From: Ivan Tashkinov Date: Mon, 17 Dec 2018 14:28:58 +0000 (+0300) Subject: [#114] Account confirmation email, registration as unconfirmed (config-based), auth... X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=1de0aa2f1025d4a860a11e658ce5fed26fe1c4ad;p=akkoma [#114] Account confirmation email, registration as unconfirmed (config-based), auth prevention for unconfirmed. --- diff --git a/lib/pleroma/emails/user_email.ex b/lib/pleroma/emails/user_email.ex index 7e3e9b020..856816386 100644 --- a/lib/pleroma/emails/user_email.ex +++ b/lib/pleroma/emails/user_email.ex @@ -15,6 +15,7 @@ defmodule Pleroma.UserEmail do defp recipient(email, nil), do: email defp recipient(email, name), do: {name, email} + defp recipient(%Pleroma.User{} = user), do: recipient(user.email, user.name) def password_reset_email(user, password_reset_token) when is_binary(password_reset_token) do password_reset_url = @@ -32,7 +33,7 @@ defmodule Pleroma.UserEmail do """ new() - |> to(recipient(user.email, user.name)) + |> to(recipient(user)) |> from(sender()) |> subject("Password reset") |> html_body(html_body) @@ -63,4 +64,25 @@ defmodule Pleroma.UserEmail do |> subject("Invitation to #{instance_name()}") |> html_body(html_body) end + + def account_confirmation_email(user) do + confirmation_url = + Router.Helpers.confirm_email_url( + Endpoint, + :confirm_email, + to_string(user.info.confirmation_token) + ) + + html_body = """ +

Welcome to #{instance_name()}!

+

Email confirmation is required to activate the account.

+

Click the following link to proceed: activate your account.

+ """ + + new() + |> to(recipient(user)) + |> from(sender()) + |> subject("#{instance_name()} account confirmation") + |> html_body(html_body) + end end diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex index ee0a0dfb9..a38ead81a 100644 --- a/lib/pleroma/user.ex +++ b/lib/pleroma/user.ex @@ -38,6 +38,8 @@ defmodule Pleroma.User do timestamps() end + def auth_active?(user), do: user.info && !user.info.confirmation_pending + def avatar_url(user) do case user.avatar do %{"url" => [%{"href" => href} | _]} -> href diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex index f75984038..9ce9129cd 100644 --- a/lib/pleroma/user/info.ex +++ b/lib/pleroma/user/info.ex @@ -143,6 +143,20 @@ defmodule Pleroma.User.Info do ]) end + def confirmation_update(info, :confirmed) do + confirmation_update(info, %{ + confirmation_pending: false, + confirmation_token: nil + }) + end + + def confirmation_update(info, :unconfirmed) do + confirmation_update(info, %{ + confirmation_pending: true, + confirmation_token: :crypto.strong_rand_bytes(32) |> Base.url_encode64() + }) + end + def confirmation_update(info, params) do cast(info, params, [:confirmation_pending, :confirmation_token]) end diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 20c2e799b..10158f07e 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -31,6 +31,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do }) do with %User{} = user <- User.get_by_nickname_or_email(name), true <- Pbkdf2.checkpw(password, user.password_hash), + true <- User.auth_active?(user), %App{} = app <- Repo.get_by(App, client_id: client_id), {:ok, auth} <- Authorization.create_authorization(app, user) do # Special case: Local MastodonFE. @@ -101,6 +102,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do with %App{} = app <- get_app_from_request(conn, params), %User{} = user <- User.get_by_nickname_or_email(name), true <- Pbkdf2.checkpw(password, user.password_hash), + true <- User.auth_active?(user), {:ok, auth} <- Authorization.create_authorization(app, user), {:ok, token} <- Token.exchange_token(app, auth) do response = %{ diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index b2fbc088d..0e4589116 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -281,7 +281,8 @@ defmodule Pleroma.Web.Router do post("/account/register", TwitterAPI.Controller, :register) post("/account/password_reset", TwitterAPI.Controller, :password_reset) - get("/account/confirm_email/:token", TwitterAPI.Controller, :confirm_email) + + get("/account/confirm_email/:token", TwitterAPI.Controller, :confirm_email, as: :confirm_email) get("/search", TwitterAPI.Controller, :search) get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline) diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex index 38653f0b8..3baeba619 100644 --- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex +++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex @@ -174,6 +174,8 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do closed: if(Keyword.get(instance, :registrations_open), do: "0", else: "1"), private: if(Keyword.get(instance, :public, true), do: "0", else: "1"), vapidPublicKey: vapid_public_key, + accountActivationRequired: + if(Keyword.get(instance, :account_activation_required, false), do: "1", else: "0"), invitesEnabled: if(Keyword.get(instance, :invites_enabled, false), do: "1", else: "0") } diff --git a/lib/pleroma/web/twitter_api/twitter_api.ex b/lib/pleroma/web/twitter_api/twitter_api.ex index 90b8345c5..b77761aa4 100644 --- a/lib/pleroma/web/twitter_api/twitter_api.ex +++ b/lib/pleroma/web/twitter_api/twitter_api.ex @@ -1,8 +1,10 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do alias Pleroma.{UserInviteToken, User, Activity, Repo, Object} + alias Pleroma.{UserEmail, Mailer} alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.TwitterAPI.UserView alias Pleroma.Web.CommonAPI + import Ecto.Query def create_status(%User{} = user, %{"status" => _} = data) do @@ -165,6 +167,22 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do with {:ok, user} <- Repo.insert(changeset) do !registrations_open && UserInviteToken.mark_as_used(token.token) + + if Pleroma.Config.get([:instance, :account_activation_required]) do + info_change = User.Info.confirmation_update(user.info, :unconfirmed) + + {:ok, unconfirmed_user} = + user + |> Ecto.Changeset.change() + |> Ecto.Changeset.put_embed(:info, info_change) + |> Repo.update() + + {:ok, _} = + unconfirmed_user + |> UserEmail.account_confirmation_email() + |> Mailer.deliver() + end + {:ok, user} else {:error, changeset} -> @@ -189,8 +207,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do %User{local: true} = user <- User.get_by_nickname_or_email(nickname_or_email), {:ok, token_record} <- Pleroma.PasswordResetToken.create_token(user) do user - |> Pleroma.UserEmail.password_reset_email(token_record.token) - |> Pleroma.Mailer.deliver() + |> UserEmail.password_reset_email(token_record.token) + |> Mailer.deliver() else false -> {:error, "bad user identifier"} diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex index 2680be25f..e8a3150e9 100644 --- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex +++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex @@ -13,6 +13,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do require Logger plug(:only_if_public_instance when action in [:public_timeline, :public_and_external_timeline]) + plug(:fetch_flash when action in [:confirm_email]) action_fallback(:errors) def verify_credentials(%{assigns: %{user: user}} = conn, _params) do @@ -375,8 +376,7 @@ defmodule Pleroma.Web.TwitterAPI.Controller do def confirm_email(conn, %{"token" => token}) do with %User{} = user <- User.get_by_confirmation_token(token), true <- user.local, - new_info_fields <- %{confirmation_pending: false, confirmation_token: nil}, - info_change <- User.Info.confirmation_update(user.info, new_info_fields), + info_change <- User.Info.confirmation_update(user.info, :confirmed), changeset <- Changeset.change(user) |> Changeset.put_embed(:info, info_change), {:ok, _} <- User.update_and_set_cache(changeset) do conn