ale/docker-compose-hatthieves
2
Fork 0
Código Incidencias Pull Requests Lanzamientos Wiki Actividad

haraka-wildduck

Explorar el Código
Este commit está contenido en:
Your Name
2020-05-27 17:51:39 +00:00
padre 31d55bf967
commit d44513dbd8
Se han modificado 163 ficheros con 8169 adiciones y 0 borrados
Descargar archivo de parche Descargar archivo de diferencias Expandir todos los archivos Contraer todos los archivos

131
production/haraka-wildduck/webmail/views/account/security/2fa.hbs Archivo normal
Ver fichero

@@ -0,0 +1,131 @@
<div class="row">
<div class="col-md-12">
<h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
</div>
</div>
<div class="row">
<div class="col-md-12">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
{{> securitymenu}}
</ul>
<div class="tab-content">
<div role="tabpanel" class="tab-pane active" id="overview">
<p>&nbsp;</p>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Two factor authentication</h3>
</div>
<div class="panel-body">
<p>
If two-factor authentication is enabled then you will be required to enter a code from an authenticator app when logging in.
TOTP compatible authenticator app like Google Authenticator is needed to use two-factor authentication.
</p>
<p>
<a href='https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&pcampaignid=MKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1' style="display:inline-block;overflow:hidden;background:url(/images/en_badge_web_generic.png) no-repeat;width:135px;height:40px;background-size:contain;background-position: center;" target="_blank"></a>
<a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8" style="display:inline-block;overflow:hidden;background:url(//linkmaker.itunes.apple.com/assets/shared/badges/en-us/appstore-lrg.svg) no-repeat;width:135px;height:40px;background-size:contain;" target="_blank"></a>
</p>
<p>
External applications can not access IMAP, POP3 ja SMTP using the account password if two-factor authentication is enabled. <a href="/account/security/asps">Application specific passwords</a> must be generated instead for these applications.
</p>
</div>
<table class="table table-responsive">
<tr>
<td>
{{#if enabled2fa}}
Two factor authentication is <span class="label label-success"><span class="glyphicon glyphicon-qrcode" aria-hidden="true"></span> Enabled</span>
{{else}}
Two factor authentication is <span class="label label-default"><span class="glyphicon glyphicon-qrcode" aria-hidden="true"></span> Disabled</span>
{{/if}}
</td>
<td class="text-right">
{{#if enabled2fa}}
<button type="button" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-minus-sign" aria-hidden="true"></span> Disable</button>
{{else}}
<form method="post" id="enable-2fa" action="/account/security/2fa/enable-totp">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<button type="submit" class="btn btn-success btn-xs"><span class="glyphicon glyphicon-plus-sign" aria-hidden="true"></span> Enable</button>
</form>
{{/if}}
</td>
</tr>
{{#if enabled2fa}}
<tr>
<td>
{{#if enabledU2f}}
U2F security key is <span class="label label-success"><span class="glyphicon glyphicon-flash" aria-hidden="true"></span> Enabled</span>
{{else}}
U2F security key is <span class="label label-default"><span class="glyphicon glyphicon-flash" aria-hidden="true"></span> Disabled</span>
{{/if}}
</td>
<td class="text-right">
{{#if enabledU2f}}
<button type="button" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#revokeModal"><span class="glyphicon glyphicon-minus-sign" aria-hidden="true"></span> Disable</button>
{{else}}
<form method="post" id="enable-u2f" action="/account/security/2fa/enable-u2f">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<button type="submit" class="btn btn-success btn-xs"><span class="glyphicon glyphicon-plus-sign" aria-hidden="true"></span> Enable</button>
</form>
{{/if}}
</td>
</tr>
{{/if}}
</table>
</div>
</div>
</div>
</div>
</div>
<!-- Modal -->
<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title" id="deleteModalLabel">Disable 2FA</h4>
</div>
<div class="modal-body">
Are you sure you want to disable two factor authentication?
</div>
<div class="modal-footer">
<form method="post" action="/account/security/2fa/disable-totp">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
<button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, disable</button>
</form>
</div>
</div>
</div>
</div>
<div class="modal" id="revokeModal" tabindex="-1" role="dialog" aria-labelledby="revokeModalLabel">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title" id="revokeModalLabel">Revoke key</h4>
</div>
<div class="modal-body">
Are you sure you want to revoke U2F security key?
</div>
<div class="modal-footer">
<form method="post" action="/account/security/2fa/disable-u2f">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
<button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, revoke</button>
</form>
</div>
</div>
</div>
</div>

35
production/haraka-wildduck/webmail/views/account/security/asp.hbs Archivo normal
Ver fichero

@@ -0,0 +1,35 @@
<form method="post" id="generate-autoconfig" action="/account/autoconfig">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<input type="hidden" name="password" value="{{password}}">
</form>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Application specific password</h3>
</div>
<div class="panel-body">
<p>
Use the generated password in external application for IMAP, POP3 or SMTP
</p>
<p>
<strong>{{description}}</strong>
</p>
<p class="lead bg-info text-center">
{{passwordFormatted}}
</p>
<p>
For OSX and iOS you can download configuration profile to auto-configure your email application
</p>
<p>
<div class="pull-right">
<a href="data:application/x-apple-aspen-config;base64,{{mobileconfig}}" download="{{user.username}}.mobileconfig" class="btn btn-info btn-xs"><span class="glyphicon glyphicon-cloud-download" aria-hidden="true"></span> OSX / iOS</a>
</div>
<a href="/account/security/asps"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Go back</a>
</p>
</div>
</div>

151
production/haraka-wildduck/webmail/views/account/security/asps.hbs Archivo normal
Ver fichero

@@ -0,0 +1,151 @@
<div class="row">
<div class="col-md-12">
<h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
</div>
</div>
<div class="row">
<div class="col-md-12">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
{{> securitymenu}}
</ul>
<div class="tab-content">
<div role="tabpanel" class="tab-pane active" id="overview">
<p>&nbsp;</p>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Application specific passwords</h3></div>
<div class="panel-body">
<p>Here are listed passwords generated for specific applications. If the password is leaked then delete it and generate a new one.</p>
<p>
Application Specific Passwords must be used for external applications if two factor authentication is enabled.
</p>
</div>
<table class="table table-responsive">
<thead>
<tr>
<th>
#
</th>
<th>
Description
</th>
<th>
Created
</th>
<th>
Used
</th>
<th>
&nbsp;
</th>
</tr>
</thead>
<tbody>
{{#if asps}}
{{#each asps}}
<tr>
<th>
{{index}}
</th>
<td>
{{description}}
</td>
<td class="datestring" title="{{created}}">
{{created}}
</td>
<td>
{{#if lastUse.time}}
<a href="/account/security/events?event={{lastUse.event}}"><span class="datestring" title="{{lastUse.time}}">{{lastUse.time}}</span></a>
{{else}}
never
{{/if}}
</td>
<td>
<div class="pull-right">
<button type="button" data-asp="{{id}}" class="btn btn-danger btn-xs" data-toggle="modal" data-target="#deleteModal"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span> Delete</button>
</div>
</td>
</tr>
{{/each}}
{{else}}
<tr>
<td colspan="4">
No application specific passwords generated
</td>
</tr>
{{/if}}
</tbody>
</table>
</div>
<form method="post" action="/account/security/asps/create">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<fieldset>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Create new application specific password</h3>
</div>
<div class="panel-body">
<div class="form-group{{#if errors.description}} has-error{{/if}}">
<label for="description">Application description</label>
<input type="text" class="form-control" name="description" id="description" placeholder="Password for Outlook ..." required>
{{#if errors.description}}
<span class="help-block">{{errors.description}}</span>
{{/if}}
</div>
<div class="form-group">
<button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Generate password</button>
</div>
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</div>
<!-- Modal -->
<div class="modal" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title" id="deleteModalLabel">Delete password</h4>
</div>
<div class="modal-body">
Are you sure you want to permanently delete Application Specific Password?
</div>
<div class="modal-footer">
<form method="post" action="/account/security/asps/delete">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<input type="hidden" id="delete-form-asp" name="id" value="">
<button type="button" class="btn btn-default" data-dismiss="modal">No, cancel</button>
<button type="submit" class="btn btn-danger bulk-delete-confirm">Yes, delete</button>
</form>
</div>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
$('#deleteModal').on('show.bs.modal', function (event) {
var button = $(event.relatedTarget); // Button that triggered the modal
var asp = button.data('asp'); // Extract info from data-* attributes
document.getElementById('delete-form-asp').value = asp;
});
}, false);
</script>

34
production/haraka-wildduck/webmail/views/account/security/enable-totp.hbs Archivo normal
Ver fichero

@@ -0,0 +1,34 @@
<form id="totp-form">
<input type="hidden" id="_csrf" value="{{csrfToken}}">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Two factor authentication</h3>
</div>
<div class="panel-body">
<p>
Scan the code with an authenticator app and enter resulting security code below to verify
</p>
<p class="lead text-center">
<img src="{{imageUrl}}" style="width: 200px;" width="200">
</p>
<div class="form-group" id="totp-token-field">
<label for="token">Security code</label>
<input type="number" class="form-control" id="token" placeholder="6 digit code" required autofocus>
<span class="help-block" id="totp-token-error" style="display: none"></span>
</div>
<div>
<div class="pull-right">
<button type="submit" id="totp-btn" class="btn btn-success" data-loading-text="Checking..."><span class="glyphicon glyphicon-ok" aria-hidden="true"></span> Verify</button>
</div>
<a href="/account/security"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
</div>
</div>
</div>
</form>
<script src="/enable-totp.js"></script>

45
production/haraka-wildduck/webmail/views/account/security/enable-u2f.hbs Archivo normal
Ver fichero

@@ -0,0 +1,45 @@
<input type="hidden" id="_csrf" value="{{csrfToken}}">
<input id="version" type="hidden" id="version" value="{{u2fRegRequest.version}}">
<input id="appId" type="hidden" id="appId" value="{{u2fRegRequest.appId}}">
<input id="challenge" type="hidden" id="challenge" value="{{u2fRegRequest.challenge}}">
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title"><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Two factor authentication</h3>
</div>
<div class="panel-body">
<div style="margin:10px 0;">
<div id="u2f-wait">
<img src="/images/u2f-wait.png" />
</div>
<div id="u2f-fail" style="display: none">
<img src="/images/u2f-fail.png" />
</div>
<div id="u2f-success" style="display: none">
<img src="/images/u2f-success.png" />
</div>
</div>
<p id="message">
Initializing...
</p>
<div>
<a href="/account/security"><span class="glyphicon glyphicon-arrow-left" aria-hidden="true"></span> Cancel</a>
</div>
</div>
</div>
<script>
// U2F support must be checked *before* loading /u2f-api.js
var U2FSUPPORT = typeof u2f === 'object' || typeof chrome === 'object';
</script>
<script src="/u2f-api.js"></script>
<script src="/enable-u2f.js"></script>

115
production/haraka-wildduck/webmail/views/account/security/events.hbs Archivo normal
Ver fichero

@@ -0,0 +1,115 @@
<div class="row">
<div class="col-md-12">
<h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
</div>
</div>
<div class="row">
<div class="col-md-12">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
{{> securitymenu}}
</ul>
<div class="tab-content">
<div role="tabpanel" class="tab-pane active" id="overview">
<p>&nbsp;</p>
<table class="table table-responsive">
<thead>
<tr>
<th>
Environment
</th>
<th>
Action
</th>
<th>
Result
</th>
<th>
IP
</th>
<th>
Session
</th>
<th>
Time
</th>
</tr>
</thead>
<tbody>
{{#if results}}
{{#each results}}
<tr>
<td>
{{protocol}}
</td>
<td>
{{#if asp}}
<div class="pull-right">
<strong>{{asp.name}}</strong>
</div>
{{/if}}
{{action}}
({{events}})
</td>
<td>
{{#if label}}
<span class="label label-{{label}}">{{result}}</span>
{{else}}
{{result}}
{{/if}}
</td>
<td>
{{ip}}
</td>
<td>
{{#if sess}}
<em>{{sessStr}}</em>
{{else}}
{{/if}}
</td>
<td class="datestring-fixed text-right" title="{{created}}">
{{created}}
</td>
</tr>
{{/each}}
{{else}}
<tr>
<td colspan="6">
<em>No events found</em>
</td>
</tr>
{{/if}}
</tbody>
</table>
<nav aria-label="nav">
<ul class="pager">
{{#if previousCursor}}
<li class="previous"><a href="/account/security/events?previous={{previousCursor}}&amp;page={{previousPage}}"><span aria-hidden="true">&larr;</span> Newer</a></li>
{{else}}
<li class="previous disabled"><a href="#"><span aria-hidden="true">&larr;</span> Newer</a></li>
{{/if}}
{{#if nextCursor}}
<li class="next"><a href="/account/security/events?next={{nextCursor}}&amp;page={{nextPage}}">Older <span aria-hidden="true">&rarr;</span></a></li>
{{else}}
<li class="next disabled"><a href="#">Older <span aria-hidden="true">&rarr;</span></a></li>
{{/if}}
</ul>
</nav>
</div>
</div>
</div>
</div>

98
production/haraka-wildduck/webmail/views/account/security/gpg.hbs Archivo normal
Ver fichero

@@ -0,0 +1,98 @@
<div class="row">
<div class="col-md-12">
<h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
</div>
</div>
<div class="row">
<div class="col-md-12">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
{{> securitymenu}}
</ul>
<div class="tab-content">
<div role="tabpanel" class="tab-pane active" id="overview">
<p>&nbsp;</p>
<form method="post" action="/account/security/gpg">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<fieldset>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">GPG Encryption</h3>
</div>
<div class="panel-body">
<p>
If encryption is enabled then all cleartext messages that are archived to this
account are encrypted using provided public key. Private key is not known to the
service so if they key is lost then messages can not be recovered. {{serviceName}}
is able to display encrypted messages if <a
href="https://www.mailvelope.com/">Mailvelope browser extension</a> is
installed, otherwise you would have to download the messages and open these in a
GPG-compatible email client.
</p>
<div class="form-group{{#if errors.encryptMessages}} has-error{{/if}}">
<label class="radio-inline">
<input type="radio" name="encryptMessages" id="encryptMessagesNo" value="false"
{{#unless values.encryptMessages}}checked{{/unless}}> Disable encryption
</label>
<label class="radio-inline">
<input type="radio" name="encryptMessages" id="encryptMessagesYes" value="true"
{{#if values.encryptMessages}}checked{{/if}}> Enable encryption
</label>
{{#if errors.encryptMessages}}
<span class="help-block">{{errors.encryptMessages}}</span>
{{/if}}
</div>
{{#if fingerprint}}
<div class="form-group">
<label>Current key:</label>
<div class="form-control-static">
<div class="pull-right">
<label>
<input type="checkbox" name="removeKey" value="yes" /> Remove current
key
</label>
</div>
<div>
<code class="response">{{fingerprint}}</code>
{{#if keyAddress}}(<em>{{keyAddress}}</em>){{/if}}
</div>
</div>
</div>
{{/if}}
<div class="form-group{{#if errors.pubKey}} has-error{{/if}}">
<label for="pubKey">GPG Public Key{{#if fingerprint}} (replaces current key){{/if}}:
</label>
<textarea class="form-control" style="font-family: monospace;" rows="6" id="pubKey"
name="pubKey"
placeholder="Begins with &#39;-----BEGIN PGP PUBLIC KEY BLOCK-----&#39;">{{pubKey}}</textarea>
{{#if errors.pubKey}}
<span class="help-block">{{errors.pubKey}}</span>
{{/if}}
<span class="help-block">Leave empty if you do not want to replace the current
key</span>
</div>
<div class="form-group">
<button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-lock"
aria-hidden="true"></span> Update encryption settings</button>
</div>
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</div>

67
production/haraka-wildduck/webmail/views/account/security/password.hbs Archivo normal
Ver fichero

@@ -0,0 +1,67 @@
<div class="row">
<div class="col-md-12">
<h1><span class="glyphicon glyphicon-lock" aria-hidden="true"></span> Security</h1>
</div>
</div>
<div class="row">
<div class="col-md-12">
<!-- Nav tabs -->
<ul class="nav nav-tabs" role="tablist">
{{> securitymenu}}
</ul>
<div class="tab-content">
<div role="tabpanel" class="tab-pane active" id="overview">
<p>&nbsp;</p>
<form method="post" action="/account/security/password">
<input type="hidden" name="_csrf" value="{{csrfToken}}">
<fieldset>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Change Password</h3>
</div>
<div class="panel-body">
<p>
Change your account password here
</p>
<div class="form-group{{#if errors.existingPassword}} has-error{{/if}}">
<label for="existingPassword">Current password</label>
<input type="password" class="form-control" name="existingPassword" id="existingPassword" placeholder="eg. &quot;supersecret&quot;" autocomplete="off">
{{#if errors.existingPassword}}
<span class="help-block">{{errors.existingPassword}}</span>
{{/if}}
</div>
<div class="form-group{{#if errors.password}} has-error{{/if}}">
<label for="password">New password</label>
<input type="password" class="form-control" name="password" id="password" placeholder="eg. &quot;supersecret&quot;" autocomplete="off">
{{#if errors.password}}
<span class="help-block">{{errors.password}}</span>
{{/if}}
</div>
<div class="form-group{{#if errors.password}} has-error{{/if}}">
<label for="password2">Repeat password</label>
<input type="password" class="form-control" name="password2" id="password2" placeholder="repeat password" autocomplete="off">
</div>
<div class="form-group">
<button type="submit" class="btn btn-success"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span> Change Password</button>
</div>
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</div>