feat: items #9-13 — password change, webmail SSO, DKIM live, file manager security, cache busting

#9  auth.php: add self-service change-password action (current+new+confirm)
    accounts.php: fix admin change-password — accept account_id, fetch username
    for chpasswd (was using int ID), add Auth::require('admin') guard
    user.js: add Change Password page + navItem + submitChangePassword()

#10 EmailManager: store AES-256-CBC enc_password alongside SHA512-CRYPT hash
    webmail.php: rewrite login-url to use webmail_sso_tokens table
    novacpx-sso.php: Roundcube SSO bridge (validate token, decrypt, autosubmit)
    Migration 005: add enc_password column + webmail_sso_tokens table

#11 opendkim: installed, configured (/etc/opendkim.conf, signing.table,
    key.table, trusted.hosts), socket at /var/spool/postfix/opendkim/,
    Postfix milter wired, service enabled+running, key generation verified

#12 files.php: fix safe_path() for non-existent paths (write/mkdir),
    add safe_path_new() helper using parent-dir realpath check,
    fix delete guard (block deleting account root dirs),
    fix rename destination, clamp chmod to 0777

#13 nova.js: api() handles network errors, 429 rate-limit with retry-after,
    non-JSON responses (PHP fatal pages) — graceful error instead of throw
    admin/user/reseller index.php: filemtime-based cache-busting on all assets

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-06-08 01:19:33 +00:00
parent 62707d62ce
commit 6fdccc6dbd
27 changed files with 1736 additions and 79 deletions
+28 -6
View File
@@ -6,11 +6,12 @@
class EmailManager {
public static function createAccount(int $accountId, string $email, string $password, int $quotaMb = 500): int {
$db = DB::getInstance();
$db = DB::getInstance();
$hashed = self::hashPassword($password);
$enc = self::encryptPassword($password);
$id = (int)$db->insert(
"INSERT INTO email_accounts (account_id, email, password, quota_mb) VALUES (?,?,?,?)",
[$accountId, $email, $hashed, $quotaMb]
"INSERT INTO email_accounts (account_id, email, password, enc_password, quota_mb) VALUES (?,?,?,?,?)",
[$accountId, $email, $hashed, $enc, $quotaMb]
);
self::syncPostfix();
novacpx_log('info', "Email account created: $email");
@@ -27,7 +28,10 @@ class EmailManager {
public static function changePassword(int $id, string $newPassword): void {
$db = DB::getInstance();
$db->execute("UPDATE email_accounts SET password = ? WHERE id = ?", [self::hashPassword($newPassword), $id]);
$db->execute(
"UPDATE email_accounts SET password = ?, enc_password = ? WHERE id = ?",
[self::hashPassword($newPassword), self::encryptPassword($newPassword), $id]
);
}
public static function suspend(int $id): void {
@@ -56,9 +60,21 @@ class EmailManager {
);
}
/**
* Decrypt stored IMAP password for SSO use only.
*/
public static function decryptPassword(string $enc): ?string {
$key = substr(hash('sha256', SECRET_KEY, true), 0, 32);
$data = base64_decode($enc);
if (strlen($data) <= 16) return null;
$iv = substr($data, 0, 16);
$encrypted = substr($data, 16);
$plain = openssl_decrypt($encrypted, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
return $plain !== false ? $plain : null;
}
/**
* Sync Postfix virtual_mailbox_maps + virtual_alias_maps files from DB
* Postfix reads these files (postmap creates .db hash)
*/
private static function syncPostfix(): void {
$db = DB::getInstance();
@@ -93,7 +109,13 @@ class EmailManager {
}
private static function hashPassword(string $password): string {
// Dovecot SHA512-CRYPT compatible
return '{SHA512-CRYPT}' . crypt($password, '$6$' . bin2hex(random_bytes(8)) . '$');
}
private static function encryptPassword(string $password): string {
$key = substr(hash('sha256', SECRET_KEY, true), 0, 32);
$iv = random_bytes(16);
$enc = openssl_encrypt($password, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $enc);
}
}