorEnum.uuid.value
|
||||
else:
|
||||
LOG.i(
|
||||
f"User {user} tried to create a random alias with invalid word or uuid"
|
||||
)
|
||||
return jsonify(error=f"{mode} must be either word or uuid"), 400
|
||||
|
||||
alias = Alias.create_new_random(user=user, scheme=scheme, note=note)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue