From d9eaee3939bf2e93e5d775d32bce77842201faba Mon Sep 17 00:00:00 2001 From: Josh Morel Date: Fri, 31 Aug 2018 03:18:19 -0400 Subject: add user account email verificiation (#977) * add user account email verificiation includes server and client code to: * enable verificationRequired via custom config * send verification email with registration * ask for verification email * verify via email * prevent login if not verified and required * conditional client links to ask for new verification email * allow login for verified=null these are users created when verification not required should still be able to login when verification is enabled * refactor email verifcation pr * change naming from verified to emailVerified * change naming from askVerifyEmail to askSendVerifyEmail * undo unrelated automatic prettier formatting on api/config * use redirectService for home * remove redundant success notification on email verified * revert test.yaml smpt host --- server/initializers/checker.ts | 3 ++- server/initializers/constants.ts | 6 +++++- server/initializers/installer.ts | 1 + .../migrations/0265-user-email-verified.ts | 24 ++++++++++++++++++++++ 4 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 server/initializers/migrations/0265-user-email-verified.ts (limited to 'server/initializers') diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts index 916e9067e..ee02ecf48 100644 --- a/server/initializers/checker.ts +++ b/server/initializers/checker.ts @@ -49,7 +49,8 @@ function checkMissedConfig () { 'log.level', 'user.video_quota', 'user.video_quota_daily', 'cache.previews.size', 'admin.email', - 'signup.enabled', 'signup.limit', 'signup.filters.cidr.whitelist', 'signup.filters.cidr.blacklist', + 'signup.enabled', 'signup.limit', 'signup.requires_email_verification', + 'signup.filters.cidr.whitelist', 'signup.filters.cidr.blacklist', 'transcoding.enabled', 'transcoding.threads', 'import.videos.http.enabled', 'instance.name', 'instance.short_description', 'instance.description', 'instance.terms', 'instance.default_client_route', diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts index 2d9a2e670..5d93c6b82 100644 --- a/server/initializers/constants.ts +++ b/server/initializers/constants.ts @@ -15,7 +15,7 @@ let config: IConfig = require('config') // --------------------------------------------------------------------------- -const LAST_MIGRATION_VERSION = 260 +const LAST_MIGRATION_VERSION = 265 // --------------------------------------------------------------------------- @@ -204,6 +204,7 @@ const CONFIG = { SIGNUP: { get ENABLED () { return config.get('signup.enabled') }, get LIMIT () { return config.get('signup.limit') }, + get REQUIRES_EMAIL_VERIFICATION () { return config.get('signup.requires_email_verification') }, FILTERS: { CIDR: { get WHITELIST () { return config.get('signup.filters.cidr.whitelist') }, @@ -500,6 +501,8 @@ const BCRYPT_SALT_SIZE = 10 const USER_PASSWORD_RESET_LIFETIME = 60000 * 5 // 5 minutes +const USER_EMAIL_VERIFY_LIFETIME = 60000 * 60 // 60 minutes + const NSFW_POLICY_TYPES: { [ id: string]: NSFWPolicyType } = { DO_NOT_LIST: 'do_not_list', BLUR: 'blur', @@ -661,6 +664,7 @@ export { VIDEO_ABUSE_STATES, JOB_REQUEST_TIMEOUT, USER_PASSWORD_RESET_LIFETIME, + USER_EMAIL_VERIFY_LIFETIME, IMAGE_MIMETYPE_EXT, SCHEDULER_INTERVALS_MS, REPEAT_JOBS, diff --git a/server/initializers/installer.ts b/server/initializers/installer.ts index d4aaec8fe..818bb04a2 100644 --- a/server/initializers/installer.ts +++ b/server/initializers/installer.ts @@ -122,6 +122,7 @@ async function createOAuthAdminIfNotExist () { email, password, role, + verified: true, nsfwPolicy: CONFIG.INSTANCE.DEFAULT_NSFW_POLICY, videoQuota: -1, videoQuotaDaily: -1 diff --git a/server/initializers/migrations/0265-user-email-verified.ts b/server/initializers/migrations/0265-user-email-verified.ts new file mode 100644 index 000000000..59dfdad2b --- /dev/null +++ b/server/initializers/migrations/0265-user-email-verified.ts @@ -0,0 +1,24 @@ +import * as Sequelize from 'sequelize' + +async function up (utils: { + transaction: Sequelize.Transaction + queryInterface: Sequelize.QueryInterface + sequelize: Sequelize.Sequelize +}): Promise { + { + const data = { + type: Sequelize.BOOLEAN, + allowNull: true, + defaultValue: null + } + + await utils.queryInterface.addColumn('user', 'emailVerified', data) + } + +} + +function down (options) { + throw new Error('Not implemented.') +} + +export { up, down } -- cgit v1.2.3