Merge pull request #1938 from NicolasDorier/email-pwd

Do not show password in clear text in email configuration (Fix #1790)
2026-02-23 15:14:49 +01:00 · 2020-10-08 12:01:21 +09:00
parent 83b28e0b00 d8da8023c2
commit d9d2c7d213
7 changed files with 161 additions and 54 deletions
--- a/BTCPayServer/Controllers/ServerController.cs
+++ b/BTCPayServer/Controllers/ServerController.cs
@@ -945,23 +945,28 @@ namespace BTCPayServer.Controllers
        public async Task<IActionResult> Emails()
        {
            var data = (await _SettingsRepository.GetSettingAsync<EmailSettings>()) ?? new EmailSettings();
-            return View(new EmailsViewModel() { Settings = data });
+            return View(new EmailsViewModel(data));
        }

        [Route("server/emails")]
        [HttpPost]
        public async Task<IActionResult> Emails(EmailsViewModel model, string command)
        {
-            if (!model.Settings.IsComplete())
-            {
-                TempData[WellKnownTempData.ErrorMessage] = "Required fields missing";
-                return View(model);
-            }
-
+           
            if (command == "Test")
            {
                try
                {
+                    if (model.PasswordSet)
+                    {
+                        var settings = await _SettingsRepository.GetSettingAsync<EmailSettings>();
+                        model.Settings.Password = settings.Password;
+                    }
+                    if (!model.Settings.IsComplete())
+                    {
+                        TempData[WellKnownTempData.ErrorMessage] = "Required fields missing";
+                        return View(model);
+                    }
                    using (var client = model.Settings.CreateSmtpClient())
                    using (var message = model.Settings.CreateMailMessage(new MailAddress(model.TestEmail), "BTCPay test", "BTCPay test"))
                    {
@@ -975,11 +980,24 @@ namespace BTCPayServer.Controllers
                }
                return View(model);
            }
+            else if (command == "ResetPassword")
+            {
+                var settings = await _SettingsRepository.GetSettingAsync<EmailSettings>();
+                settings.Password = null;
+                await _SettingsRepository.UpdateSetting(model.Settings);
+                TempData[WellKnownTempData.SuccessMessage] = "Email server password reset";
+                return RedirectToAction(nameof(Emails));
+            }
            else // if(command == "Save")
            {
+                var oldSettings = await _SettingsRepository.GetSettingAsync<EmailSettings>();
+                if (new EmailsViewModel(oldSettings).PasswordSet)
+                {
+                    model.Settings.Password = oldSettings.Password;
+                }
                await _SettingsRepository.UpdateSetting(model.Settings);
                TempData[WellKnownTempData.SuccessMessage] = "Email settings saved";
-                return View(model);
+                return RedirectToAction(nameof(Emails));
            }
        }