modified: web/blueprints/group_admin.py
modified: web/blueprints/site_admin.py modified: web/mailer.py
This commit is contained in:
SimolZimol
@@ -7,7 +7,7 @@ from datetime import datetime, timedelta
|
|||||||
from functools import wraps
|
from functools import wraps
|
||||||
from flask import Blueprint, render_template, request, redirect, url_for, session, flash
|
from flask import Blueprint, render_template, request, redirect, url_for, session, flash
|
||||||
from config import Config
|
from config import Config
|
||||||
from mailer import send_mail, build_invite_email
|
from mailer import send_mail, build_invite_email, force_https_url
|
||||||
import panel_db as db
|
import panel_db as db
|
||||||
from roles import GROUP_MANAGEMENT_ROLES, GROUP_ROLE_OPTIONS, GROUP_ROLE_SET, OWNER_ONLY_ROLES, role_label
|
from roles import GROUP_MANAGEMENT_ROLES, GROUP_ROLE_OPTIONS, GROUP_ROLE_SET, OWNER_ONLY_ROLES, role_label
|
||||||
|
|
||||||
@@ -145,7 +145,7 @@ def member_invite():
|
|||||||
|
|
||||||
token = db.create_group_invite(group_id, username, email, role, session["user_id"])
|
token = db.create_group_invite(group_id, username, email, role, session["user_id"])
|
||||||
invite = db.get_invite_by_token(token)
|
invite = db.get_invite_by_token(token)
|
||||||
invite_url = url_for("auth.accept_invite", token=token, _external=True)
|
invite_url = force_https_url(url_for("auth.accept_invite", token=token, _external=True))
|
||||||
mail_settings = db.get_site_mail_settings()
|
mail_settings = db.get_site_mail_settings()
|
||||||
|
|
||||||
if mail_settings:
|
if mail_settings:
|
||||||
@@ -192,7 +192,7 @@ def resend_invite(invite_id):
|
|||||||
flash("No SMTP settings configured by Site Admin.", "danger")
|
flash("No SMTP settings configured by Site Admin.", "danger")
|
||||||
return redirect(url_for("group_admin.members"))
|
return redirect(url_for("group_admin.members"))
|
||||||
|
|
||||||
invite_url = url_for("auth.accept_invite", token=invite["token"], _external=True)
|
invite_url = force_https_url(url_for("auth.accept_invite", token=invite["token"], _external=True))
|
||||||
subject = f"Invitation to join {session.get('group_name', 'your group')}"
|
subject = f"Invitation to join {session.get('group_name', 'your group')}"
|
||||||
text_body, html_body = build_invite_email(
|
text_body, html_body = build_invite_email(
|
||||||
username=invite["invited_username"],
|
username=invite["invited_username"],
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ from functools import wraps
|
|||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
from flask import Blueprint, render_template, request, redirect, url_for, session, flash
|
from flask import Blueprint, render_template, request, redirect, url_for, session, flash
|
||||||
from config import Config
|
from config import Config
|
||||||
from mailer import send_mail, build_invite_email
|
from mailer import send_mail, build_invite_email, force_https_url
|
||||||
import panel_db as db
|
import panel_db as db
|
||||||
from roles import GROUP_MANAGEMENT_ROLES, GROUP_ROLE_OPTIONS, GROUP_ROLE_SET, role_label
|
from roles import GROUP_MANAGEMENT_ROLES, GROUP_ROLE_OPTIONS, GROUP_ROLE_SET, role_label
|
||||||
|
|
||||||
@@ -278,7 +278,7 @@ def group_member_invite(group_id):
|
|||||||
|
|
||||||
token = db.create_group_invite(group_id, username, email, role, session["user_id"])
|
token = db.create_group_invite(group_id, username, email, role, session["user_id"])
|
||||||
invite = db.get_invite_by_token(token)
|
invite = db.get_invite_by_token(token)
|
||||||
invite_url = url_for("auth.accept_invite", token=token, _external=True)
|
invite_url = force_https_url(url_for("auth.accept_invite", token=token, _external=True))
|
||||||
mail_settings = db.get_site_mail_settings()
|
mail_settings = db.get_site_mail_settings()
|
||||||
|
|
||||||
if mail_settings:
|
if mail_settings:
|
||||||
@@ -329,7 +329,7 @@ def group_invite_resend(group_id, invite_id):
|
|||||||
if not mail_settings:
|
if not mail_settings:
|
||||||
flash("No SMTP settings configured.", "danger")
|
flash("No SMTP settings configured.", "danger")
|
||||||
return redirect(url_for("site_admin.group_members", group_id=group_id))
|
return redirect(url_for("site_admin.group_members", group_id=group_id))
|
||||||
invite_url = url_for("auth.accept_invite", token=invite["token"], _external=True)
|
invite_url = force_https_url(url_for("auth.accept_invite", token=invite["token"], _external=True))
|
||||||
subject = f"Invitation to join {group['name']}"
|
subject = f"Invitation to join {group['name']}"
|
||||||
text_body, html_body = build_invite_email(
|
text_body, html_body = build_invite_email(
|
||||||
username=invite["invited_username"],
|
username=invite["invited_username"],
|
||||||
@@ -394,7 +394,7 @@ def user_new():
|
|||||||
effective_role = role if group_id else "member"
|
effective_role = role if group_id else "member"
|
||||||
token = db.create_group_invite(group_id, username, email, effective_role,
|
token = db.create_group_invite(group_id, username, email, effective_role,
|
||||||
session["user_id"], is_site_admin=is_site_admin)
|
session["user_id"], is_site_admin=is_site_admin)
|
||||||
invite_url = url_for("auth.accept_invite", token=token, _external=True)
|
invite_url = force_https_url(url_for("auth.accept_invite", token=token, _external=True))
|
||||||
mail_settings = db.get_site_mail_settings()
|
mail_settings = db.get_site_mail_settings()
|
||||||
|
|
||||||
if mail_settings:
|
if mail_settings:
|
||||||
@@ -460,7 +460,7 @@ def user_invite_resend(invite_id):
|
|||||||
if not mail_settings:
|
if not mail_settings:
|
||||||
flash("No SMTP settings configured.", "danger")
|
flash("No SMTP settings configured.", "danger")
|
||||||
return redirect(url_for("site_admin.users"))
|
return redirect(url_for("site_admin.users"))
|
||||||
invite_url = url_for("auth.accept_invite", token=invite["token"], _external=True)
|
invite_url = force_https_url(url_for("auth.accept_invite", token=invite["token"], _external=True))
|
||||||
if invite["group_id"]:
|
if invite["group_id"]:
|
||||||
group = db.get_group_by_id(invite["group_id"])
|
group = db.get_group_by_id(invite["group_id"])
|
||||||
subject = f"Invitation to join {group['name']}"
|
subject = f"Invitation to join {group['name']}"
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
import smtplib
|
import smtplib
|
||||||
from html import escape
|
from html import escape
|
||||||
from email.message import EmailMessage
|
from email.message import EmailMessage
|
||||||
|
from email.utils import formatdate, make_msgid
|
||||||
|
|
||||||
from config import Config
|
from config import Config
|
||||||
|
|
||||||
@@ -11,6 +12,12 @@ def build_from_header(from_email: str, from_name: str | None = None) -> str:
|
|||||||
return from_email
|
return from_email
|
||||||
|
|
||||||
|
|
||||||
|
def force_https_url(url: str) -> str:
|
||||||
|
if url.startswith("http://"):
|
||||||
|
return "https://" + url[len("http://"):]
|
||||||
|
return url
|
||||||
|
|
||||||
|
|
||||||
def build_invite_email(
|
def build_invite_email(
|
||||||
username: str,
|
username: str,
|
||||||
invite_url: str,
|
invite_url: str,
|
||||||
@@ -85,6 +92,9 @@ def send_mail(settings: dict, recipient: str, subject: str, text_body: str, html
|
|||||||
msg["Subject"] = subject
|
msg["Subject"] = subject
|
||||||
msg["From"] = build_from_header(settings["from_email"], settings.get("from_name"))
|
msg["From"] = build_from_header(settings["from_email"], settings.get("from_name"))
|
||||||
msg["To"] = recipient
|
msg["To"] = recipient
|
||||||
|
msg["Date"] = formatdate(localtime=True)
|
||||||
|
sender_domain = (settings.get("from_email", "noreply@example.com").split("@")[-1] or "example.com")
|
||||||
|
msg["Message-ID"] = make_msgid(domain=sender_domain)
|
||||||
msg.set_content(text_body)
|
msg.set_content(text_body)
|
||||||
if html_body:
|
if html_body:
|
||||||
msg.add_alternative(html_body, subtype="html")
|
msg.add_alternative(html_body, subtype="html")
|
||||||
|
|||||||
Reference in New Issue
Block a user