[PR #266] [CLOSED] - 修复：在邮件列表接口中增加了密码校验，确保只有密码正确的用户才能查看邮件，提升系统安全性。 #260

New issue

Closed

opened 2026-02-27 09:13:58 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 09:13:58 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/maillab/cloud-mail/pull/266
Author: @root-kaliking
Created: 2/16/2026
Status: ❌ Closed

Base: main ← Head: main

📝 Commits (1)

b96986c - 修复：在邮件列表接口中增加了密码校验，确保只有密码正确的用户才能查看邮件，提升系统安全性。

📊 Changes

1 file changed (+186 additions, -17 deletions)

View changed files

📝 mail-worker/src/service/public-service.js (+186 -17)

📄 Description

api在邮件列表查询前，通过调用 verifyUser 方法对用户邮箱和密码进行校验，只有通过验证的管理员用户才能获取邮件列表，杜绝了越权查看的风险。

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/maillab/cloud-mail/pull/266 **Author:** [@root-kaliking](https://github.com/root-kaliking) **Created:** 2/16/2026 **Status:** ❌ Closed **Base:** `main` ← **Head:** `main` --- ### 📝 Commits (1) - [`b96986c`](https://github.com/maillab/cloud-mail/commit/b96986cb47504f92bdef4557ff34bb0f74229f4e) - 修复：在邮件列表接口中增加了密码校验，确保只有密码正确的用户才能查看邮件，提升系统安全性。 ### 📊 Changes **1 file changed** (+186 additions, -17 deletions) <details> <summary>View changed files</summary> 📝 `mail-worker/src/service/public-service.js` (+186 -17) </details> ### 📄 Description api在邮件列表查询前，通过调用 verifyUser 方法对用户邮箱和密码进行校验，只有通过验证的管理员用户才能获取邮件列表，杜绝了越权查看的风险。 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>