django-email-extras icon indicating copy to clipboard operation
django-email-extras copied to clipboard

Published 20 hours ago verified publisher icon stephenmcd

Add encrypting backend mixin and mix it in with Django's built-in backends

Open blag opened this issue 8 years ago • 4 comments

This is my first attempt at this, so feedback and criticism is more than welcome!

This is extremely similar to email_extras.utils.send_mail, but it's a mixin for mail backends.

The main problem I have with django-email-extras is that third-party app developers have to explicitly opt-in to using it by calling our send_mail function. I am using django-accounts and django-allauth to handle user registration/login/forgotten passwords, and they use Django's built-in one from django.core.mail.

I think encryption should be as easy to implement and use as possible (while still remaining actually secure), so this is an attempt in that direction. With this backend configured all mail Django sends will be sent through this backend, and opportunistically encrypted along the way (if the user has uploaded a key).

I also mixed it in with Django's built-in backends, so there's Encrypting*EmailBackend for the Console, Locmem, Filebased, and Smtp backends.

~~I am explicitly not adding code to upload the key to keyservers because python-gnupg does not yet support generating key revocation certificates, so I don't want users to upload keys they can't easily revoke.~~ I added code to the new email_signing_key management command to automatically upload the key to one of more specified keyservers.

TODO:

  • [x] Add management command/s for generating signing key? uploading to keyservers? with flag to skip if already exists?
  • [x] Optionally sign outgoing email with generated key
  • [x] Remove more specific exceptions and add a configurable exception handler for failed messages. I think this is a better way to handle things than simply throwing exceptions, because third party apps won't be expecting failed encryption exceptions or properly handle them.
  • [x] Add user friendly messages when SIGNING_KEY_FINGERPRINT specified a key that doesn't exist
  • [x] Document the process for how to add a signing key:
    1. Adjust EMAIL_EXTRAS_SIGNING_KEY_DATA
    2. ~~Fire up server, browse to admin for keys~~
    3. ~~Hit the "Generate signing key" button~~ Run the email_signing_key command to generate a signing key
    4. Copy displayed fingerprint
    5. Set EMAIL_EXTRAS_SIGNING_KEY_FINGERPRINT to copied fingerprint
    6. Restart server

Edit: Thought of more/better ways to go about things.

blag avatar Mar 22 '17 05:03 blag

@stephenmcd I'm now happy with this PR. Do you mind reviewing it? You might also be interested, @theithec.

And I'd like to add tests to the repo. Do you mind if I tack them onto the end of this?

Thanks!

blag avatar Mar 27 '17 22:03 blag

Do you mind reviewing it?

No time at the moment sorry.

stephenmcd avatar Mar 27 '17 22:03 stephenmcd

Rebasing on master now that #41 is merged...

blag avatar Apr 09 '17 23:04 blag

Done rebasing.

blag avatar Apr 09 '17 23:04 blag