Originally we used SHARED secret both for email and for the API. That
was a bad idea, and now that we're only using this value for one case,
I've renamed it to reflect its actual use.
After tinkering with this for about 2 hours, I'm reasonably sure this
ever worked. This feature was added by me in haste and poked by by the
occasional contributor, and it suffered from neglect.
* Removed the requirement for signature generation in favour of simply
requiring BasicAuth or a valid session id.
* Fixed a number of bugs in the form itself that would have ensured that
the form never accepted anything.
* Documented it all properly so now (hopefully) people will have less
trouble figuring it out in the future.
This makes it clear that only a specific set of characters is allowed to
be used for email titles. It is worth mentioning this in the
documentation as it otherwise needs to be figured out from the Paperless
sources [0].
[0] SAFE_REGEX in src/documents/models.py
The configuration does not have to be hardcoded in settings.py anymore,
and instead happens in the config file. Also, we added that the emails
are checked at startup [0].
[0] see commit 3153bbd6a8d674362eccb4d48b8458b33298f6a9
