Merge branch 'knadh:master' into master

Author: dragonwocky

cmd/subscribers.go

@@ -458,9 +458,6 @@ func (a *App) BlocklistSubscribersByQuery(c echo.Context) error {
 
 	req.Search = strings.TrimSpace(req.Search)
 	req.Query = formatSQLExp(req.Query)
-	if req.Search == "" && req.Query == "" {
-		return echo.NewHTTPError(http.StatusBadRequest, a.i18n.Ts("globals.messages.invalidFields", "name", "query"))
-	}
 
 	// Does the user have the subscribers:sql_query permission?
 	if req.Query != "" {
@@ -495,9 +492,6 @@ func (a *App) ManageSubscriberListsByQuery(c echo.Context) error {
 
 	req.Search = strings.TrimSpace(req.Search)
 	req.Query = formatSQLExp(req.Query)
-	if req.Search == "" && req.Query == "" {
-		return echo.NewHTTPError(http.StatusBadRequest, a.i18n.Ts("globals.messages.invalidFields", "name", "query"))
-	}
 
 	// Does the user have the subscribers:sql_query permission?
 	if req.Query != "" {

cmd/templates.go

@@ -157,7 +157,7 @@ func (a *App) UpdateTemplate(c echo.Context) error {
 	// Subject is only relevant for fixed tx templates. For campaigns,
 	// the subject changes per campaign and is on models.Campaign.
 	var funcs template.FuncMap
-	if o.Type == models.TemplateTypeCampaign {
+	if o.Type == models.TemplateTypeCampaign || o.Type == models.TemplateTypeCampaignVisual {
 		o.Subject = ""
 		funcs = a.manager.TemplateFuncs(nil)
 	} else {

cmd/users.go

@@ -13,7 +13,7 @@ import (
 )
 
 var (
-	reUsername = regexp.MustCompile(`^[a-zA-Z0-9_\\-\\.]+$`)
+	reUsername = regexp.MustCompile(`^[a-zA-Z0-9_\-\.@]+$`)
 )
 
 // GetUser retrieves a single user by ID.
@@ -56,7 +56,7 @@ func (a *App) CreateUser(c echo.Context) error {
 
 	u.Username = strings.TrimSpace(u.Username)
 	u.Name = strings.TrimSpace(u.Name)
-	email := strings.TrimSpace(u.Email.String)
+	email := strings.ToLower(strings.TrimSpace(u.Email.String))
 
 	// Validate fields.
 	if !strHasLen(u.Username, 3, stdInputMaxLen) {
@@ -111,7 +111,7 @@ func (a *App) UpdateUser(c echo.Context) error {
 
 	u.Username = strings.TrimSpace(u.Username)
 	u.Name = strings.TrimSpace(u.Name)
-	email := strings.TrimSpace(u.Email.String)
+	email := strings.ToLower(strings.TrimSpace(u.Email.String))
 
 	// Validate fields.
 	if !strHasLen(u.Username, 3, stdInputMaxLen) {

docs/docs/content/oidc.md

@@ -0,0 +1,77 @@
+
+## OIDC Single Sign On
+
+Listmonk supports single sign-on with OIDC (OpenID Connect). Any standards compliant OIDC provider can be configured in Settings -> Security -> OIDC
+
+!!! note "Automatic user creation"
+    There is no support for automatic user creation via OIDC currently. The Super Admin must create users prior in Admin -> Users with the same e-mail address that is expected from the OIDC provider per user.
+
+
+# Tutorials
+
+Tutorials for configuring listmonk SSO with popular OIDC providers.
+
+## Keycloak
+Keycloak configuration for listmonk SSO integration.
+
+### 1. Create a new client in Keycloak
+In the Keycloak admin, use an existing realm, or create a new realm. Create a new client in `Clients → Create`.
+
+- **General Settings**
+    - **Client type**: `OpenID Connect`
+    - **Client ID**: `listmonk` (or any preferred name)
+    - **Name**: Optional descriptive name (e.g., "listmonk SSO")
+- **Capability Config**:
+    - **Client authentication**: On
+    - **Authorization**: On
+    - **Authentication Flow**
+        - **Standard Flow**: On
+        - **Direct Access grants**: On
+- **Login Settings**:
+    - **Root URL**: Copy the **Redirect URL for oAuth provider** value from listmonk Admin -> Settings -> Security -> OIDC. It will look like `https://listmonk.yoursite.com/auth/oidc`
+    - **Valid redirect URIs**: Same as the Root URL above
+    - **Valid post logout redirect URIs**: *
+
+After the client creation steps above, go to the client's `Credentials` tab and copy the `Client Secret`.
+
+### 2. Configure Listmonk
+2. In Listmonk Admin -> Settings -> Security -> OIDC.
+    - **Enable OIDC SSO**: Turn on
+    - **Provider URL**: `https://keycloak.yoursite.com/auth/realms/{realm}` (replace `{realm}` with the chosen realm name)
+    - **Provider name**: Set a name to show on the listmonk login form, eg: `Login with OrgName`
+    - **Client ID**: Client ID set in Keycloak, eg: `listmonk`
+    - **Client Secret**: Client Secret copied from Keycloak
+
+
+
+## Authentik  
+Authentik configuration for listmonk SSO integration.
+
+### 1. Create a new OIDC provider in Authentik
+In the Authentik admin interface, create a new OIDC provider for listmonk.
+
+- **Provider Settings**:  
+    - **Name**: `listmonk` (or any preferred name)
+    - **Signing Key**: `authentik Self-signed Certificate`
+    - **Client Type**: `Confidential`
+    - **Client ID**: `listmonk` (or any preferred name)
+    - **Redirect URIs**: Copy the **Redirect URL for oAuth provider** value from listmonk Admin -> Settings -> Security -> OIDC. It will look like `https://listmonk.yoursite.com/auth/oidc`
+
+After creating the provider, copy the **Client Secret**.
+
+### 2. Create an application in Authentik
+Create a new application and connect it to the newly created provider.
+
+- **Application Settings**:
+    - **Name**: `listmonk` (or any preferred name)
+    - **Slug**: `listmonk` (or any preferred slug. Used in the redirect URL)
+    - **Provider**: Select the OIDC provider created in the previous step
+
+### 3. Configure listmonk
+In listmonk Admin → Settings → Security → OIDC:
+
+- **Enable OIDC SSO**: Turn on
+- **Provider URL**: `https://authentik.yoursite.com/application/o/{slug}/` (replace `{slug}` with the application's slug)
+- **Provider Name**: Set a name to show on the login form (e.g., `Login with OrgName`)
+- **Client ID**: Client ID set in Authentik (e.g., `listmonk`)
+- **Client Secret**: Client Secret copied from Authentik

docs/docs/mkdocs.yml

@@ -54,6 +54,7 @@ nav:
     - "Internationalization": "i18n.md"
     - "Integrating with external systems": external-integration.md
     - "User roles and permissions": roles-and-permissions.md
+    - "OIDC SSO": oidc.md
   - "API":
     - "Introduction": apis/apis.md
     - "SDKs and libs": apis/sdks.md

docs/docs/requirements.txt

@@ -0,0 +1,4 @@
+mkdocs>=1.6.1
+mkdocs-material>=9.6.14
+mkdocs-material-extensions>=1.3.1
+pymdown-extensions>=10.15

docs/site/data/github.json

@@ -1 +1 @@
-{"version":"v5.0.0","date":"2025-04-28T19:00:04Z","url":"https://github.com/knadh/listmonk/releases/tag/v5.0.0","assets":[{"name":"darwin","url":"https://github.com/knadh/listmonk/releases/download/v5.0.0/listmonk_5.0.0_darwin_amd64.tar.gz"},{"name":"freebsd","url":"https://github.com/knadh/listmonk/releases/download/v5.0.0/listmonk_5.0.0_freebsd_amd64.tar.gz"},{"name":"linux","url":"https://github.com/knadh/listmonk/releases/download/v5.0.0/listmonk_5.0.0_linux_amd64.tar.gz"},{"name":"netbsd","url":"https://github.com/knadh/listmonk/releases/download/v5.0.0/listmonk_5.0.0_netbsd_amd64.tar.gz"},{"name":"openbsd","url":"https://github.com/knadh/listmonk/releases/download/v5.0.0/listmonk_5.0.0_openbsd_amd64.tar.gz"},{"name":"windows","url":"https://github.com/knadh/listmonk/releases/download/v5.0.0/listmonk_5.0.0_windows_amd64.tar.gz"}]}
+{"version":"v5.0.1","date":"2025-05-25T09:59:32Z","url":"https://github.com/knadh/listmonk/releases/tag/v5.0.1","assets":[{"name":"darwin","url":"https://github.com/knadh/listmonk/releases/download/v5.0.1/listmonk_5.0.1_darwin_amd64.tar.gz"},{"name":"freebsd","url":"https://github.com/knadh/listmonk/releases/download/v5.0.1/listmonk_5.0.1_freebsd_amd64.tar.gz"},{"name":"linux","url":"https://github.com/knadh/listmonk/releases/download/v5.0.1/listmonk_5.0.1_linux_amd64.tar.gz"},{"name":"netbsd","url":"https://github.com/knadh/listmonk/releases/download/v5.0.1/listmonk_5.0.1_netbsd_amd64.tar.gz"},{"name":"openbsd","url":"https://github.com/knadh/listmonk/releases/download/v5.0.1/listmonk_5.0.1_openbsd_amd64.tar.gz"},{"name":"windows","url":"https://github.com/knadh/listmonk/releases/download/v5.0.1/listmonk_5.0.1_windows_amd64.tar.gz"}]}

docs/site/layouts/index.html

@@ -50,6 +50,8 @@ <h3>Binary</h3>
 
           <br />
           <h3>Hosting providers</h3>
+          <a href="https://www.kloudbean.com/listmonk-self-hosted"><img src="https://storage-basic.kloudbean.com/opensource/deploy_on_kloudbean_listmonk.svg" alt="One-click deploy on Kloudbean" style="max-height: 32px;" /></a>
+          <br />
           <a href="https://railway.app/new/template/listmonk"><img src="https://railway.app/button.svg" alt="One-click deploy on Railway" style="max-height: 32px;" /></a>
           <br />
           <a href="https://www.pikapods.com/pods?run=listmonk"><img src="https://www.pikapods.com/static/run-button.svg" alt="Deploy on PikaPod" /></a>

frontend/package.json

@@ -53,7 +53,7 @@
     "eslint-plugin-import": "^2.23.3",
     "eslint-plugin-vue": "^9.19.2",
     "sass": "^1.34.0",
-    "vite": "^5.4.18",
+    "vite": "^5.4.19",
     "vue-eslint-parser": "^9.3.2",
     "vue-template-compiler": "^2.6.12"
   },

frontend/src/components/Editor.vue

@@ -318,6 +318,10 @@ export default {
       if (this.self.contentType === 'visual') {
         this.visualTemplateId = this.validTemplates[0]?.id || null;
       } else {
+        if (this.templateId) {
+          return;
+        }
+
         const defaultTemplate = this.validTemplates.find((t) => t.isDefault === true);
         this.templateId = defaultTemplate?.id || this.validTemplates[0]?.id || null;
       }