From ff62250e9a1f0d1646d3f47288f0b5337a9a7a19 Mon Sep 17 00:00:00 2001
From: "arnaud.morvan@camptocamp.com" <arnaud.morvan@camptocamp.com>
Date: Thu, 21 Nov 2019 15:50:21 +0100
Subject: [PATCH] Start TLS before login on SMTP server

And do not send not encrypted credentials over network
---
 commons/c2cgeoportal_commons/lib/email_.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/commons/c2cgeoportal_commons/lib/email_.py b/commons/c2cgeoportal_commons/lib/email_.py
index ea93b1ccfc..ffcfc7a836 100644
--- a/commons/c2cgeoportal_commons/lib/email_.py
+++ b/commons/c2cgeoportal_commons/lib/email_.py
@@ -77,10 +77,10 @@ def send_email(
         smtp = smtplib.SMTP_SSL(smtp_config['host'])  # type: smtplib.SMTP
     else:
         smtp = smtplib.SMTP(smtp_config['host'])
-    if smtp_config.get('user', False):
-        smtp.login(smtp_config['user'], smtp_config['password'])
     if smtp_config.get('starttls', False):
         smtp.starttls()
+    if smtp_config.get("user", False):
+        smtp.login(smtp_config["user"], smtp_config["password"])
 
     smtp.sendmail(from_addr, to_addrs, msg.as_string())
     smtp.close()