diff options
author | Josh Morel <morel.josh@hotmail.com> | 2018-08-31 03:18:19 -0400 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-08-31 09:18:19 +0200 |
commit | d9eaee3939bf2e93e5d775d32bce77842201faba (patch) | |
tree | c115acb3611986b98f51b3addf29ebe66f63ee7f /server/middlewares/validators | |
parent | 04291e1ba44032165388758e993d385a10c1c5a1 (diff) | |
download | PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.gz PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.tar.zst PeerTube-d9eaee3939bf2e93e5d775d32bce77842201faba.zip |
add user account email verificiation (#977)
* add user account email verificiation
includes server and client code to:
* enable verificationRequired via custom config
* send verification email with registration
* ask for verification email
* verify via email
* prevent login if not verified and required
* conditional client links to ask for new verification email
* allow login for verified=null
these are users created when verification not required
should still be able to login when verification is enabled
* refactor email verifcation pr
* change naming from verified to emailVerified
* change naming from askVerifyEmail to askSendVerifyEmail
* undo unrelated automatic prettier formatting on api/config
* use redirectService for home
* remove redundant success notification on email verified
* revert test.yaml smpt host
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/users.ts | 46 |
1 files changed, 45 insertions, 1 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 6c5e783e9..a595c39ec 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -248,6 +248,48 @@ const usersResetPasswordValidator = [ | |||
248 | } | 248 | } |
249 | ] | 249 | ] |
250 | 250 | ||
251 | const usersAskSendVerifyEmailValidator = [ | ||
252 | body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'), | ||
253 | |||
254 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
255 | logger.debug('Checking askUsersSendVerifyEmail parameters', { parameters: req.body }) | ||
256 | |||
257 | if (areValidationErrors(req, res)) return | ||
258 | const exists = await checkUserEmailExist(req.body.email, res, false) | ||
259 | if (!exists) { | ||
260 | logger.debug('User with email %s does not exist (asking verify email).', req.body.email) | ||
261 | // Do not leak our emails | ||
262 | return res.status(204).end() | ||
263 | } | ||
264 | |||
265 | return next() | ||
266 | } | ||
267 | ] | ||
268 | |||
269 | const usersVerifyEmailValidator = [ | ||
270 | param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), | ||
271 | body('verificationString').not().isEmpty().withMessage('Should have a valid verification string'), | ||
272 | |||
273 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
274 | logger.debug('Checking usersVerifyEmail parameters', { parameters: req.params }) | ||
275 | |||
276 | if (areValidationErrors(req, res)) return | ||
277 | if (!await checkUserIdExist(req.params.id, res)) return | ||
278 | |||
279 | const user = res.locals.user as UserModel | ||
280 | const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id) | ||
281 | |||
282 | if (redisVerificationString !== req.body.verificationString) { | ||
283 | return res | ||
284 | .status(403) | ||
285 | .send({ error: 'Invalid verification string.' }) | ||
286 | .end() | ||
287 | } | ||
288 | |||
289 | return next() | ||
290 | } | ||
291 | ] | ||
292 | |||
251 | // --------------------------------------------------------------------------- | 293 | // --------------------------------------------------------------------------- |
252 | 294 | ||
253 | export { | 295 | export { |
@@ -263,7 +305,9 @@ export { | |||
263 | ensureUserRegistrationAllowedForIP, | 305 | ensureUserRegistrationAllowedForIP, |
264 | usersGetValidator, | 306 | usersGetValidator, |
265 | usersAskResetPasswordValidator, | 307 | usersAskResetPasswordValidator, |
266 | usersResetPasswordValidator | 308 | usersResetPasswordValidator, |
309 | usersAskSendVerifyEmailValidator, | ||
310 | usersVerifyEmailValidator | ||
267 | } | 311 | } |
268 | 312 | ||
269 | // --------------------------------------------------------------------------- | 313 | // --------------------------------------------------------------------------- |