From 10472d5c0d81f734ddff6b1bd3def51aae05a2e0 Mon Sep 17 00:00:00 2001
From: Philippe PITTOLI
Date: Mon, 27 Jan 2020 13:16:16 +0100
Subject: [PATCH] On user registration: email address verification and sending
activation email.
---
shard.yml | 4 +++-
src/authd.cr | 8 ++++++--
src/main.cr | 46 +++++++++++++++++++++++++++++++++-------------
3 files changed, 42 insertions(+), 16 deletions(-)
diff --git a/shard.yml b/shard.yml
index b8dc65f..96b2d16 100644
--- a/shard.yml
+++ b/shard.yml
@@ -12,9 +12,11 @@ targets:
authd:
main: src/main.cr
-crystal: 0.27
+crystal: 0.31
dependencies:
+ grok:
+ github: spinscale/grok.cr
passwd:
git: https://git.karchnu.fr/WeirdOS/passwd.cr
branch: master
diff --git a/src/authd.cr b/src/authd.cr
index 8ef2116..b253ced 100644
--- a/src/authd.cr
+++ b/src/authd.cr
@@ -417,9 +417,13 @@ module AuthD
end
end
- def register(login : String, password : String, profile : JSON::Any?) : ::AuthD::User::Public?
- send Request::Register.new login, password, profile
+ def register(login : String,
+ password : String,
+ email : String?,
+ phone : String?,
+ profile : JSON::Any?) : ::AuthD::User::Public?
+ send Request::Register.new login, password, email, phone, profile
response = Response.from_ipc read
case response
diff --git a/src/main.cr b/src/main.cr
index 08e8203..afcaa1b 100644
--- a/src/main.cr
+++ b/src/main.cr
@@ -6,6 +6,8 @@ require "jwt"
require "ipc"
require "dodb"
+require "grok"
+
require "./authd.cr"
extend AuthD
@@ -62,6 +64,8 @@ class AuthD::Service
Response::Token.new token.to_s @jwt_key
when Request::AddUser
+ # No verification of the users' informations when an admin adds it.
+ # No mail address verification.
if request.shared_key != @jwt_key
return Response::Error.new "invalid authentication key"
end
@@ -79,7 +83,7 @@ class AuthD::Service
uid = new_uid
user = User.new uid, request.login, password_hash
- user.contact.email = request.email
+ user.contact.email = request.email unless request.email.nil?
user.contact.phone = request.phone unless request.phone.nil?
request.profile.try do |profile|
@@ -88,18 +92,6 @@ class AuthD::Service
@users << user
- # Once the user is created and stored, we try to contact him
- # TODO: send a mail
- unless Process.run("activation-mailer", [
- "-l", user.login,
- "-e", user.contact.email.not_nil!,
- "-t", "Activation email",
- "-f", "karchnu@localhost",
- "-a", user.contact.activation_key.not_nil!
- ]).success?
- return Response::Error.new "cannot contact the user"
- end
-
Response::UserAdded.new user.to_public
when Request::ValidateUser
if request.shared_key != @jwt_key
@@ -178,10 +170,27 @@ class AuthD::Service
return Response::Error.new "login already used"
end
+ if @require_email && request.email.nil?
+ return Response::Error.new "email required"
+ end
+
+ if ! request.email.nil?
+ # Test on the email address format.
+ grok = Grok.new [ "%{EMAILADDRESS:email}" ]
+ result = grok.parse request.email.not_nil!
+ email = result["email"]?
+
+ if email.nil?
+ return Response::Error.new "invalid email format"
+ end
+ end
+
uid = new_uid
password = hash_password request.password
user = User.new uid, request.login, password
+ user.contact.email = request.email unless request.email.nil?
+ user.contact.phone = request.phone unless request.phone.nil?
request.profile.try do |profile|
user.profile = profile
@@ -189,6 +198,17 @@ class AuthD::Service
@users << user
+ # Once the user is created and stored, we try to contact him
+ unless Process.run("activation-mailer", [
+ "-l", user.login,
+ "-e", user.contact.email.not_nil!,
+ "-t", "Activation email",
+ "-f", "karchnu@localhost",
+ "-a", user.contact.activation_key.not_nil!
+ ]).success?
+ return Response::Error.new "cannot contact the user (but still registered)"
+ end
+
Response::UserAdded.new user.to_public
when Request::UpdatePassword
user = @users_per_login.get? request.login