def new_random_alias():
"""
Create a new random alias
Output:
201 if success
"""
user = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create new random alias", user)
return (
jsonify(
error=
f"You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
scheme = user.alias_generator
gen_email = GenEmail.create_new_random(user_id=user.id, scheme=scheme)
db.session.commit()
hostname = request.args.get("hostname")
if hostname:
AliasUsedOn.create(gen_email_id=gen_email.id, hostname=hostname)
db.session.commit()
return jsonify(alias=gen_email.email), 201
def test_different_scenarios_v5(flask_client):
user = User.create(email="[email protected]",
password="******",
name="Test User",
activated=True)
Session.commit()
# create api_key
api_key = ApiKey.create(user.id, "for test")
Session.commit()
# <<< without hostname >>>
r = flask_client.get("/api/v5/alias/options",
headers={"Authentication": api_key.code})
assert r.status_code == 200
assert r.json["can_create"]
assert r.json["suffixes"]
assert r.json["prefix_suggestion"] == "" # no hostname => no suggestion
for suffix_payload in r.json["suffixes"]:
suffix, signed_suffix = (
suffix_payload["suffix"],
suffix_payload["signed_suffix"],
)
assert signed_suffix.startswith(suffix)
# <<< with hostname >>>
r = flask_client.get(
"/api/v5/alias/options?hostname=www.test.com",
headers={"Authentication": api_key.code},
)
assert r.json["prefix_suggestion"] == "test"
# <<< with hostname with 2 parts TLD, for example wwww.numberoneshoes.co.nz >>>
r = flask_client.get(
"/api/v5/alias/options?hostname=wwww.numberoneshoes.co.nz",
headers={"Authentication": api_key.code},
)
assert r.json["prefix_suggestion"] == "numberoneshoes"
# <<< with recommendation >>>
alias = Alias.create_new(user, prefix="test")
Session.commit()
AliasUsedOn.create(alias_id=alias.id,
hostname="www.test.com",
user_id=alias.user_id)
Session.commit()
r = flask_client.get(
url_for("api.options_v4", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["recommendation"]["alias"] == alias.email
assert r.json["recommendation"]["hostname"] == "www.test.com"
def new_custom_alias():
"""
Create a new custom alias
Input:
alias_prefix, for ex "www_groupon_com"
alias_suffix, either [email protected] or @my-domain.com
optional "hostname" in args
optional "note"
Output:
201 if success
409 if the alias already exists
"""
user: User = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create any custom alias", user)
return (
jsonify(
error="You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
user_custom_domains = [cd.domain for cd in user.verified_custom_domains()]
hostname = request.args.get("hostname")
data = request.get_json()
if not data:
return jsonify(error="request body cannot be empty"), 400
alias_prefix = data.get("alias_prefix", "").strip()
alias_suffix = data.get("alias_suffix", "").strip()
note = data.get("note")
alias_prefix = convert_to_id(alias_prefix)
if not verify_prefix_suffix(user, alias_prefix, alias_suffix, user_custom_domains):
return jsonify(error="wrong alias prefix or suffix"), 400
full_alias = alias_prefix + alias_suffix
if GenEmail.get_by(email=full_alias):
LOG.d("full alias already used %s", full_alias)
return jsonify(error=f"alias {full_alias} already exists"), 409
gen_email = GenEmail.create(
user_id=user.id, email=full_alias, mailbox_id=user.default_mailbox_id, note=note
)
db.session.commit()
if hostname:
AliasUsedOn.create(gen_email_id=gen_email.id, hostname=hostname)
db.session.commit()
return jsonify(alias=full_alias), 201
def new_random_alias():
"""
Create a new random alias
Input:
(Optional) note
Output:
201 if success
"""
user = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create new random alias", user)
return (
jsonify(
error=
f"You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
note = None
data = request.get_json(silent=True)
if data:
note = data.get("note")
scheme = user.alias_generator
mode = request.args.get("mode")
if mode:
if mode == "word":
scheme = AliasGeneratorEnum.word.value
elif mode == "uuid":
scheme = AliasGeneratorEnum.uuid.value
else:
return jsonify(error=f"{mode} must be either word or alias"), 400
alias = Alias.create_new_random(user=user, scheme=scheme, note=note)
db.session.commit()
hostname = request.args.get("hostname")
if hostname:
AliasUsedOn.create(alias_id=alias.id,
hostname=hostname,
user_id=alias.user_id)
db.session.commit()
return (
jsonify(alias=alias.email,
**serialize_alias_info(get_alias_info(alias))),
201,
)
def test_different_scenarios(flask_client):
user = User.create(
email="[email protected]",
password="******",
name="Test User",
activated=True,
commit=True,
)
# create api_key
api_key = ApiKey.create(user.id, "for test")
db.session.commit()
# <<< without hostname >>>
r = flask_client.get(url_for("api.options"),
headers={"Authentication": api_key.code})
# {
# "can_create_custom": True,
# "custom": {"suffixes": ["*****@*****.**"], "suggestion": ""},
# "existing": ["*****@*****.**"],
# }
assert r.status_code == 200
assert r.json["can_create_custom"]
assert len(r.json["existing"]) == 1
assert len(r.json["custom"]["suffixes"]) == 4
assert r.json["custom"]["suggestion"] == "" # no hostname => no suggestion
# <<< with hostname >>>
r = flask_client.get(
url_for("api.options", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["custom"]["suggestion"] == "test"
# <<< with recommendation >>>
alias = Alias.create_new(user, prefix="test")
db.session.commit()
AliasUsedOn.create(alias_id=alias.id,
hostname="www.test.com",
user_id=user.id)
db.session.commit()
r = flask_client.get(
url_for("api.options", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["recommendation"]["alias"] == alias.email
assert r.json["recommendation"]["hostname"] == "www.test.com"
def test_different_scenarios_v4(flask_client):
user = User.create(
email="[email protected]", password="******", name="Test User", activated=True
)
db.session.commit()
# create api_key
api_key = ApiKey.create(user.id, "for test")
db.session.commit()
# <<< without hostname >>>
r = flask_client.get(
url_for("api.options_v4"), headers={"Authentication": api_key.code}
)
assert r.status_code == 200
assert r.json["can_create"]
assert r.json["suffixes"]
assert r.json["prefix_suggestion"] == "" # no hostname => no suggestion
for (suffix, signed_suffix) in r.json["suffixes"]:
assert signed_suffix.startswith(suffix)
# <<< with hostname >>>
r = flask_client.get(
url_for("api.options_v4", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["prefix_suggestion"] == "test"
# <<< with recommendation >>>
alias = Alias.create_new(user, prefix="test")
db.session.commit()
AliasUsedOn.create(
alias_id=alias.id, hostname="www.test.com", user_id=alias.user_id
)
db.session.commit()
r = flask_client.get(
url_for("api.options_v4", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["recommendation"]["alias"] == alias.email
assert r.json["recommendation"]["hostname"] == "www.test.com"
def test_different_scenarios_v2(flask_client):
user = User.create(
email="[email protected]", password="******", name="Test User", activated=True
)
db.session.commit()
# create api_key
api_key = ApiKey.create(user.id, "for test")
db.session.commit()
# <<< without hostname >>>
r = flask_client.get(
url_for("api.options_v2"), headers={"Authentication": api_key.code}
)
assert r.status_code == 200
# {'can_create': True, 'existing': ['*****@*****.**'], 'prefix_suggestion': '', 'suffixes': ['*****@*****.**']}
assert r.json["can_create"]
assert len(r.json["existing"]) == 1
assert r.json["suffixes"]
assert r.json["prefix_suggestion"] == "" # no hostname => no suggestion
# <<< with hostname >>>
r = flask_client.get(
url_for("api.options_v2", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["prefix_suggestion"] == "test"
# <<< with recommendation >>>
alias = Alias.create_new(user, prefix="test")
db.session.commit()
AliasUsedOn.create(
alias_id=alias.id, hostname="www.test.com", user_id=alias.user_id
)
db.session.commit()
r = flask_client.get(
url_for("api.options_v2", hostname="www.test.com"),
headers={"Authentication": api_key.code},
)
assert r.json["recommendation"]["alias"] == alias.email
assert r.json["recommendation"]["hostname"] == "www.test.com"
def new_custom_alias():
"""
Currently used by Safari extension.
Create a new custom alias
Input:
alias_prefix, for ex "www_groupon_com"
alias_suffix, either [email protected] or @my-domain.com
optional "hostname" in args
optional "note"
Output:
201 if success
409 if the alias already exists
"""
LOG.warning("/alias/custom/new is obsolete")
user: User = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create any custom alias", user)
return (
jsonify(
error=
"You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
hostname = request.args.get("hostname")
data = request.get_json()
if not data:
return jsonify(error="request body cannot be empty"), 400
alias_prefix = data.get("alias_prefix",
"").strip().lower().replace(" ", "")
alias_suffix = data.get("alias_suffix",
"").strip().lower().replace(" ", "")
note = data.get("note")
alias_prefix = convert_to_id(alias_prefix)
if not verify_prefix_suffix(user, alias_prefix, alias_suffix):
return jsonify(error="wrong alias prefix or suffix"), 400
full_alias = alias_prefix + alias_suffix
if (Alias.get_by(email=full_alias) or DeletedAlias.get_by(email=full_alias)
or DomainDeletedAlias.get_by(email=full_alias)):
LOG.d("full alias already used %s", full_alias)
return jsonify(error=f"alias {full_alias} already exists"), 409
alias = Alias.create(user_id=user.id,
email=full_alias,
mailbox_id=user.default_mailbox_id,
note=note)
if alias_suffix.startswith("@"):
alias_domain = alias_suffix[1:]
domain = CustomDomain.get_by(domain=alias_domain)
if domain:
LOG.d("set alias %s to domain %s", full_alias, domain)
alias.custom_domain_id = domain.id
db.session.commit()
if hostname:
AliasUsedOn.create(alias_id=alias.id,
hostname=hostname,
user_id=alias.user_id)
db.session.commit()
return jsonify(alias=full_alias,
**serialize_alias_info(get_alias_info(alias))), 201
def new_custom_alias_v3():
"""
Create a new custom alias
Same as v2 but accept a list of mailboxes as input
Input:
alias_prefix, for ex "www_groupon_com"
signed_suffix, either [email protected] or @my-domain.com
mailbox_ids: list of int
optional "hostname" in args
optional "note"
optional "name"
Output:
201 if success
409 if the alias already exists
"""
user: User = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create any custom alias", user)
return (
jsonify(
error=
"You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
hostname = request.args.get("hostname")
data = request.get_json()
if not data:
return jsonify(error="request body cannot be empty"), 400
alias_prefix = data.get("alias_prefix",
"").strip().lower().replace(" ", "")
signed_suffix = data.get("signed_suffix", "").strip()
mailbox_ids = data.get("mailbox_ids")
note = data.get("note")
name = data.get("name")
if name:
name = name.replace("\n", "")
alias_prefix = convert_to_id(alias_prefix)
if not check_alias_prefix(alias_prefix):
return jsonify(error="alias prefix invalid format or too long"), 400
# check if mailbox is not tempered with
mailboxes = []
for mailbox_id in mailbox_ids:
mailbox = Mailbox.get(mailbox_id)
if not mailbox or mailbox.user_id != user.id or not mailbox.verified:
return jsonify(error="Errors with Mailbox"), 400
mailboxes.append(mailbox)
if not mailboxes:
return jsonify(error="At least one mailbox must be selected"), 400
# hypothesis: user will click on the button in the 600 secs
try:
alias_suffix = signer.unsign(signed_suffix, max_age=600).decode()
except SignatureExpired:
LOG.warning("Alias creation time expired for %s", user)
return jsonify(
error="Alias creation time is expired, please retry"), 412
except Exception:
LOG.warning("Alias suffix is tampered, user %s", user)
return jsonify(error="Tampered suffix"), 400
if not verify_prefix_suffix(user, alias_prefix, alias_suffix):
return jsonify(error="wrong alias prefix or suffix"), 400
full_alias = alias_prefix + alias_suffix
if (Alias.get_by(email=full_alias) or DeletedAlias.get_by(email=full_alias)
or DomainDeletedAlias.get_by(email=full_alias)):
LOG.d("full alias already used %s", full_alias)
return jsonify(error=f"alias {full_alias} already exists"), 409
custom_domain_id = None
if alias_suffix.startswith("@"):
alias_domain = alias_suffix[1:]
domain = CustomDomain.get_by(domain=alias_domain)
if domain:
custom_domain_id = domain.id
alias = Alias.create(
user_id=user.id,
email=full_alias,
note=note,
name=name or None,
mailbox_id=mailboxes[0].id,
custom_domain_id=custom_domain_id,
)
db.session.flush()
for i in range(1, len(mailboxes)):
AliasMailbox.create(
alias_id=alias.id,
mailbox_id=mailboxes[i].id,
)
db.session.commit()
if hostname:
AliasUsedOn.create(alias_id=alias.id,
hostname=hostname,
user_id=alias.user_id)
db.session.commit()
return (
jsonify(alias=full_alias,
**serialize_alias_info_v2(get_alias_info_v2(alias))),
201,
)
def new_custom_alias_v2():
"""
Create a new custom alias
Same as v1 but signed_suffix is actually the suffix with signature, e.g.
[email protected]
Input:
alias_prefix, for ex "www_groupon_com"
signed_suffix, either [email protected] or @my-domain.com
optional "hostname" in args
optional "note"
Output:
201 if success
409 if the alias already exists
"""
user: User = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create any custom alias", user)
return (
jsonify(
error=
"You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
hostname = request.args.get("hostname")
data = request.get_json()
if not data:
return jsonify(error="request body cannot be empty"), 400
alias_prefix = data.get("alias_prefix",
"").strip().lower().replace(" ", "")
signed_suffix = data.get("signed_suffix", "").strip()
note = data.get("note")
alias_prefix = convert_to_id(alias_prefix)
# hypothesis: user will click on the button in the 600 secs
try:
alias_suffix = signer.unsign(signed_suffix, max_age=600).decode()
except SignatureExpired:
LOG.warning("Alias creation time expired for %s", user)
return jsonify(
error="Alias creation time is expired, please retry"), 412
except Exception:
LOG.warning("Alias suffix is tampered, user %s", user)
return jsonify(error="Tampered suffix"), 400
if not verify_prefix_suffix(user, alias_prefix, alias_suffix):
return jsonify(error="wrong alias prefix or suffix"), 400
full_alias = alias_prefix + alias_suffix
if (Alias.get_by(email=full_alias) or DeletedAlias.get_by(email=full_alias)
or DomainDeletedAlias.get_by(email=full_alias)):
LOG.d("full alias already used %s", full_alias)
return jsonify(error=f"alias {full_alias} already exists"), 409
custom_domain_id = None
if alias_suffix.startswith("@"):
alias_domain = alias_suffix[1:]
domain = CustomDomain.get_by(domain=alias_domain)
# check if the alias is currently in the domain trash
if domain and DomainDeletedAlias.get_by(domain_id=domain.id,
email=full_alias):
LOG.d(
f"Alias {full_alias} is currently in the {domain.domain} trash. "
)
return jsonify(error=f"alias {full_alias} in domain trash"), 409
if domain:
custom_domain_id = domain.id
alias = Alias.create(
user_id=user.id,
email=full_alias,
mailbox_id=user.default_mailbox_id,
note=note,
custom_domain_id=custom_domain_id,
)
db.session.commit()
if hostname:
AliasUsedOn.create(alias_id=alias.id,
hostname=hostname,
user_id=alias.user_id)
db.session.commit()
return (
jsonify(alias=full_alias,
**serialize_alias_info_v2(get_alias_info_v2(alias))),
201,
)
def new_custom_alias():
"""
Create a new custom alias
Input:
alias_prefix, for ex "www_groupon_com"
alias_suffix, either [email protected] or @my-domain.com
optional "hostname" in args
Output:
201 if success
409 if alias already exists
"""
user = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create custom alias", user)
return (
jsonify(
error="You have created 3 custom aliases, please upgrade to create more"
),
400,
)
user_custom_domains = [cd.domain for cd in user.verified_custom_domains()]
hostname = request.args.get("hostname")
data = request.get_json()
alias_prefix = data["alias_prefix"]
alias_suffix = data["alias_suffix"]
# make sure alias_prefix is not empty
alias_prefix = alias_prefix.strip()
alias_prefix = convert_to_id(alias_prefix)
if not alias_prefix: # should be checked on frontend
LOG.d("user %s submits empty alias prefix %s", user, alias_prefix)
return jsonify(error="alias prefix cannot be empty"), 400
# make sure alias_suffix is either [email protected] or @my-domain.com
alias_suffix = alias_suffix.strip()
if alias_suffix.startswith("@"):
custom_domain = alias_suffix[1:]
if custom_domain not in user_custom_domains:
LOG.d("user %s submits wrong custom domain %s ", user, custom_domain)
return jsonify(error="error"), 400
else:
if not alias_suffix.startswith("."):
LOG.d("user %s submits wrong alias suffix %s", user, alias_suffix)
return jsonify(error="error"), 400
if not alias_suffix.endswith(EMAIL_DOMAIN):
LOG.d("user %s submits wrong alias suffix %s", user, alias_suffix)
return jsonify(error="error"), 400
random_letters = alias_suffix[1 : alias_suffix.find("@")]
if len(random_letters) < 5:
LOG.d("user %s submits wrong alias suffix %s", user, alias_suffix)
return jsonify(error="error"), 400
full_alias = alias_prefix + alias_suffix
if GenEmail.get_by(email=full_alias):
LOG.d("full alias already used %s", full_alias)
return jsonify(error=f"alias {full_alias} already exists"), 409
gen_email = GenEmail.create(user_id=user.id, email=full_alias)
db.session.commit()
if hostname:
AliasUsedOn.create(gen_email_id=gen_email.id, hostname=hostname)
db.session.commit()
return jsonify(alias=full_alias), 201
def new_random_alias():
"""
Create a new random alias
Input:
(Optional) note
Output:
201 if success
"""
user = g.user
if not user.can_create_new_alias():
LOG.d("user %s cannot create new random alias", user)
return (
jsonify(
error=
f"You have reached the limitation of a free account with the maximum of "
f"{MAX_NB_EMAIL_FREE_PLAN} aliases, please upgrade your plan to create more aliases"
),
400,
)
note = None
data = request.get_json(silent=True)
if data:
note = data.get("note")
alias = None
# custom alias suggestion and suffix
hostname = request.args.get("hostname")
if hostname and user.include_website_in_one_click_alias:
LOG.d("Use %s to create new alias", hostname)
# keep only the domain name of hostname, ignore TLD and subdomain
# for ex www.groupon.com -> groupon
ext = tldextract.extract(hostname)
prefix_suggestion = ext.domain
prefix_suggestion = convert_to_id(prefix_suggestion)
suffixes = get_available_suffixes(user)
# use the first suffix
suggested_alias = prefix_suggestion + suffixes[0].suffix
alias = Alias.get_by(email=suggested_alias)
# cannot use this alias as it belongs to another user
if alias and not alias.user_id == user.id:
LOG.d("%s belongs to another user", alias)
alias = None
elif alias and alias.user_id == user.id:
# make sure alias was created for this website
if AliasUsedOn.get_by(alias_id=alias.id,
hostname=hostname,
user_id=alias.user_id):
LOG.d("Use existing alias %s", alias)
else:
LOG.d("%s wasn't created for this website %s", alias, hostname)
alias = None
elif not alias:
LOG.d("create new alias %s", suggested_alias)
try:
alias = Alias.create(
user_id=user.id,
email=suggested_alias,
note=note,
mailbox_id=user.default_mailbox_id,
commit=True,
)
except AliasInTrashError:
LOG.i("Alias %s is in trash", suggested_alias)
alias = None
if not alias:
scheme = user.alias_generator
mode = request.args.get("mode")
if mode:
if mode == "word":
scheme = AliasGeneratorEnum.word.value
elif mode == "uuid":
scheme = AliasGeneratorEnum.uuid.value
else:
return jsonify(
error=f"{mode} must be either word or uuid"), 400
alias = Alias.create_new_random(user=user, scheme=scheme, note=note)
Session.commit()
if hostname and not AliasUsedOn.get_by(alias_id=alias.id,
hostname=hostname):
AliasUsedOn.create(alias_id=alias.id,
hostname=hostname,
user_id=alias.user_id)
Session.commit()
return (
jsonify(alias=alias.email,
**serialize_alias_info_v2(get_alias_info_v2(alias))),
201,
)
