1
0
Fork 1
mirror of https://github.com/coddingtonbear/django-mailbox.git synced 2026-07-09 22:38:19 +02:00

Merge pull request #5 from invisiblebits/encrypt-uri

Encrypt uri
This commit is contained in:
Manuel Gomez 2019-04-09 15:19:17 +02:00 committed by GitHub
commit 66f1254001
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 54 additions and 1 deletions

View file

@ -8,6 +8,7 @@ console.
import logging
from django import forms
from django.conf import settings
from django.contrib import admin
from django.utils.translation import ugettext_lazy as _
@ -39,11 +40,29 @@ resend_message_received_signal.short_description = (
_('Re-send message received signal')
)
class MailboxForm(forms.ModelForm):
uri = forms.CharField(widget=forms.PasswordInput,
help_text="For security, the URI will not be shown and will "
"be encrypted in database "
"<br />"
"Example: imap+ssl://myusername:mypassword@someserver <br />"
"<br />"
"Internet transports include 'imap' and 'pop3'; "
"common local file transports include 'maildir', 'mbox', "
"and less commonly 'babyl', 'mh', and 'mmdf'. <br />"
"<br />"
"Be sure to urlencode your username and password should they "
"contain illegal characters (like @, :, etc)."
)
class Meta:
model = Mailbox
fields = ('name', 'uri', 'from_email', 'active',)
class MailboxAdmin(admin.ModelAdmin):
form = MailboxForm
list_display = (
'name',
'uri',
'from_email',
'active',
'last_polling',
@ -51,6 +70,10 @@ class MailboxAdmin(admin.ModelAdmin):
readonly_fields = ['last_polling', ]
actions = [get_new_mail]
def save_model(self, request, obj, form, change):
if request:
obj.uri = obj.encrypt_uri()
obj.save()
class MessageAttachmentAdmin(admin.ModelAdmin):
raw_id_fields = ('message', )

View file

@ -17,6 +17,7 @@ import os.path
import sys
import uuid
from tempfile import NamedTemporaryFile
from Crypto.Cipher import AES
import six
from six.moves.urllib.parse import parse_qs, unquote, urlparse
@ -113,8 +114,36 @@ class Mailbox(models.Model):
objects = models.Manager()
active_mailboxes = ActiveMailboxManager()
def pad(self, key):
length = 32 - (len(key) % 32)
return key + chr(length).encode('utf-8') * length
def unpad(self, key):
return key[0:-ord(key[-1])]
def encrypt_uri(self):
secret_key = self.pad(django_settings.SECRET_KEY)
self.uri = unicode(self.pad(self.uri)).encode('utf-8')
cipher = AES.new(secret_key)
self.uri = cipher.encrypt(self.uri)
self.uri = base64.b64encode(self.uri)
return self.uri
def decrypt_uri(self):
secret_key = self.pad(django_settings.SECRET_KEY)
self.uri = self.pad(self.uri)
cipher = AES.new(secret_key)
self.uri = base64.b64decode(self.uri)
self.uri = cipher.decrypt(self.uri)
return self.unpad(self.uri)
@property
def _protocol_info(self):
self.uri = self.decrypt_uri()
return urlparse(self.uri)
@property

View file

@ -1,2 +1,3 @@
django>=1.9,<1.10
six
pycrypto==2.6.1